North Korean Hackers Steal Less Crypto, But Still Pose a Threat in 2023

Chainalysis' executive Erin Plante stated that the ever-evolving abilities of North Korean hackers still make them a formidable opponent.

North Korean hackers stole less in 2023 despite more breaches, according to Chainalysis.

Total value of assets stolen by hackers linked to North Korea. Source: Chainalysis

In a surprising turn of events, hacking groups affiliated with the Democratic People’s Republic of Korea (DPRK) managed to steal less cryptocurrency in 2023 despite their increased efforts and diversified targets. According to a recent report by blockchain analytics firm Chainalysis, the value of crypto stolen from North Korea-linked exploits dropped from $1.7 billion in 2022 to approximately $1 billion in 2023. Although these hackers carried out more hacks compared to the previous year, their gains were unable to surpass their illicit gains from 2022.

The Changing Tactics of North Korean Hackers

Types of crypto services affected by North Korean hacks. Source: Chainalysis

According to Erin Plante, the vice president of investigations at Chainalysis, the hacking groups linked to North Korea are steadily becoming more sophisticated and diverse. As security improvements within decentralized finance (DeFi) protocols have made it harder for them to accumulate ill-gotten gains, North Korean hackers have shifted their focus towards centralized services and wallets. This diversification allowed them to target a broader range of platforms and increase their chances of success.

• 🚀 The Future of Crypto Investments: Blur (BLUR), Ethereum Classic (ETC), and Rebel Satoshi (RBLZ) 🌙
• Bitbot: Revolutionizing Telegram Trading Bots for Mass Adoption
• Indonesia’s crypto tax revenue dropped by a staggering 63% in 2023.

Plante revealed that in 2023, DPRK-linked hackers started favoring phishing and social engineering attacks. These techniques are considered “age-old” hacking tactics that prey on human weaknesses. Plante emphasized the importance of educating employees and raising awareness about these cybersecurity threats within organizations. By implementing general security practices and ensuring that every employee is up to speed with the technical aspects of cyber defenses, organizations can create a solid foundation for a strong cybersecurity strategy.

The Need for Enhanced Network Monitoring and Security

Another pattern observed by Chainalysis is that North Korean hackers tend to spend more time in targeted networks. This finding underscores the significance of increased network monitoring and robust security measures. By investing in network monitoring tools and implementing stringent security protocols, organizations can detect and thwart these intrusions before significant damage occurs.

Addressing Vulnerabilities in DeFi and Centralized Platforms

Erin Plante suggests that DeFi protocols at risk of on-chain failures should consider implementing systems to monitor on-chain activities. On the other hand, platforms vulnerable to off-chain risks should reduce their reliance on centralized products and services. By adopting a more decentralized approach, these platforms can mitigate the impact of potential security breaches.

The Ongoing Threat Posed by North Korean Hackers

Overall, Erin Plante anticipates that North Korean hackers will continue to search for opportunities to steal significant funds wherever they can. As doors close on them, they adapt and evolve, making them an advanced adversary in the cybersecurity landscape. Organizations must stay vigilant and remain proactive in implementing the necessary security measures to protect themselves from these ongoing threats.

Q&A: What Readers Should Know About North Korean Hackers and Crypto Security

Q1: Why did the value of crypto stolen by North Korean hackers decrease in 2023?

A1: Despite carrying out more hacking incidents, North Korean hackers stole less cryptocurrency in 2023 compared to 2022. The decline in their gains can be attributed to security improvements within decentralized finance protocols, which made it harder for them to access illicit funds.

Q2: What tactics did North Korean hackers adopt in 2023?

A2: In 2023, North Korean hackers predominantly relied on phishing and social engineering techniques. These age-old hacking tactics exploit human vulnerabilities and can be prevented through employee education and awareness.

Q3: How should organizations enhance their network security?

A3: Based on insights from Chainalysis, organizations should invest in network monitoring tools and establish robust security protocols. By proactively monitoring their networks and promptly addressing any intrusions, organizations can mitigate the risks posed by North Korean hackers.

Q4: What steps can DeFi platforms take to improve security?

A4: DeFi protocols should implement systems to monitor on-chain activities, especially those vulnerable to on-chain failures. Furthermore, platforms at risk of off-chain risks should reduce their dependence on centralized products and services, opting for decentralized alternatives wherever possible.

Q5: What is the future outlook for North Korean hackers?

A5: Despite facing challenges in acquiring funds through hacking, North Korean hackers are expected to persist in their efforts to steal significant sums of cryptocurrency. Their ability to evolve and adapt makes them a formidable adversary, necessitating continuous vigilance and proactive cybersecurity measures.

References

1. Real AI use cases in crypto, No. 3: Smart contract audits & cybersecurity

We will continue to update Blocking; if you have any questions or suggestions, please contact us!