The Current State of Cryptocurrency Heists

North Korea’s notorious hackers, notably the Lazarus Group, are currently all the rage—just not in a good way. Stolen cryptocurrency totals have plummeted from a staggering $1.65 billion in 2022 to $340.4 million this year as of September 14th. That’s an eye-popping decline of 80%! But before you pop the confetti and celebrate some kind of cyber-world progress, let’s cut through the fog of numbers.

Is a Decline Really Progress?

According to blockchain analysis experts at Chainalysis, the drop is more about the painfully high bar set in the previous year than any actual improvement in security controls. Erin Plante, the vice president of investigations at Chainalysis, remarked, “This year’s numbers are down not necessarily indicating less criminal activity but rather a pretty ghastly benchmark set last year. We are just one successful hack away from crossing the billion-dollar mark again.” Talk about keeping you on your toes!

Two Big Hits in September

In just a matter of days, the Lazarus Group showed its tenacity by pulling off two significant heists—$40 million from Stake on September 4 and a further $55 million from CoinEx on September 12. Combined, that’s over $95 million gone poof—funds that represent about 30% of all stolen crypto this year alone. Talk about a specialized VIP club they belong to!

Tackling the Social Engineering Element

To fend off these crafty thieves, it’s time for cryptocurrency firms to get serious about training their teams. The hackers often use intricate social engineering tactics to exploit the lovely quirks of human nature: trust and, let’s be honest, sheer forgetfulness. Employees must be schooled in recognizing the signals of impending doom! If employees can spot risky interactions, we might just have a fighting chance to keep our funds out of the hands of these digital marauders.

Where Do the Stolen Funds Go?

But what happens after the heists? Well, instead of a quaint little vacation, North Korea has been beefing up its laundry skills—or rather finding ways to clean filthy lucre. The sneaky hackers are increasingly relying on specific Russian exchanges to launder their gains. Notably, since 2021, an extravagant $21.9 million from Harmony’s $100 million bridge hack was transferred through one such high-risk Russian exchange, turning the money laundering game into quite the spectacle.

Global Efforts to Counter Cybercrime

On the international front, the United Nations is less about organizing parties and more about restricting North Korea’s cyber antics, particularly since the country has been suspected of using these ill-gotten gains to fund its increasingly questionable nuclear missile program. With increased audits for smart contracts being touted as a pathway to answer much-needed improvements, it seems there’s still a long way to go in curtailing these cyber assailants.