North Korean Crypto Theft: Hackers stole $1.3 billion in cryptocurrency in 2024, according to the FBI and other international groups. This huge amount makes up 61% of all the cryptocurrency thefts reported that year. The scale and skill of these cyberattacks show just how advanced North Korea’s hacking operations have become.
The Scale of North Korean Crypto Theft
In 2024, cryptocurrency thefts around the world reached $2.2 billion, which is 21% more than the previous year, according to blockchain analytics firm Chainalysis. Out of this, $1.3 billion was stolen by North Korean hackers, especially the well-known Lazarus Group and its smaller groups like TraderTraitor.
This amount represents a significant escalation compared to 2023 when North Korean actors were attributed to $661 million in crypto thefts. With 47 separate incidents in 2024, these cybercriminals have doubled their previous year’s haul, demonstrating an evolving and aggressive approach.
Key Incidents: DMM Bitcoin and WazirX Attacks
One of the biggest incidents happened with the Japan-based cryptocurrency exchange DMM Bitcoin. In May 2024, hackers got into the system using smart tricks. The FBI explained that a North Korean hacker, pretending to be a LinkedIn recruiter, tricked an employee from Ginco—a company that helped manage DMM’s wallet system. The employee ran a harmful Python code, which allowed the hackers to change transactions and steal 4,502.9 Bitcoin, worth $308 million at the time.
Another big attack happened in July, targeting WazirX, one of the largest crypto exchanges in India. Hackers took advantage of the platform’s Ethereum hot wallet and stole $230 million, which was almost 45% of its total funds. These attacks show that hackers are now focusing more on centralized exchanges, which hold larger amounts of user money, instead of decentralized finance (DeFi) platforms.
Who Are These Hackers?
The main groups behind these thefts are connected to the Lazarus Group, a cybercrime group supported by the North Korean government. Subgroups like TraderTraitor (also called Jade Sleet and Slow Pisces) are known for tricking people through social engineering. These groups have been involved in other major cybercrimes, like the well-known Sony Pictures hack in 2014.
Their methods include:
Social Engineering: Pretending to be recruiters to gain trust and access.
Session Hijacking: Stealing session cookies to act like hacked employees.
Crypto Laundering: Using services like CoinJoin and crypto bridges to hide the stolen money.
Motives Behind the North Korean Crypto Theft
North Korea uses cybercrime because it needs to get around international sanctions and fund its government. Experts believe that the money from these thefts is used to:
Sustain luxurious lifestyles for the country’s elite.
Support its weapons programs, including nuclear weapons and ballistic missile development.
Fund broader state-sponsored operations, including military support for Russia’s invasion of Ukraine.
Global Response to the Threat
The FBI, Japan’s National Police Agency (NPA), and other international partners have intensified their efforts to combat North Korea’s cyber operations. In a joint statement, these agencies emphasized the need to expose and disrupt Pyongyang’s illicit activities.
DMM Bitcoin’s Response: After the hack, DMM Bitcoin announced that it would stop its operations by May 2025 and move its services to SBI VC Trade. This decision is meant to make things easier for customers while the investigations continue.
Working Together: The FBI and NPA have promised to share more information and improve cybersecurity to protect against future threats.
The Bigger Picture: Crypto Theft Trends
In the past, cryptocurrency thefts have gone up when the value of assets is high. For example, Bitcoin reached a record of $106,000 in December 2024, which may have attracted more hackers. While attacks on DeFi platforms were common until early 2024, hackers now focus on centralized services because they hold more money and usually have weaker security.
Even though the theft numbers were high, the rate of thefts slowed down in the second half of the year. Experts think that factors like North Korea working more closely with Russia might have caused this decline.
For the latest updates about cryptocurrency news, visit Coin Mozo on X.
North Korean Crypto Theft: Conclusion
The $1.3 billion stolen by North Korean hackers in 2024 underscores the urgent need for global cooperation to counter state-sponsored cybercrime. As hackers continue to exploit vulnerabilities in the cryptocurrency ecosystem, exchanges and users must prioritize robust security measures. For now, the international community remains vigilant, striving to hold North Korea accountable and safeguard the future of digital finance.
Also Read: Fundamental Analysis of Cryptocurrency: The Comprehensive Guide
