North Korean Hackers Steal $1.6 Billion Worth of Crypto in 2024
North Korean Crypto Theft Hits $1.6 Billion in 2024
North Korea’s illicit cyber activities reached unprecedented levels in 2024, with state-linked hackers stealing a staggering $1.6 billion in cryptocurrency, according to a new report by blockchain analytics firm Chainalysis. The figure marks a sharp increase from the $660.5 million stolen in 2023, underscoring the regime’s growing reliance on cybercrime to fund government operations, including its controversial weapons programs.
“North Korean hackers has evolved into a global threat, with the scale and sophistication of attacks increasing year after year,” said Kim Grauer, Head of Research at Chainalysis.
The report reveals that North Korea was responsible for 61% of the $2.2 billion stolen from crypto platforms globally in 2024, demonstrating the regime’s dominance in the cybercrime space.
A Record-Breaking Year for Crypto Theft
North Korean hackers executed 47 separate cyberattacks in 2024, nearly double the incidents attributed to them in the previous year. These attacks targeted a range of cryptocurrency platforms, particularly decentralized finance (DeFi) systems, which have become prime targets due to their vulnerabilities.
Chainalysis noted that $1.34 billion of the stolen funds came directly from crypto platforms, with hackers conducting more large-scale heists—exceeding $100 million—than ever before. Smaller attacks, under $50 million, also saw a significant rise, reflecting the regime’s broadening capabilities.
Experts believe the stolen cryptocurrency funds are funneled into North Korea’s weapons development programs, including its ballistic missile initiatives.
“The sophistication of these operations is remarkable. They use advanced malware, social engineering, and even infiltrate firms as fake remote workers to siphon funds,” said Dr. Jason Bartlett, a cyber policy expert at the Center for a New American Security.
Infiltration of Crypto Firms
In one striking case, the U.S. Department of Justice indicted 14 North Korean nationals for masquerading as remote IT workers. Using false identities, these individuals secured jobs at cryptocurrency firms, stealing over $88 million through data breaches and extortion.
“These schemes demonstrate North Korea’s adaptability and resourcefulness in navigating international sanctions,” said Bartlett.
The tactic is part of a broader strategy by North Korea to exploit global financial systems, leveraging anonymity in cryptocurrency transactions to bypass sanctions imposed by the international community.
Cyber Strategies and International Tensions
The first half of 2024 saw the bulk of North Korean hackers theft, with activity slowing significantly after June. Analysts link this decline to closer ties between North Korea and Russia, following a high-profile meeting between Kim Jong Un and Vladimir Putin.
“It is therefore possible that, in addition to redirecting military resources toward the conflict in Ukraine, the DPRK which has dramatically increased its cooperation with Russia in recent years may have altered its cybercriminal activity as well,” the Chainalysis report stated.
While hacking activity may have decreased in the latter half of the year, the cumulative impact remains staggering. North Korea was responsible for two-thirds of global crypto hacking incidents in 2024, solidifying its position as a dominant player in the cybercrime arena.
Weaponizing Cybercrime
The scale of North Korean crypto theft has alarmed the global community, with U.S. officials estimating that up to a third of Pyongyang’s missile program funding comes from illicit online activities.
“The reliance on cybercrime to fund weapons programs is a significant concern for global security,” said Linda Thomas-Greenfield, the U.S. Ambassador to the United Nations.
Despite international sanctions and efforts to curb these activities, North Korea’s cybercriminal network continues to operate with increasing sophistication.
As North Korean hackers theft grows in scale, global cybersecurity experts are urging stronger international cooperation to combat these crimes.
“Collaboration between governments, law enforcement, and the private sector is essential to counter these threats effectively,” said Grauer.
For now, North Korean hackers crypto theft represents a troubling intersection of technology and geopolitics, with far-reaching implications for global security and financial stability.
Get more from The Bit Gazette
