North Korea has started using nearly untraceable cryptocurrencies to convert stolen funds into cash and evade sanctions, according to an unpublished U.N. Panel of Experts report obtained by NK News. Experts estimate that hackers linked to the DPRK stole a total of $1.5 billion in cryptocurrency, some of which was exchanged for cash.
According to the report, “DPRK cyber actors have engaged in trading multiple forms of virtual currency, to include the use of several forms of alternative coins (‘altcoins’).” Altcoins are virtual currencies that are less popular than Bitcoins, but offer benefits like increased anonymity or faster transfers.
After obtaining these digital assets, hackers moved them to loosely regulated brokering services that do not thoroughly verify the identity of customers or the final destination of funds, the report stated. Groups linked to North Korea have also used advanced services known as “mixers” to make tracing digital assets more difficult. However, it’s still unclear how North Korea cashes in on stolen cryptocurrency, the Panel stated.
The DPRK-linked Lazarus Group began using “mixers” in 2019 to hide the flow of funds on the blockchain, Kim Grauer — head of research at blockchain analytics firm Chainalysis — told NK News.
In addition to obscuring transfers by moving them across cryptocurrencies and brokerages, cyber groups sometimes use stolen assets to purchase resellable items like gift cards. Some also directly pay for illicit services on underground marketplaces, according to cybersecurity firm Mandiant Threat Intelligence.
“Further, North Korea-sponsored actors have a critical advantage that most cybercriminals do not have: They are backed by the resources of a nation-state that is understood to already have significant capability to move money in other illegal transactions, such as weapons sales and human trafficking,” Mandiant’s Senior Analyst Fred Plan wrote in an email to NK News.
“Any income from cybercriminal operations could probably be easily plugged into the same financial networks that enable other illegal activities,” Plan said.
The Panel of Experts called out North Korea over the theft and illicit use of cryptocurrencies in its previous reports, including the use of sophisticated social engineering operations and malware exploits.
U.N. experts warned that these assets will remain lucrative targets for the DPRK to generate revenue, and further quoted a member state’s assessment that attacks against virtual currency exchanges have produced more illicit income than attacks against financial institutions.
Edited by Kelly Kasulis
North Korea has started using nearly untraceable cryptocurrencies to convert stolen funds into cash and evade sanctions, according to an unpublished U.N. Panel of Experts report obtained by NK News. Experts estimate that hackers linked to the DPRK stole a total of $1.5 billion in cryptocurrency, some of which was exchanged for cash.
According to the report, “DPRK cyber actors have engaged in trading multiple forms of virtual currency, to include the use of several forms of alternative coins (‘altcoins’).” Altcoins are virtual currencies that are less popular than Bitcoins, but offer benefits like increased anonymity or faster transfers.