The United States, Japan, and South Korea have joined together to warn the industry about the ongoing hacking threats by North Korean actors after observing “aggressive” targeting of the crypto industry.
US, Japan, South Korea Send Warning
In a joint statement, the US, Japanese, and South Korean governments warned the blockchain technology industry about the Democratic People’s Republic of Korea (DPRK) cyber attackers’ targeting and compromise of different entities worldwide.
According to the statement, the advanced persistent threats from groups linked to North Korea, including the Lazarus Group, continue to demonstrate “a pattern of malicious behavior in cyberspace” with their numerous campaigns to steal cryptocurrencies.
These attacks threaten the three countries and the international community as they compromise the integrity of the financial system and worldwide stability by funding DPRK’s ballistic missile programs with stolen crypto funds.
The DPRK’s cyber program threatens our three countries and the broader international community and, in particular, poses a significant threat to the integrity and stability of the international financial system. Our three governments strive together to prevent thefts, including from private industry, by the DPRK and to recover stolen funds with the ultimate goal of denying the DPRK illicit revenue for its unlawful weapons of mass destruction and ballistic missile programs.
The statement emphasized the need for deeper collaboration among the public and private sectors of the three nations to fight these cybercrime operations and protect the international financial system:
Deeper collaboration among the public and private sectors of the three countries is essential to proactively disrupt these malicious actors’ cybercrime operations, protect private business interests, and secure the international financial system.
The nations also warned about DPRK information technology (IT) workers infiltrating the industry. As Bitcoinist reported, several companies had inadvertently hired IT workers from North Korea. Over the last few years, over a dozen crypto companies fell victim to the country’s tactics to bypass sanctions and receive money from these projects.
North Korean Crypto Hacks Take $1.34 Billion In 2024
In 2024, the three governments individually and jointly attributed several crypto thefts to the DPRK, targeting exchanges, digital asset custodians, and individual crypto users.
According to the statement, these include the attacks on the Japanese crypto exchange DMM Bitcoin for $308 million, the South Korean exchange Upbit for $50 million, and Bahrain-based Rain Management for $16.13 million.
Moreover, based on detailed industry analysis, the US and South Korea attributed WazirX’s $235 million and Radiant Capital’s $50 million crypto heists to DPRK hackers. As a result, the governments consider North Korean actors responsible for hacks worth nearly $660 million in the last year.
According to a Chainalysis report, hackers from the DPRK stole more from crypto platforms in 2024 than in other years, going from $660.5 million to $1.34 billion. These figures represent 20% of the total incidents and 61% of the total value stolen last year.
Additionally, attacks between $50 million and $100 million, and above this range, were more frequent in 2024, “suggesting that the DPRK is getting better and faster at massive exploits.”
