- Chainalysis allege North Korean hackers as the ones responsible for extracting $400 million worth of cryptocurrency in 2021.
- According to the analytics firm, the hackers have doubled their thefts since 2019 via cyber attacks.
- North Korean hackers targeted centralized exchanges and investment firms.
North Korean hackers have rifled cyber attacks which enabled them to nab $400 million worth of cryptocurrency in 2021, as per the the latest data from Chainalysis. Since 2019, hackers have multiplied their cryptocurrency thefts, in which Ethereum (ETH) took the majority of siphoned cryptos.
According to the January 13 report of the blockchain analytics firm, there has also been a great change in the types of cryptos stolen. In 2017, BTC was pinned as the major stolen crypto by the said hackers. But now, it takes only one-fifth of the total.
Specifically, in 2021, 58% of Ether accounted for the majority of stolen funds, while 22% were ERC-20 coins or altcoins, and the remaining 20% Bitcoin. The report explained that the hackers primarily targeted investment firms and centralized exchanges and applied code exploits, phishing lures, advanced social engineering, and malware.
Chainalysis named hackers like Lazarus Group as advanced persistent threats (APT). Over the past three years, their threats have been expanding, with the highest stolen amount of over $500 million cryptos in 2018. The stolen funds were carefully concealed using methods like chain hopping, peel chain, and complicated coin swaps and mixing.
For mixing, 65% of the stolen funds in 2021 were used, which is a 3-fold increase since 2019. A mixer is a software-based privacy system used to hide the source and destination of the coins sent. Hackers mostly prefer decentralized exchanges (DEX), as they do not require permission to use and have sufficient coin liquidity to swap as per the user’s wish.
The report on a hack at Liquid.com on August 19, 2021 resulted in a loss of $91 million of cryptocurrency, which depicts the typical way of laundering funds by North Korean hackers. At first, they swapped ERC-20 coins for ETH at DEXs. Next, the ETH was moved to a mixer and swapped for BTC, which was also mixed. Finally, BTC was sent from the mixer to centralized Asian exchanges and withdrawn for fiat.