North Korean hackers are being pursued by governments worldwide due to being associated with over half of the value stolen in the cryptocurrency space during 2024.
North Korean hackers like the infamous Lazarus Group are the prime suspects for some of the most notorious cyber thefts in Web3, including the $600 million Ronin network hack.
South Korea is the latest country to impose sanctions against 15 North Korean IT organization members and one related organization.
The sanctioned agents have allegedly procured funds for North Korea’s nuclear missile development program and the DPRK’s Munitions Industry Department through “overseas foreign currency-earning activities,” according to a Dec. 26 press release by South Korea’s Ministry of Foreign Affairs.
The sanctioned 313 General Bureau’s Kim Cheol-min is among the sanctioned individuals who allegedly earned a “large amount of foreign currency” by working undercover for United States and Canadian companies before delivering the funds to Pyongyang’s nuclear weapons program.
Another sanctioned worker, Kim Ryu Song, was already indicted by US lawmakers on Dec. 11 for violating US sanctions, money laundering and identity theft, for generating over $88 million worth of revenue over six years, according to South Korean media reports.
Total annual funds loss. Source: Cyvers
The sanctions come after another successful year for crypto hackers, who stole over $2.3 billion worth of crypto during 2024, marking an over 40% increase from the value stolen during 2023.
Related: Turkey introduces stricter crypto AML regulations
North Korea hackers stole $1.3B worth of value in 2024: Chainalysis
North Korea-affiliated hackers have become some of the biggest threats to the safety of the cryptocurrency space.
During 2024, North Korean hackers stole over $1.34 billion worth of digital assets across 47 individual incidents, marking an over 102% increase from the $660 million stolen in 2023, according to Chainalysis data.
DPRK hacking activity. Source: Chainalysis
The $1.34 billion represents over 61% of the total crypto value stolen during 2024 and over 20% of the total hacking incidents.
Related: Cyvers launches institutional crypto security tool for $4B vulnerability
Yet, in a worrying sign for 2025, the frequency of attacks among North Korean agents is increasing, wrote Chainalysis:
“Notably, attacks between $50 and $100 million, and those above $100 million occurred far more frequently in 2024 than they did in 2023, suggesting that the DPRK is getting better and faster at massive exploits.”
The time between successful DPRK attacks. Source: Chainalysis
In contrast, most North Korean hacks only netted attackers up to $50 million worth of stolen funds on average, signaling that the scale of the attacks is growing.
Magazine: 13 Christmas gifts that Bitcoin and crypto degens will love
