North Korean-backed hackers stole not less than $659 million by a number of cryptocurrency heists in 2024, whereas additionally deploying IT staff to infiltrate blockchain firms as insider threats, in accordance with Japan, South Korea and the US in a rare joint statement (PDF) on Tuesday.
The announcement supplied the primary official affirmation that North Korea was behind July’s $235 million hack of WazirX, India’s largest cryptocurrency trade. The July 2024 breach compelled WazirX to droop buying and selling and later restructure the firm.
Different main assaults included a $308 million theft from Japan’s DMM Bitcoin, $50 million every from Upbit and Radiant Capital, and $16.13 million from Rain Administration, in accordance with the joint assertion.
The assertion says the Lazarus Group, a identified menace group of North Korean hackers, performed social engineering assaults and deployed cryptocurrency-stealing malware like TraderTraitor to breach exchanges, whereas additionally infiltrating firms by having North Korean IT staff pose as job candidates, in accordance with the assertion.
“The US, Japan, and the Republic of Korea advise non-public sector entities, significantly in blockchain and freelance work industries, to totally evaluation these advisories and bulletins to higher inform cyber menace mitigation measures and mitigate the danger of inadvertently hiring DPRK IT staff,” the governments mentioned.
Earlier U.N. reviews estimated that North Korea stole $3 billion in cryptocurrency between 2017 and 2023 to fund its sanctioned nuclear weapons applications. Current information from Chainalysis confirmed North Korean hackers have been chargeable for 61% of all cryptocurrency stolen in 2024, totaling $1.34 billion.
