North Korean Hackers Accused Of Biggest Cryptocurrency Theft Of 2020Their Heists Are Now Worth $1.75 Billion – Forbes

North Korea's hacking crews are causing carnage in the cryptocurrency market and one has been blamed for stealing $250 million-worth of virtual coins from one exchange in 2020.

A North Korean hacker crew called Lazarus Group has been accused of carrying out a heist on cryptocurrency exchange KuCoin, dubbed the biggest cryptocurrency theft of last year at $275 million worth of virtual money. That figure represented half of all cryptocurrency stolen in 2020, according to cryptocurrency tracker and law enforcement contractor Chainalysis, which exclusively revealed its attribution of the huge attack to Forbes ahead of the release of its own research report on Tuesday.

The hack of Singapore-based KuCoin, which lets people trade Bitcoin, Ethereum and other cryptocurrency, also took Lazarus illicit winnings up to $1.75 billion, Chainalysis claimed. Its feared that North Korea is using stolen cryptocurrency to fund its nuclear initiatives, whilst also causing serious losses to the burgeoning virtual economy. Meanwhile, the thefts are helping prop up North Koreas flagging economy, which has reportedly taken a severe hit thanks to the Covid-19 crisis. CNN reported on a confidential U.N. document on Tuesday, which suggested that North Korea had stolen a total of $316.4 million from financial institutions and virtual currency companies between 2019 and November 2020 to support its warfare and economic plans.

Chainalysis said it was able to attribute the KuCoin hack to the North Korean hacking group by looking at how the stolen funds were laundered. Lazarus Group, previously blamed for the infamous Sony Pictures hack of 2014 amongst many other attacks on cryptocurrency exchanges, has a unique way in which it sends money to mixers. Those mixers mix up cryptocurrency into different accounts in order to make tracking of funds more difficult. The size, and the way that funds are sent to mixers is extremely specific, and it's like a fingerprint, said Kim Grauer, who led Chainalysis research into the KuCoin attack.

Grauer thinks North Koreas cryptocurrency thefts could be filling huge holes in the countrys coffers. COVID in particular has further continued to devastate the North Korean economy and so we think that... the country may be becoming increasingly dependent on hacking for just funding, period, Grauer added. When you think about $1.75 billion, it's a very significant amount of money for that country considering their GDP.

The KuCoin breach took place in September 2020, and the exchange offered rewards of up to $100,000 to anyone who could provide valid information to us regarding this incident. Later, KuCoin CEO and founder Johnny Lyu claimed $201 million in cryptocurrency had been recovered as of October 3 and said perpetrators had been caught. This February, Lyu said in a blog post that it had cooperated with exchange and project partners to recover $222 million (78%), and cooperated with law enforcements and security institutions to recover $17.45 million (6%). At the same time, KuCoin and our insurance fund covered the remaining part, about $45.55 million (16%). In the end, we ensured that no users sustained any loss in this incident.

KuCoin, which claims to have over six million registered users, told Forbes that while its working with law enforcement and security agencies to track the suspects, no more details can be announced at the moment, per their request. Chainalysis said it had shared its findings relating to the North Korean attribution with KuCoin, but declined to provide any more detail on its work with the exchange.

The news comes hot on the heels of a Google warning that another crew of alleged North Korean hackers had attacked security researchers via what may have been a Chrome zero-day exploit - an attack on an unpatched vulnerability or string of vulnerabilities.

With a mix of more sophisticated digital attacks and huge thefts of cryptocurrency, North Koreas investment in offensive cybersecurity is proving to be reaping rewards for Kim Jong-uns regime, whilst costing victims their privacy and, in some cases, their crypto wealth.

See the article here:
North Korean Hackers Accused Of Biggest Cryptocurrency Theft Of 2020Their Heists Are Now Worth $1.75 Billion - Forbes