North Korean-backed hackers stole at the least $659 million by means of a number of cryptocurrency heists in 2024, whereas additionally deploying IT staff to infiltrate blockchain firms as insider threats, in keeping with Japan, South Korea and the United States in a uncommon joint assertion (PDF) on Tuesday.
The announcement offered the primary official affirmation that North Korea was behind July’s $235 million hack of WazirX, India’s largest cryptocurrency change. The July 2024 breach compelled WazirX to droop buying and selling and later restructure the agency.
Other main assaults included a $308 million theft from Japan’s DMM Bitcoin, $50 million every from Upbit and Radiant Capital, and $16.13 million from Rain Management, in keeping with the joint assertion.
The assertion says the Lazarus Group, a identified risk group of North Korean hackers, carried out social engineering assaults and deployed cryptocurrency-stealing malware like TraderTraitor to breach exchanges, whereas additionally infiltrating firms by having North Korean IT staff pose as job candidates, in keeping with the assertion.
“The United States, Japan, and the Republic of Korea advise personal sector entities, notably in blockchain and freelance work industries, to completely assessment these advisories and bulletins to higher inform cyber risk mitigation measures and mitigate the chance of inadvertently hiring DPRK IT staff,” the governments mentioned.
Earlier U.N. reviews estimated that North Korea stole $3 billion in cryptocurrency between 2017 and 2023 to fund its sanctioned nuclear weapons applications. Recent information from Chainalysis confirmed North Korean hackers have been answerable for 61% of all cryptocurrency stolen in 2024, totaling $1.34 billion.
