Blockchain forensics firm Chainalysis has uncovered a concerning shift in the tactics of North Korean hacking groups, indicating a growing reliance on Russian cryptocurrency exchanges to launder stolen digital assets. This revelation comes as the stolen cryptocurrency’s value in 2023 has considerably decreased compared to the record-breaking figures of 2022.
The Chainalysis report suggests the emergence of a new alliance between North Korean hackers and Russian cybercriminals. Examining onchain data, the firm has observed an increasing trend where hackers associated with the Democratic People’s Republic of Korea (DPRK) are utilizing cryptocurrency exchanges based in Russia for their money laundering activities.
The release of this report coincides with a high-level summit between the leaders of both nations, Kim Jong-un and Vladimir Putin, which has raised suspicions of arms-related discussions. Additionally, United Nations sanctions monitors have been highlighting North Korea’s evolving strategies in cyberattacks aimed at crypto and financial exchanges to fund its nuclear weapons and missile programs.
Chainalysis provided an illustrative example involving the recent transfer of $21.9 million worth of cryptocurrency stolen from Harmony Protocol to a Russian exchange known for processing illicit transactions. The report also points to evidence indicating a history of North Korean entities using such platforms and services in Russia for money laundering purposes over the past few years. The collaboration between the cyber underworlds of these two nations, as highlighted in the report, marks a significant escalation.
One key concern raised in the report is that Russian cryptocurrency exchanges and law enforcement agencies have a history of non-compliance with international efforts, thereby reducing the chances of asset recovery. Chainalysis data reveals that North Korean hacking groups have stolen over $340.4 million in cryptocurrency in 2023, a significant drop from the staggering $1.65 billion stolen in the previous year. However, it’s important to note that 2022’s figures were exceptionally high.
Chainalysis concluded that despite the decrease in their share, DPRK-linked hacking groups remain a major threat in the cybercrime landscape, responsible for 29.7% of cryptocurrency stolen through hacks in 2023. Their total estimated cryptocurrency theft stands at $3.54 billion, solidifying North Korea’s position as a prominent hub for hacking activities.