North Korean hacking groups are increasingly using Russian cryptocurrency exchanges to launder stolen money, according to Chainalysis.
The onchain analytics company stated that North Korean hackers recently transferred more than $21 million in cryptocurrency, stolen during last year’s Horizon bridge hack, to a Russian exchange known for facilitating illicit financial flows.
“This latest action marks a significant escalation in the partnership between the cyber underworlds of these two countries,” Chainalysis said in a blog. after this month.
The post claimed that North Korean hackers have been using Russian stock exchanges for money laundering since 2021. It said the development poses a challenge to international authorities, “given Russia’s uncooperative attitude towards international law enforcement.”
North Korean hackers less productive in 2023
Chainalysis said North Korean hacking groups were less productive in 2023 than last year, highlighting that 2022 was a year in which North Korean hackers achieved “catastrophically high numbers.” They have stolen approximately $340.4 million worth of cryptocurrency so far this year, compared to the more than $1.7 billion reported stolen in 2022.
“While North Korea-linked hackers are on track to steal far less cryptocurrency than last year, it is important to recognize that 2022’s catastrophically high numbers have set an unusually high bar to surpass,” Chainalysis said.
Chainalysis estimates that North Korean groups have stolen a total of $3.54 billion in cryptocurrency since 2016. “The DPRK remains a hotbed for hacking activities and remains one of the largest active threats in the cybercrime landscape,” it added.
The Lazarus Group, North Korea’s most notorious cybercriminals, reportedly carried out a significant attack on cryptocurrency exchange CoinEx last Thursday, taking at least $55 million worth of crypto assets. This is what blockchain security company SlowMist and onchain researcher say ZachXBTthe hacker group was identified when it accidentally exposed its address, which matched the address used in recent hacks involving Stake and Optimism.
UN report warns of North Korean hackers
The developments come as independent monitors reporting to the United Nations Security Council have raised alarm over North Korea’s use of cybertheft to evade sanctions and finance its nuclear ambitions.
Reuters reported in early August reported that an unpublished United Nations study cites cryptocurrency theft as a method North Korea uses to evade sanctions and continue developing nuclear weapons. An upcoming UN document reportedly warns of “state-sponsored” North Korean hacking groups targeting cryptocurrency and financial exchanges worldwide.
According to Reuters, observers stated in a report by a UN Security Council committee that “the DPRK continued to have access to the international financial system and also engaged in illicit financial operations, and that companies in the cryptocurrency, defense, energy and healthcare sectors were particularly targeted.”