DPRK Hackers Stole $2.3B in Crypto Funds Since 2017, 70% of it from Japan
Image courtesy of 123rf.

DPRK Hackers Stole $2.3B in Crypto Funds Since 2017, 70% of it from Japan

A recent research report sheds light on how North Korean hackers stole billions in crypto since 2017.
Neither the author, Tim Fries, nor this website, The Tokenist, provide financial advice. Please consult our website policy prior to making financial decisions.

North Korea-based hackers have stolen $721 million in crypto from Japan since 2017, 8.8 times more than North Korea’s export value in 2021, according to research commissioned by Nikkei. According to the study, hacker organizations based in North Korea stole $2.3 billion in cryptocurrency funds in aggregate over the past five years.

Japan is the Biggest Target for North Korean Hackers

Hacker organizations tied to North Korea stole $2.3 billion in crypto funds from businesses from 2017 to 2022, according to an Elliptic study commissioned by Nikkei. The bulk of that amount was stolen from Japan ($721m), followed by Vietnam ($540m), the U.S. ($497m), and Hong Kong ($281m), the study showed.

The $721 million taken from Japan-based businesses is 8.8x bigger than the value of North Korea’s total exports in 2021, according to data from the Japan External Trade Organization. The North Korean hacking groups likely targeted Japan and Vietnam due to the crypto markets’ rapid growth in these countries in recent years, as well as lenient security systems at crypto firms operating there.

Citing a source familiar with the matter, the Nikkei report says that at least three crypto exchanges in Japan are believed to have suffered a cyberattack by North Korean hacker groups from 2018 to 2021. One of those exchanges, Zaif, sustained 7 billion yen ($51.4 million) in 2018 and shut down shortly afterward.

One of the biggest hacking organizations in the world, Lazarus Group, is also thought to be operating from North Korea. The group was responsible for the largest-ever crypto hack, stealing more than $600 million in crypto from Ronin Bridge.

Join our Telegram group and never miss a breaking digital asset story.

Hacks and Ransomware are North Korea’s National Strategy

North Korea is among the most sanctioned countries globally, making it extremely difficult for the East Asian nation to acquire foreign currency. As a result, North Korea has allegedly developed a national strategy of using cyberattacks to compensate for foreign exchange losses resulting from the country’s limited coal trade.

The country, led by a controversial and authoritarian leader Kim Jong Un, mainly uses two types of cyberattacks, including hacks and ransomware, according to Nikkei. However, North Korea is believed to emphasize direct hacks on crypto exchanges as they are more likely to bring in vast amounts of crypto funds than ransomware attacks.

In 2022 alone, hacker groups from North Korea reportedly stole over $1 billion in crypto. The White House estimates that roughly 50% of North Korea’s missile and nuclear programs are funded by stolen digital asset funds.

Finance is changing.
Learn how, with Five Minute Finance.
A weekly newsletter that covers the big trends in FinTech and Decentralized Finance.

In your opinion, do you think we’ll see the number of thefts grow in the future? Let us know in the comments below.