North Korean hackers launched at least seven attacks on cryptocurrency exchanges in 2021, stealing around $400 million worth of digital assets, blockchain analytics firm Chainalysis revealed in the latest report.
The value of stolen crypto assets by these hackers jumped by 40 percent in 2021 from the prior year.
Though the report did not name all the victims of these attacks, it did mention the Japanese crypto
exchange
Exchange
An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectively relevant with real-time pricing.Depending upon where you reside, an exchange may be referred to as a bourse or a share exchange while, as a whole, exchanges are present within the majority of countries. Who is Listed on an Exchange?As trading continues to transition more to electronic exchanges, transactions become more dispersed through varying exchanges. This in turn has caused a surge in the implementation of trading algorithms and high-frequency trading applications. In order for a company to be listed on a stock exchange for example, a company must divulge information such as minimum capital requirements, audited earnings reports, and financial reports.Not all exchanges are created equally, with some outperforming other exchanges significantly. The most high-profile exchanges to date include the New York Stock Exchange (NYSE), the Tokyo Stock Exchange (TSE), the London Stock Exchange (LSE), and the Nasdaq. Outside of trading, a stock exchange may be used by companies aiming to raise capital, this is most commonly seen in the form of initial public offerings (IPOs).Exchanges can now handle other asset classes, given the rise of cryptocurrencies as a more popularized form of trading.
An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectively relevant with real-time pricing.Depending upon where you reside, an exchange may be referred to as a bourse or a share exchange while, as a whole, exchanges are present within the majority of countries. Who is Listed on an Exchange?As trading continues to transition more to electronic exchanges, transactions become more dispersed through varying exchanges. This in turn has caused a surge in the implementation of trading algorithms and high-frequency trading applications. In order for a company to be listed on a stock exchange for example, a company must divulge information such as minimum capital requirements, audited earnings reports, and financial reports.Not all exchanges are created equally, with some outperforming other exchanges significantly. The most high-profile exchanges to date include the New York Stock Exchange (NYSE), the Tokyo Stock Exchange (TSE), the London Stock Exchange (LSE), and the Nasdaq. Outside of trading, a stock exchange may be used by companies aiming to raise capital, this is most commonly seen in the form of initial public offerings (IPOs).Exchanges can now handle other asset classes, given the rise of cryptocurrencies as a more popularized form of trading.
Read this Term Liquid.com, which lost $91 million to hackers. The report further stated that the attacks primarily targeted investment firms and centralized exchanges.
The hackers used several tactics like
phishing
Phishing
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than technological skill, it is considered to be a social engineering attack. The most common methods for phishing are email, telephone, or text message.How to Defend Against Phishing Attacks?Every phishing attempt has a few basic things in common, which individuals need to be aware of.You should always be on the lookout for offers that are overly lucrative or too good to be true. Click-bait titles or rewards and prizes without any context are red flags.Additionally, a sense of urgency should always be approached with caution. A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time.Finally, individuals should always be mindful of unusual senders and questionable attachments or hyperlinks. Simply hovering over a link shows you the actual URL where you will be directed upon clicking on it. If anything seems out of the ordinary, unexpected, or simply suspicious it is best to avoid clicking on any links. In the cryptocurrency world, phishing attacks come in forms such as fake wallets that unsuspectingly collect users’ private keys.Fake exchange login pages that collect users’ login data, and fake wallet seed generators that create and then collect the regenerative phrases used to make cryptocurrency wallets.
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than technological skill, it is considered to be a social engineering attack. The most common methods for phishing are email, telephone, or text message.How to Defend Against Phishing Attacks?Every phishing attempt has a few basic things in common, which individuals need to be aware of.You should always be on the lookout for offers that are overly lucrative or too good to be true. Click-bait titles or rewards and prizes without any context are red flags.Additionally, a sense of urgency should always be approached with caution. A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time.Finally, individuals should always be mindful of unusual senders and questionable attachments or hyperlinks. Simply hovering over a link shows you the actual URL where you will be directed upon clicking on it. If anything seems out of the ordinary, unexpected, or simply suspicious it is best to avoid clicking on any links. In the cryptocurrency world, phishing attacks come in forms such as fake wallets that unsuspectingly collect users’ private keys.Fake exchange login pages that collect users’ login data, and fake wallet seed generators that create and then collect the regenerative phrases used to make cryptocurrency wallets.
Read this Term lures, code exploits, malware, and advanced social engineering to gain access to the crypto exchanges.
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” Chinalysis stated. “The growing variety of cryptocurrencies stolen has necessarily increased the complexity of DPRK’s cryptocurrency laundering operation.”
Laundering the Stolen Proceeds
The hackers usually swap the crypto tokens for Ether on decentralized exchanges (DEX) and then send them to mixers to hide their transactional history. Again, they swap the Ether for Bitcoin on DEX and send those Bitcoins to mixers before depositing them on Asia-based crypto exchanges for cashing out.
