Crypto theft: North Korea-linked hackers stole $1.7 billion in 2022

North Korea-backed hackers stole $1.7 billion (£1.4 billion) worth of crypto in 2022, blockchain analytics firm Chainalysis says.

This nearly quadruples the country’s previous record for cryptocurrency theft – $429 million in 2021.

The loot also accounted for 44% of the $3.8 billion stolen in crypto hacks last year, which the firm called “the biggest year ever for crypto hacking.”

Experts have said that the country, facing heavy sanctions, is turning to crypto-theft to fund its nuclear arsenal.

“For context, North Korea’s total exports in 2020 were worth $142 million, so it’s not hard to say that cryptocurrency hacking is a significant part of the country’s economy,” Chainalysis said in a report Wednesday.

These hackers typically launder crypto through “mixers,” which mix cryptocurrencies from different users to obscure the origin of the funds, the firm said.

Other experts have also said that North Korea launders stolen crypto through brokers in China and non-fungible tokens (NFTs).

Last month, the FBI confirmed that the North Korea-linked Lazarus Group was responsible for a $100 million crypto heist on a blockchain network called Horizon bridge last year.

Overall, decentralized finance protocols, or DeFi, accounted for over 82% of stolen cryptocurrency in 2022, Chainalysis’ report said.

DeFi users know what will happen to their money when they spend it because smart contract codes that govern these protocols are publicly available by default.

But this openness also makes DeFi particularly attractive to hackers, who can scan the codes for vulnerabilities and “strike at the perfect time” to maximize their loot, according to the report.

David Schwed, CEO of blockchain security firm Halborn, noted that DeFi developers “prioritize growth above all else,” and funds that could be used to improve security are often directed toward rewards, to attract users.

DeFi developers can take a leaf from traditional financial institutions to make their platforms more secure, Schwed said.

For example, they can simulate different hacking scenarios to test their protocols, or design mechanisms to pause or stop transactions when suspicious activity is detected.

“You don’t have to go as slow as a bank, but you can borrow from what the banks are doing,” he said.