In recent findings, an investigation by the United Nations has illuminated the extent to which North Korea has leveraged cyber activities such as crypto hacks to “bolster” its economy and further its weapons development programs.
The report spans from 2017 to 2023 and details a series of cyberattacks targeting crypto-related firms. It highlights the approach of the Democratic People’s Republic of Korea (DPRK) as it targets the nascent industry.
Crypto Loot Fuels Foreign Earnings
The UN revealed that North Korea has participated in cyber operations deemed “malicious” to secure roughly half of its foreign currency earnings, which support its weapons development initiatives.
The panel noted, citing information from “one member state”:
The malicious cyberactivities of the Democratic People’s Republic of Korea (DPRK) generate approximately 50 percent of its foreign currency income and are used to fund its weapons programs.
Particularly, with an estimated loss of $3 billion attributed to these cyber incursions, the UN’s assessment sheds light on the web of state-sponsored hacking operations, underscoring their significance in funding approximately 40% of the DPRK’s program to build weapons of mass destruction.
It is worth noting that the UN revelation aligns with previous estimates from the United States, further corroborated by recent analytics from blockchain analysis firm Chainalysis. The firm’s 2023 report marks a notable year for crypto platform vulnerabilities, with North Korea linked to a record number of hacks.
Adapting To Shifting Cyber Landscape
However, there was a significant decline in the total value of stolen assets compared to previous years. Despite this, the DPRK operatives persist while adapting to security measures with increasingly “sophisticated” tactics, according to Joe Dobson, principal analyst at cybersecurity firm Mandiant.
Dobson noted:
They look at what’s changing, what’s evolving, and how they can use that malicious intent. Whatever the advancement is, they’re going to find a way to take advantage of it.
Tools such as Tornado Cash for laundering stolen Ethereum further exemplify this. According to a recent report, North Korean hackers associated with the notorious Lazarus Group have utilized Tornado Cash to launder around $12 million in stolen Ethereum (ETH).
Elliptic reports that the Lazarus Group’s increased dependence on Tornado Cash resulted from reduced large-scale mixing services available following law enforcement’s crackdown on platforms such as Sinbad.io and Blender.io.
Facing limited options, the group has turned to leveraging Tornado Cash, which remains operational despite being under US sanctions.
Featured image from Unsplash, Chart from TradingView