North Korean hackers attacked crypto platforms at least seven times last year. Crypto analysts Chainalysis report that these attacks resulted in the theft of almost $400 million worth of digital assets.
In a blog post, the blockchain data company wrote, "Once North Korea gained possession of the funds, it diligently laundered them to hide their origins and cash out."
There were only four North Korean hacks in 2020, compared to seven in 2021. Chainlaysis estimates that the value of these hacks increased by 40% between 2020 and 2021.
Nevertheless, it's important to note that Bitcoin has grown by 303% from the latter half of 2020 to the first half of 2021, and Ethereum–the second largest crypto asset by market cap–has grown by 472%.
Chainalysis data shows that Bitcoin constitutes just 20% of the stolen funds when expressed in dollars.
In contrast, Ethereum accounts for a large percentage of the stolen funds from the hermit kingdom. North Korea has now stolen 58% of its crypto funds in the form of Ethereum.
This, in turn, sheds light on exactly how North Korea uses the theft of crypto funds to launder money.
According to the blockchain data company, the process begins by exchanging Ethereum-based ERC-20 tokens and different crypto assets for Ethereum through a decentralized exchange.
A mixer is used then to combine Ethereum and scramble cryptocurrencies from thousands of addresses. Chainalysis describes mixers as "software tools that pool and scramble crypto assets from thousands of addresses.
After the funds are converted to bitcoin, they are mixed again and consolidated into a new wallet.
Mixed Bitcoins are then sent to deposit addresses at exchanges where the crypto can be exchanged for fiat. These exchanges typically operate across Asia.
In 2021, over 65% of the regime's stolen funds were laundered through mixers, a strategy that is central to North Korea's illicit crypto empire. But only 42% and 21% were laundered in each of those two years.
One highlight of the year was the August 19 hack of Liquid.com, a cryptocurrency exchange where 67 different ERC-20 tokens were moved to addresses controlled by North Korean actors, as well as some Bitcoin and Ethereum.
State-backed cybercriminals at North Korea's disposal are represented by the Lazarus Group, led by the Reconnaissance General Bureau, the country's principal intelligence agency.
Cyberattacks by North Korea against Sony Pictures and WannaCry revealed the Lazarus Group to the general public.
Chainalysis said the group has laundered millions of dollars worth of virtual currencies every year since 2018.
KuCoin, a popular cryptocurrency exchange, has also been targeted by the Lazarus Group, which has spent approximately $250 million in cryptocurrency.
In addition, the company found that North Korea's stolen cryptocurrency amounted to $170 million from 49 hacks that occurred between 2017 and 2021.
Although this may seem like a problem, the crypto analytics platform suggests that the inherent transparency of many crypto assets can serve as a good solution.
By leveraging blockchain analysis tools, compliance teams, criminal investigators, and hack victims can track the movement of stolen funds, freeze assets to prevent fraud, and hold criminals accountable.