TRM Labs Estimates North Korean Hackers Stole $2B of Crypto Assets From 2018

A report issued by the blockchain intelligence firm TRM Labs revealed that the North Korean illicit group stole crypto assets worth $2 billion over the last five years. The TRM analyst lamented that the North Korean hackers continue to compromise growth of the crypto sector.

A study conducted by the TRM group to examine the impact of the North Korean hacking activities on crypto industry the blockchain intelligence firm revealed that 2023 the illicit group stole crypto assets totaling $200 million. The TRM report indicated that North Korean hacking activity constituted 20% of the total stolen assets in 2023.

Hackers Eyeing to Exploit Vulnerable Cross Chain Bridges

The analyst admitted that most of the unlawful activities conducted by the North Korean group involved hacking and other cyber-related crimes. The TRM report demonstrated that the malicious attacks launched by the North Korean group were ten times more powerful than others.

The report confirmed that the North Korean hackers had focused more on identifying vulnerabilities in the decentralized finance (DeFi) platforms. In the TRM finding, the analyst noted that most of the exploits conducted by the North Koreans focused on weakening the cross-chain bridges, which are commonly used to perform large volumes of crypto transactions.

Reflecting on the Axie Infinity bridge attack, the North Korean hackers compromised the system to heist $650 million. Consecutively the analysts claimed that the North Korean hackers stole crypto assets worth $800 million in three rounds in 2022.

The analyst argued that the notorious hackers leverage their vast tech experience to conduct cyber attacks. The TRM team observed that the hackers used different techniques to exploit a system or network.

The commonly used methods involved phishing and compromising the seed phrases and private keys. The TRM group confessed that the hackers had focused on conducting on-chain money laundering to convert the crypto to other currencies.

Unlike in the past, where hackers used crypto exchanges to transfer stolen funds, the on-chains platform is currently used to hide the origin of the stolen assets. The TRM team confessed that the on-chain facilitates multi-stage money laundering processes.

North Korean Hackers Evades Sanctions

Besides implementing the on-chain platforms to conduct their criminal activities, the hackers have explored ways to evade the Western sanctions imposed by the Office of foreign assets control and other enforcement units.

Recently the North Korean hackers utilized their obfuscation methods to conduct the Atomic wallet hack that resulted in the loss of $100 million. The Atomic wallet hacking activity was linked to the Lazarus group, where the hackers compromised the noncustodial wallets provided by the firm.

The June hacking activity affected 4000 wallets issued by the Atomic Wallet team. A scrutiny of the Atomic Wallet hack revealed that the North Korean hackers conducted either a phishing attack or a supply chain exploit to steal the customer’s assets.

Later the hackers exchanged the stolen assets to new addresses in ERC-20 and TRC-20. The incident revealed that most assets were transferred in Ether (ETH) and Tron (TRX) before proceeding to other money laundering processes using automated programs and mixers.

All trademarks, logos, and images displayed on this site belong to their respective owners and have been utilized under the Fair Use Act. The materials on this site should not be interpreted as financial advice. When we incorporate content from other sites, we ensure each author receives proper attribution by providing a link to the original content. This site might maintain financial affiliations with a selection of the brands and firms mentioned herein. As a result, we may receive compensation if our readers opt to click on these links within our content and subsequently register for the products or services on offer. However, we neither represent nor endorse these services, brands, or companies. Therefore, any disputes that may arise with the mentioned brands or companies need to be directly addressed with the respective parties involved. We urge our readers to exercise their own judgement when clicking on links within our content and ultimately signing up for any products or services. The responsibility lies solely with them. Please read our full disclaimer and terms of use policy here.

Leave a Reply

Your email address will not be published. Required fields are marked *