North Korea: center of cryptocurrency

While fraud and hacks are an integral part of the crypto industry, North Korea seems to have specialized in these dark designs, seeing this financial sector as a way to increase its income to finance its armaments.

After the various disturbing episodes of hacks that the cryptocurrency industry has experienced in recent months, it seems more and more clear that North Korea has raised an army of hackers to dig up expensive treasures within crypto projects.

For many years, it has been common knowledge that North Korea has sought to specialize in hacking. In fact, the name of the country is generally mentioned in this type of case, and for a long time far beyond any desire to give bad publicity to this dictatorship. On the other hand, the North Korean hacker group is widely known globally and commonly referred to as the Lazarus Group.

After the Sony hack and gained a worldwide reputation as a result, this group of experts turned their attention to the cryptosphere.

A crypto industry that is already in turmoil

While investors are currently going through a devastating and difficult bear market, they are trying as best they can to optimize and adapt their strategies for survival. However, the explosion of stack coins or the chain problems that CeFi platforms are experiencing is making it difficult for everyone, causing hundreds of thousands of users to lose their money.

In addition, these North Korean hackers who come to sow more fear by attacking various crypto projects or even centralized platforms. Victims of hacks have also failed to recover their funds despite failed attempts. For Ronin Bridge, for example, no less than $ 625 million was stolen by the Lazarus Group.

For many blockchain experts, this group of criminals would also be responsible for the recent Harmony Horizon Bridge hack, whose damage is estimated at $ 100 million.

Hacking in the cryptosphere seems to be a common design for this group of hackers, but recently bridges also seem to have become a breeding ground for these hackers who appear to be ripe for attacks in the future.

For the cryptosphere, this case is worrying as these hackers are already very successful and have several weapons in their honor. But above all because they are backed by a government that seeks performance and monitors their training by sending them to preparation in China or Russia.

In recent years, North Korea has also invested significantly in making resources available to optimize the theft of cryptocurrencies. Now it is a potent and persistent threat that lies behind many of the biggest thefts hitting the crypto industry in the form of stolen amounts.

According to Chainalysis, hackers are behind many of these attacks. The operations group is currently still free to operate, and its attacks are said to be the result of decisions by the General Reconnaissance Office, the North Korean intelligence service.

  • Want to discuss this topic with other crypto enthusiasts? Join our Telegram group in French!

Hackers are already doing better than in 2021

According to reports from Chainalysis, a company that specializes in investigating blockchain statistics, North Korean hackers have stolen no less than $ 400 million by 2021 through various attacks related to digital assets. .

While the number of stolen money increases every year, 2022 is already this year set to mark new records. Probably because of the language, the projects emerging in Southeast Asia are the preferred victims of these hackers and they will have to double their attention in the future to secure their backs. Between 2020 and 2021, hackers had already seen their prey increase by +40%.

The nature of the stolen funds is varied, but a declining share is related to Bitcoin. While Bitcoin originally represented all the stolen assets, especially as the amount of cryptocurrencies on the market was lower, the Ethereum token now represents the largest share of the Lazarus group’s hacks (58%). Altcoins and ERC-20 tokens complement the rest of the stolen funds.

Source: Chainalysis

The variety of stolen cryptocurrencies also increases the complexity of the money laundering process.

Previous money laundering

Through more sophisticated means, North Korea is laundering stolen cryptocurrency money by increasing the use of software that collects crypto and covers countless email addresses.

According to the Chainalysis article, the protocol that North Korea follows is as follows:

  1. First, any ERC-20 tokens or altcoins that may have been stolen exchanged for Ethereum tokens via a DEX for more flexibility.
  2. Etherees are mixed, usually in Tornado Cash blender.
  3. The ethers that have been mixed are then exchanged for bitcoin always through a DEX.
  4. The BTCs, on the other hand, are mixed.
  5. Mixed BTCs are preserved in new wallets.
  6. These bitcoin tokens are then sent to deposit addresses associated with crypto exchanges in Southeast Asia. This step opens up the possibility for North Korea to withdraw these BTCs in FIAT.

Of its total assets, some come from thefts from 2020 or even 2021, but we can see that North Korea also has assets from hacks from 2016. The DPRK has a huge amount that goes back several years, repeating the difficulties that hackers and the North Korean state have by exchanging its cryptocurrencies for FIAT currencies.

A delicate bear market to negotiate for North Korea

Although the return on investment is very favorable for the Asian country, the North Korean state has recently experienced difficulties in converting the money from digital assets into cash to reuse it in the service of its traditional economy and to finance its development programs. As the size of the hacks increases, it also complicates the task, causing the stolen funds to remain stuck in cryptocurrency for some time and gradually lose value.

With the bear market raging since November 2021 and accelerating since May 2022, altcoins like Bitcoin have mostly lost more than 70% of their value since November. Thus, the funds that North Korea has stolen have recently been largely depreciated. This calls into question their usefulness in financing arms-related matters, at the time when it is necessary to wait to receive the funds in management currencies, and also for the amounts “received”, which ultimately show itself to be reduced by half of what could have been stolen.

As international trading channels operate through the possession of USD dollars or other major fiat currencies, the need to convert digital assets into FIAT currencies is inevitable.

North Korean funds therefore fell in line with the cryptocurrency market, and all funds that were not traded before the start of the bear market fell significantly. Reuters reports a drop of $ 170 million to $ 65 million due to cryptocurrency devaluation. Knowing that some hacks are older, it is natural that some funds are still “positive”, but declining markets have lowered profits relative to the value of assets at the time of the hacks.

Funds in service of North Korean weapons

Pyongyang is also under the radar’s eye on the use of funds for the country’s nuclear weapons programs. Therefore, it is important to be able to extract billions of dollars in cryptocurrencies from the internet as the stolen funds make it possible to avoid international sanctions. Although widely suspected, North Korea and the Lazarus Group have not made any statement on the subject or any admission of guilt.

In total, according to another report from Chainalysis, it would be more than $ 1.75 billion that would have been stolen by the Lazarus group and which, in addition to revaluation or devaluation of the assets, would be made available to the North-North. the government. Korean. However, it is clear that the slow pace of operations in converting cryptocurrencies to FIAT currencies is a problem for North Korea, especially in terms of its weapons program and deadlines to be met.

However, it is clear that this remains an advantageous method of accessing new funds to put them at the service of the military sector, as the return on investment associated with these hacks is very favorable to the North Korean regime.

Moreover, the crypto-fiat conversion problem that is currently playing against North Korea may prove positive in the future. In fact, if the funds are released and then traded during the next bull cycle, the assets may well be revalued sharply upward.


All information on our website is published in good faith and for general information purposes only. Any action taken by the reader based on information found on our website is entirely at your own risk.

Leave a Comment