North Korean-backed hackers stole at least $659 million through multiple cryptocurrency heists in 2024, also deploying IT workers to infiltrate blockchain companies as insider threats, according to Japan, South Korea and the United States in a rare joint statement (PDF) on Tuesday. .
The announcement provided the first official confirmation that North Korea was behind the July $235 million hack of WazirX, India’s largest cryptocurrency exchange. The July 2024 breach forced WazirX to suspend trading and later restructure the firm.
Other major attacks included a theft of $308 million from Japan’s DMM Bitcoin, $50 million each from Upbit and Radiant Capital, and $16.13 million from Rain Management, according to the joint statement.
The statement says Lazarus Group, a known North Korean hacker threat group, conducted social engineering attacks and deployed cryptocurrency-stealing malware such as TraderTraitor to breach exchanges, also infiltrating companies posing as Korean IT employees. of the North to present themselves as job candidates, according to the statement.
“The United States, Japan, and the Republic of Korea advise private sector entities, particularly in the block labor and freelance industries, to thoroughly review these advisories and notices to better inform cyber threat mitigation measures and mitigate the risk of involuntary employment of IT workers in the DPRK. “, the governments said.
Previous UN reports estimated that North Korea stole $3 billion in cryptocurrency between 2017 and 2023 to fund its sanctioned nuclear weapons programs. Recent data from Chainalysis showed that North Korean hackers were responsible for 61% of all stolen cryptocurrencies in 2024, amounting to $1.34 billion.
