North Korean-backed hackers stole at the very least $659 million by a number of cryptocurrency heists in 2024, whereas additionally deploying IT staff to infiltrate blockchain firms as insider threats, in keeping with Japan, South Korea, and america in a uncommon joint assertion (PDF) on Tuesday.
The announcement supplied the primary official affirmation that North Korea was behind July’s $235 million hack of WazirX, India’s largest cryptocurrency change. The July 2024 breach pressured WazirX to droop buying and selling and later restructure the agency.
Different main assaults included a $308 million theft from Japan’s DMM Bitcoin, $50 million every from Upbit and Radiant Capital, and $16.13 million from Rain Administration, in keeping with the joint assertion.
The assertion says the Lazarus Group, a recognized menace group of North Korean hackers, performed social engineering assaults and deployed cryptocurrency-stealing malware like TraderTraitor to breach exchanges, whereas additionally infiltrating firms by having North Korean IT staff pose as job candidates, in keeping with the assertion.
“America, Japan, and the Republic of Korea advise non-public sector entities, notably in blockchain and freelance work industries, to completely assessment these advisories and bulletins to higher inform cyber menace mitigation measures and mitigate the danger of inadvertently hiring DPRK IT staff,” the governments stated.
Earlier U.N. experiences estimated that North Korea stole $3 billion in cryptocurrency between 2017 and 2023 to fund its sanctioned nuclear weapons packages. Current knowledge from Chainalysis confirmed North Korean hackers have been answerable for 61% of all cryptocurrency stolen in 2024, totaling $1.34 billion.
