North Korea Linked to $659 Million Crypto Heists in 2024

A joint report by the US, Japan, and South Korea has revealed that North Korean hackers stole $659 million in cryptocurrency through multiple heists in 2024. The Lazarus Group, a cybercriminal organization affiliated with the Democratic People’s Republic of Korea (DPRK), has been linked to these incidents, including the $235 million theft from Indian crypto exchange WazirX. This group has a notorious history, previously orchestrating high-profile attacks like the $625 million Axie Infinity hack in 2022.

Among the 2024 breaches, Japan’s DMM Bitcoin suffered the largest loss of $308 million, forcing the exchange to shut down. The report highlights the DPRK’s increasingly sophisticated tactics, including social engineering and malware deployment, to target the cryptocurrency industry. Malware such as TraderTraitor and AppleJeus has been widely used, with attacks often disguised as legitimate business opportunities or job offers.

The FBI issued a warning in September 2024 about the DPRK’s methods, which involve “individualized fake scenarios” to deceive victims into granting access. Businesses were also cautioned against inadvertently hiring DPRK IT workers. South Korea and Japan reported similar tactics, with hackers using phishing techniques that include impersonating trusted contacts or prominent industry figures. These efforts often employ realistic photos and personal details sourced from social media to build trust and manipulate employees.

The three nations have urged crypto firms to adopt stringent security measures to mitigate risks. The recent CoinDesk report advises organizations to stay vigilant and implement robust defenses against North Korean cyber threats, emphasizing the importance of verifying the identities of job candidates and external contacts.

North Korea’s continued exploitation of the crypto industry underscores the urgent need for global collaboration to combat cybercrime and protect digital assets.