North Korea’s Lazarus Group has been named behind some of the biggest DeFi exploits this year including Harmony protocol and Axie Infinity hack.
On Thursday, December 22, South Korea’s main spy agency, the National Intelligence Service, published a new report noting that the state-sponsored North Korean hackers have stolen an estimated $1.2 billion in crypto assets since 2017.
Hackers Interested in Crypto
Interestingly, the data reveals that 50% of the total funds stolen i.e. more than $626 million have been stolen this year alone from the decentralized finance (DeFi) protocols. Of this, nearly $78 million alone comes from South Korea.
The authoritarian state of North Korea has been suffering from harsh UN sanctions as well as pandemic-related difficulties. As a result, North Korea has increasingly resolved to cybercrime in order to fund its fragile economy and nuclear program.
The National Intelligence Service has warned that the North Korean hackers are likely to conduct more cyberattacks the following year and might steal advanced South Korean technologies and other confidential information related to South Korea’s national security and foreign policy.
Speaking on the development, NIS spokesperson Kyunghyang Shinmun told a local news publication that all of the $620 million stolen by North Korean hackers have come through DeFi exploits overseas. “In Korea, virtual asset transactions have been switched to real-name transactions and security has been strengthened, so there is no damage,” added Shinmum.
North Korea and DeFi Exploits
Decentralized Finance (DeFi) protocols have been one of the major victims of the multiple large-scale hacks taking place this year. Hackers have drained out DeFi protocols for billions of dollars in 2022.
Earlier in April, the US hackers stated that North Korean hackers were responsible for the $620 million worth of crypto theft from Axie Infinity. It was supposedly the largest DeFi hack that took place in the market this year.
Similarly, North Korea’s Lazarus Group has been linked to another high-profile DeFi breach this year which involved draining the Harmony protocol for $100 million. As the North Korean economy continues to struggle, experts believe that such hacks aim to increase the foreign currency reserves of the country. While warning that the North Korean cyberattacks would intensify next year, NIS wrote:
“It is necessary to analyze attacks as closely as defenses. Because one hacker organization has all the attack information and does not forget it. It is necessary to gather information related to malicious code scattered by various attackers to find meaningful insights.”
On the other hand, South Korea is further tightening its rules on cryptocurrencies and related operations this year. Crypto trading exchanges have to mandatorily get a license from the FSC to continue their operations.