- Lazarus Group has stolen more than $3 billion in crypto funds since 2017
- The criminal organization has links with the North Korean government
- Stolen funds generally go to North Korea’s military and ballistic programs
- Analysts warn that the organization could incur more attacks within the crypto sector
Lazarus Group, the hacker organization linked to North Korea, managed to steal more than USD $3 billion in cryptocurrencies over the last six years.
Table of Contents
Lazarus Group and cryptocurrency thefts
This is revealed by a report published by the cybersecurity firm Recoded Future, which indicates that from 2017 to date, the organization’s hackers have committed a large number of attacks on different scales to steal crypto funds, with 2022 being the most successful year. for them by managing to obtain more than USD $1.7 billion, a figure that corresponds to “5% of the country’s [North Korea] economy or 45% of its military budget.”
As Recoded Future warns, the North Korean government has been increasing its focus on the cryptocurrency industry over the past six years, “starting with the South Korean market and then expanding globally. ” Their targets include not only crypto exchanges, but also potential high-profile victims, venture capital firms, and alternative technology companies.
In this regard, researchers highlight that cryptocurrency thefts appear as an important source of income for the North Korean government, especially for the financing of military and ballistic programs. They anticipate that “without stricter regulations, cybersecurity measures and investments in the sector for cryptocurrency companies, North Korea is likely to persist in targeting the industry for additional revenue.”
The data published by Recoded Future coincides with other reports presented by Chainalysis, who report that at least USD $1.1 billion of total capital was stolen from DeFi protocols in high-profile attacks. For its part, another report issued by the US Department of Homeland Security (DHS) warns that these platforms are becoming a focus of interest for criminal organizations.
Cryptocurrencies in the focus of regulators
The publication of this new report occurs in the midst of initiatives promoted by regulators and governments, precisely to close paths to Lazarus Group and other organizations that seek to steal and operate with cryptocurrencies.
Recently, the Office of Foreign Assets Control (OFAC) of the US Department of the Treasury launched sanctions against the cryptocurrency mixer Sinbad, which they included in their blacklist and will seize goods/assets in US territory.
The OFAC measure was based mainly on the use of the Sinbad service by North Korean hackers, who took advantage of the platform to cover up the trail of funds stolen in attacks and hacks.
As such, Sinbad is not the only mixer that OFAC has taken action against. Among other similar services, Tornado Cash and Blender stand out, which were also identified by the regulator as facilitators for criminal organizations such as Lazarus Group.