from the that-should-feed-a-lot-of-people dept.
North Korean hackers stole almost $400m (£291m) worth of digital assets in at least seven attacks on cryptocurrency platforms last year, a report claims.
Blockchain analysis company Chainalysis said it was one of most successful years on record for cyber-criminals in the closed east Asian state. The attacks mainly targeted investment firms and centralised exchanges. North Korea has routinely denied being involved in hack attacks attributed to them.
"From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%," Chainalysis said in a report.
The hackers used a number of techniques, including phishing lures, code exploits and malware to siphon funds from the organisations' "hot" wallets and then moved them into North Korea-controlled addresses, the company said.
Cryptocurrency hot wallets are connected to the internet and cryptocurrency network and so are vulnerable to hacking. They are used to send and receive cryptocurrency, and allow users to view how many tokens they have. Many experts recommend moving large amounts of cryptocurrency not needed day-to-day to "cold" wallets, which are disconnected from the wider internet.
Between 2020 and mid-2021 cyber-attackers stole more than $50m (£37m) of digital assets, investigators found.
Such attacks are an "important revenue source" for Pyongyang's nuclear and ballistic missile programme, they said.
The findings were reportedly handed to the UN's sanctions committee on Friday.
The cyber-attacks targeted at least three cryptocurrency exchanges in North America, Europe and Asia.
The report also referenced a study published last month by the security firm Chainalysis that suggested North Korean cyberattacks could have netted as much as $400m worth of digital assets last year.
And in 2019, the UN reported that North Korea had accumulated an estimated $2bn for its weapons of mass destruction programmes by using sophisticated cyber-attacks.