A recent report by the UN sanctions monitors alleges that crypto theft in North Korea hit a total of $1 billion.
According to a Reuters publication citing the United Nations, crypto theft in North Korea swelled to a record high last year. The report states that the record amount of digital currencies stolen in the East Asian nation alarmed the rest of the globe as North Korean hackers also targeted systems operated by foreign aerospace and defense companies.
A report submitted to a UN council for North Korean sanctions read:
“A higher value of cryptocurrency assets was stolen by DPRK (Democratic People’s Republic of Korea) actors in 2022 than in any previous year.”
Additionally, the UN report said:
“(North Korea) used increasingly sophisticated cyber techniques both to gain access to digital networks involved in cyber finance and to steal information of potential value, including to its weapons programs.”
According to an unnamed cybersecurity firm, estimates of the stolen value ranged from $630 million to more than $1 billion. Furthermore, independent sanction monitors allege North Korea used crypto theft and cyber attacks to fund its nuclear and missile programs.
Although North Korea previously denied allegations of cyberattacks, the UN report runs contrary. Instead, the report claims that the country’s primary intelligence agency Reconnaissance General Bureau masterminded these hacks and cyber attacks.
Some of the stated hacking groups controlled by the North Korean Bureau included Lazarus Group, Kimsuky, and Andariel. According to the findings, “these actors continued illicitly to target victims to generate revenue” and provide invaluable information to North Korea’s weapons programs.
North Korea Crypto Theft More Sophisticated Than Ever
The UN report also pointed out that the techniques deployed by cyber threat actors have become more sophisticated. As a result, it is proving more challenging to track stolen funds.
The sanctions monitors further broke down how the accused North Korean groups carried out their malevolent activities. According to findings, the groups introduced malware via several methods, including phishing which targeted workforces across global organizations. As the UN report put it, “initial contacts with individuals were made via LinkedIn, and once a level of trust with the targets was established, malicious payloads were delivered through continued communications over WhatsApp.”
A cybersecurity firm also added that a North Korean-affiliated group called H0lyGh0st previously extorted ransoms from numerous companies in several countries. These companies, ranging from small to medium-sized firms, fell victim to widely distributed ransomware that was part of a financially motivated campaign.
Amid the United States’ unending warnings that North Korea plans to execute a seventh nuclear test, the UN report also shed light on said nuclear armaments. According to the monitors, the North Korean capital Pyongyang still produces nuclear fissile materials at its facilities. In addition, the province-level municipality launched no less than 73 ballistic missiles last year. Of these launched missiles, eight were of the intercontinental ballistic variety.
North Korea continues to carry out nuclear weapons tests despite being banned by the Security Council.
The UN report on North Korean cyber attack activities is due for a public release later this month or early March.
Tolu is a cryptocurrency and blockchain enthusiast based in Lagos. He likes to demystify crypto stories to the bare basics so that anyone anywhere can understand without too much background knowledge.
When he’s not neck-deep in crypto stories, Tolu enjoys music, loves to sing and is an avid movie lover.