Dollar bills

North Korea stole $1.2 billion from Japan, Vietnam: Elliptic

North Korea has stolen over $1.2 billion in digital assets since 2017 from Japan and Vietnam, a new report has revealed. Japan was North Korea’s prime target, with $721 million siphoned by Lazarus Group, the hacking group with links to the North Korean government.

Research conducted by London-based blockchain analytics firm Elliptic found that North Korea has stolen over $2 billion worth of digital assets through Lazarus alone. Japan has accounted for the largest attacks, with researchers blaming lax security measures by many VASPs in the East Asian country (although this is changing).

Aside from Japan, North Korea targeted Vietnam ($540 million), the U.S. ($497 million), and Hong Kong ($281 million).

North Korea is one of the most sanctioned countries, with over 2,100 sanctions. The sanctions have had their toll on the country’s ability to obtain foreign currency. Digital asset hacks have become Pyongyang’s leading forex channel, reports say.

According to the Japan External Trade Organization, the $721 million North Korea stole is 8.8X times greater than the country’s entire exports in 2021.

Lazarus Group is blamed for the world’s largest digital asset heist—the $625 million Ronin Bridge hack. The group reportedly compromised the private keys of the network’s validator nodes and wiped out 25 million USDC and 173,000 ETH. The hack dealt a big blow to Axie Infinity, the blockchain game that had taken off mainly in Asia; it has yet to recover.

In Japan, Lazarus is blamed for the $60 million hack targeting the Zaif exchange. The hackers targeted the exchange’s hot wallets, draining them of close to 6,000 BTC. Zaif has since shut down.

In more recent attacks, Lazarus stole $100 million last year from Harmony’s cross-chain bridge Horizon.

The only defense against hackers is for the digital asset industry to stick together and share resources and information, says Hiroki Iwai, the president of Tokyo-based cyber security firm Sighnt.

“We need to share threat information, such as attack routes and malware that exploit them, among the public and private sectors and industry associations in each country to raise the level of defense capabilities of each industry, including the financial sector.”

Watch: BSV Provides Solutions for Cybersecurity & Fraud

YouTube video

New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.