Cyberattacks and cryptocurrency laundering: North Korea's strategy

According to Record Future sources, it appears that North Korea is using its IT resources to conduct cyber attacks aimed at the cryptocurrency sector. Thanks to access to advanced technologies and privileged information, members of the North Korean elite would have developed the skills necessary to carry out such operations, evading the international sanctions imposed on their country.

Cyber-espionage operations

The latest US Treasury Department sanctions hit Sinbad, a virtual currency mixing platform associated with North Korea's Lazarus Group, used to launder illicitly sourced capital. The hacker group's actions have resulted in the theft of approximately $3 billion in crypto-assets over the past 6 years, with a peak of $1.7 billion recorded in 2022 alone, Chainalysis reports.

How North Korea affects DeFi protocols

A report from the US Department of Homeland Security (DHS) highlighted the Lazarus Group's ability to exploit DeFi protocols. These, by allowing transitions between cryptocurrencies without intermediaries, offer hackers the ability to mask their tracks, thus complicating attribution and tracking efforts of illicit financial activity.

The North Korean impact on the crypto industry

The cryptocurrency sector remains a major target for North Korean state cyber threat actors. Sophisticated tactics such as social engineering target employees of online exchange platforms, in order to propagate malware and empty liquid assets into wallets controlled by the DPRK. The shadow of the lack of regulations in the KYC (Know Your Customer) and AML (Anti-Money Laundering) fields hangs over exchange platforms, making mixing operations a still effective method for muddying the waters in attribution investigations, as highlighted Recorded Future in his report.