In recent years, there has been an increase in cyber attacks linked to North Korea, with groups like Kimsuky and Lazarus Group employing various malicious strategies to obtain significant amounts of crypto assets.
Last year, hackers associated with North Korea reached a peak in crypto theft, accumulating around $1.7 billion.
North Korean Hackers: More Targets, Less Spoils in 2023
According to the latest analysis from Chainalysis shared with CryptoPotato, in 2023, North Korea targeted more crypto platforms than ever before, although the total stolen amount was less than in 2022.
Despite this decrease, the number of hacks reached a record high of 20, coinciding with the general downturn in the crypto market.
In 2023, Chainalysis estimated that the total stolen crypto amounted to just over $1 billion. Notably, North Korean hackers targeted decentralized finance (DeFi) platforms, stealing approximately $428.8 million. Additionally, they focused on centralized services, exchanges, and wallet providers, wherein they pilfered $150 million, $330.9 million, and $127 million, respectively.
It is worth mentioning that there was a significant reduction in North Korea’s targeting of DeFi protocols in 2023, reflecting the overall decline in DeFi-related hacking incidents.
DeFi Attack Vectors
The total stolen funds witnessed a significant decrease of about 54.3% to $1.7 billion in 2023, despite a rise in the number of individual hacking incidents from 219 in 2022 to 231 in 2023. The notable decline in stolen funds can be attributed mainly to a decrease in DeFi hacking incidents.
In the last few years, the surge in stolen crypto was largely fueled by hacks targeting DeFi protocols, amounting to more than $3.1 billion in 2021 and 2022. However, in 2023, hackers managed to pilfer only $1.1 billion from such protocols, marking a substantial 63.7% drop in the total value stolen from DeFi platforms year-over-year.
Moreover, there was a significant reduction in the proportion of all stolen funds accounted for by victims of DeFi protocols in 2023.
The value lost in DeFi hacks experienced a considerable year-over-year decline of 63.7% in 2023, and the median loss per such exploit decreased by 7.4%. Despite an overall increase in the number of crypto hacks in 2023, the figure for DeFi exploits specifically declined by 17.2%.
Through collaboration with its partner, Web3, and blockchain security firm Halborn, Chainalysis identified two categories of DeFi attack vectors: those originating on-chain and those stemming off-chain.
Mar Gimenez-Aguilar, Halborn’s Lead Security Architect and Researcher, highlighted that a majority of DeFi hacks resulted from vulnerabilities in smart contract design and implementation. Many of the affected contracts had either not undergone any audit or had been inadequately audited.
Another noteworthy trend was the rise in attacks due to compromised private keys, Gimenez-Aguilar emphasized the need for enhanced security practices beyond the scope of a specific blockchain.