2022 was record year for North Korean crypto theft | Crypto News
North Korea stole more crypto assets in 2022 than any other year and targeted networks of foreign defense and aerospace companies, according to a now-classified report. of the United Nations, viewed by Reuters news agency.
“[North Korea] used increasingly sophisticated cyber techniques to gain access to digital networks involved in cyber finance and to steal potentially valuable information, including its weapons programs ”, independent sanctions monitors reported to the UN Security Council committee.
Monitors have previously accused North Korea of using cyberattacks to help fund its nuclear and missile programs.
“A higher value crypto asset was stolen by the DPRK [North Korea] actors in 2022 than in any previous year,” the monitors wrote in their report – which was submitted to the council’s 15-member North Korea sanctions committee on Friday. – citing information from UN member states and cybersecurity companies.
North Korea has previously denied allegations of hacking or other cyberattacks.
Sanctions monitors say South Korea estimates that hackers with links to North Korea have stolen $630 million worth of virtual assets by 2022, while a cybersecurity firm assessed that North Korean cybercriminals have yielded over $1 billion worth of crypto.
“The change in the USD value of cryptocurrencies in recent months may have influenced these estimates, but both suggest that 2022 will be a record-breaking year,” the United Nations report said. on North Korea’s theft of virtual assets”.
A US-based blockchain analytics firm last week reached the same conclusion.
The UN report notes: “The techniques used by cyber-attackers have become more sophisticated, thus making it more difficult to track down stolen funds.”
Diplomats said the report would be released later this month or early next month.
Monitors said most of the cyberattacks were carried out by groups controlled by North Korea’s main intelligence agency, the General Reconnaissance Bureau. It said those groups include hacking groups tracked by the cybersecurity industry under the name Kimsuky, Lazarus Group and Andariel.
The United Nations report said: “These actors continue to illegally target victims to generate revenue and gain valuable information for the DPRK, including its own programs. weapons of this country”.
Sanctions monitors said the groups deployed the malware through a variety of methods, including phishing. One such campaign targeted employees in organizations in various countries.
The United Nations report says: “Initial contacts with individuals are made via LinkedIn, and once a level of trust with targets is established, malicious payloads are sent through communications. continuously via WhatsApp”.
It also said that according to a cybersecurity firm, a group with links to North Korea known as HOlyGhOst had “raised ransom from small and medium-sized companies in several countries by distributing ransomware in a campaign.” widely, financially motivated”.
In 2019, United Nations sanctions monitors reported that North Korea had generated an estimated $2 billion over several years for weapons of mass destruction programs using nuclear attacks. The network is increasingly sophisticated and widespread.
Breaking the sanctions
In its latest annual report, the monitors also said Pyongyang continues to produce nuclear fissile material at its facilities and launch at least 73 ballistic missilesincluding eight intercontinental ballistic missiles, last year.
The United States has long warned that North Korea is ready to conduct a seventh nuclear test.
North Korea has long been banned by the Security Council from conducting nuclear tests and ballistic missile launches. Since 2006, the country has been subject to United Nations sanctions, which the Security Council has intensified over the years, targeting Pyongyang’s nuclear and ballistic missile programs.
However, North Korea continues to illegally import refined petroleum and export coal, evading sanctions, monitors said. It also said it had begun investigating reports of North Korean munitions exports.
The United States has accused the Russian mercenary company Wagner Group of receiving weapons from North Korea to help bolster Russian forces in Ukraine. North Korea has deny the allegation and Wagner’s owner, Yevgeny Prigozhin, denied receiving weapons from North Korea.
Last May, China and Russia vetoed a US-led effort to impose more UN sanctions on North Korea. This includes a proposal to freeze assets for the Lazarus hacking group.
The Lazarus group has been accused of participating in “Want to cry” ransomware attacks, infiltrating international banks and customer accounts, as well as the 2014 Sony Pictures Entertainment cyberattacks.
US linked North Korean hackers in April to hundreds of millions of dollars worth of crypto theft tied to popular online game Infinity Axie. RoninA blockchain network that allows users to transfer cryptocurrencies in and out of games, said that nearly $615 million worth of digital currency was stolen in March 2022.