In 2024, North Korean-backed hackers managed to steal over $659 million through various cryptocurrency heists. They also employed IT workers to infiltrate blockchain companies as insider threats, as reported by Japan, South Korea, and the United States in a rare joint statement (PDF) issued on Tuesday.
This statement officially confirmed that North Korea was responsible for the $235 million hack of WazirX, India’s largest cryptocurrency exchange in July. The breach led WazirX to halt trading temporarily and later restructure the company.
Among other significant attacks, North Korean hackers stole $308 million from Japan’s DMM Bitcoin, $50 million each from Upbit and Radiant Capital, and $16.13 million from Rain Management, according to the joint announcement.
The Lazarus Group, a well-known North Korean hacker group, carried out social engineering attacks and used malware like TraderTraitor to steal cryptocurrencies from exchanges. They also infiltrated companies by disguising North Korean IT workers as job applicants, as stated in the joint release.
The governments of the United States, Japan, and South Korea recommend that private sector entities, especially those in the blockchain and freelance industries, carefully review these advisories and statements to improve their cyber threat mitigation measures and avoid unintentionally hiring North Korean IT workers.
Previous U.N. reports suggested that North Korea had stolen $3 billion in cryptocurrency from 2017 to 2023 to finance its nuclear weapons programs. Recent data from Chainalysis indicated that North Korean hackers were accountable for 61% of all cryptocurrency thefts in 2024, amounting to $1.34 billion.
