North Korean-backed hackers stole at the least $659 million via a number of cryptocurrency heists in 2024, whereas additionally deploying IT staff to infiltrate blockchain firms as insider threats, in response to Japan, South Korea, and the US in a uncommon joint assertion (PDF) on Tuesday.
The announcement supplied the primary official affirmation that North Korea was behind July’s $235 million hack of WazirX, India’s largest cryptocurrency change. The July 2024 breach compelled WazirX to droop buying and selling and later restructure the agency.
Different main assaults included a $308 million theft from Japan’s DMM Bitcoin, $50 million every from Upbit and Radiant Capital, and $16.13 million from Rain Administration, in response to the joint assertion.
The assertion says the Lazarus Group, a identified menace group of North Korean hackers, carried out social engineering assaults and deployed cryptocurrency-stealing malware like TraderTraitor to breach exchanges, whereas additionally infiltrating firms by having North Korean IT staff pose as job candidates, in response to the assertion.
“The USA, Japan, and the Republic of Korea advise personal sector entities, notably in blockchain and freelance work industries, to completely assessment these advisories and bulletins to raised inform cyber menace mitigation measures and mitigate the danger of inadvertently hiring DPRK IT staff,” the governments mentioned.
Earlier U.N. reviews estimated that North Korea stole $3 billion in cryptocurrency between 2017 and 2023 to fund its sanctioned nuclear weapons packages. Current knowledge from Chainalysis confirmed North Korean hackers have been answerable for 61% of all cryptocurrency stolen in 2024, totaling $1.34 billion.