“More than 65% of DPRK’s stolen funds were laundered through mixers this year, up from 42% in 2020 and 21% in 2019, suggesting that these threat actors have taken a more cautious approach with each passing year,” the report added.
The analytics company further identified $170 million worth of stolen unlaundered cryptocurrency sitting ideal on North Korea-controlled wallets. These stolen cryptocurrencies were linked to 49 separate hacks spanning from 2017 to 2021.
“Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one,” added Chainalysis.
Meanwhile, the involvement of state-sponsored North Korean hackers attacking crypto exchanges was also pointed out by a United Nations panel earlier. The state was accused of using the stolen proceeds to fund its nuclear weapons program. North Korea, however, denied these allegations releasing a statement.
North Korean hackers launched at least seven attacks on cryptocurrency exchanges in 2021, stealing around $400 million worth of digital assets, blockchain analytics firm Chainalysis revealed in the latest report.
The value of stolen crypto assets by these hackers jumped by 40 percent in 2021 from the prior year.
Though the report did not name all the victims of these attacks, it did mention the Japanese crypto
exchange
Exchange
An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectively relevant with real-time pricing.Depending upon where you reside, an exchange may be referred to as a bourse or a share exchange while, as a whole, exchanges are present within the majority of countries. Who is Listed on an Exchange?As trading continues to transition more to electronic exchanges, transactions become more dispersed through varying exchanges. This in turn has caused a surge in the implementation of trading algorithms and high-frequency trading applications. In order for a company to be listed on a stock exchange for example, a company must divulge information such as minimum capital requirements, audited earnings reports, and financial reports.Not all exchanges are created equally, with some outperforming other exchanges significantly. The most high-profile exchanges to date include the New York Stock Exchange (NYSE), the Tokyo Stock Exchange (TSE), the London Stock Exchange (LSE), and the Nasdaq. Outside of trading, a stock exchange may be used by companies aiming to raise capital, this is most commonly seen in the form of initial public offerings (IPOs).Exchanges can now handle other asset classes, given the rise of cryptocurrencies as a more popularized form of trading.
An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectively relevant with real-time pricing.Depending upon where you reside, an exchange may be referred to as a bourse or a share exchange while, as a whole, exchanges are present within the majority of countries. Who is Listed on an Exchange?As trading continues to transition more to electronic exchanges, transactions become more dispersed through varying exchanges. This in turn has caused a surge in the implementation of trading algorithms and high-frequency trading applications. In order for a company to be listed on a stock exchange for example, a company must divulge information such as minimum capital requirements, audited earnings reports, and financial reports.Not all exchanges are created equally, with some outperforming other exchanges significantly. The most high-profile exchanges to date include the New York Stock Exchange (NYSE), the Tokyo Stock Exchange (TSE), the London Stock Exchange (LSE), and the Nasdaq. Outside of trading, a stock exchange may be used by companies aiming to raise capital, this is most commonly seen in the form of initial public offerings (IPOs).Exchanges can now handle other asset classes, given the rise of cryptocurrencies as a more popularized form of trading.
Read this Term Liquid.com, which lost $91 million to hackers. The report further stated that the attacks primarily targeted investment firms and centralized exchanges.
The hackers used several tactics like
phishing
Phishing
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than technological skill, it is considered to be a social engineering attack. The most common methods for phishing are email, telephone, or text message.How to Defend Against Phishing Attacks?Every phishing attempt has a few basic things in common, which individuals need to be aware of.You should always be on the lookout for offers that are overly lucrative or too good to be true. Click-bait titles or rewards and prizes without any context are red flags.Additionally, a sense of urgency should always be approached with caution. A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time.Finally, individuals should always be mindful of unusual senders and questionable attachments or hyperlinks. Simply hovering over a link shows you the actual URL where you will be directed upon clicking on it. If anything seems out of the ordinary, unexpected, or simply suspicious it is best to avoid clicking on any links. In the cryptocurrency world, phishing attacks come in forms such as fake wallets that unsuspectingly collect users’ private keys.Fake exchange login pages that collect users’ login data, and fake wallet seed generators that create and then collect the regenerative phrases used to make cryptocurrency wallets.
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than technological skill, it is considered to be a social engineering attack. The most common methods for phishing are email, telephone, or text message.How to Defend Against Phishing Attacks?Every phishing attempt has a few basic things in common, which individuals need to be aware of.You should always be on the lookout for offers that are overly lucrative or too good to be true. Click-bait titles or rewards and prizes without any context are red flags.Additionally, a sense of urgency should always be approached with caution. A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time.Finally, individuals should always be mindful of unusual senders and questionable attachments or hyperlinks. Simply hovering over a link shows you the actual URL where you will be directed upon clicking on it. If anything seems out of the ordinary, unexpected, or simply suspicious it is best to avoid clicking on any links. In the cryptocurrency world, phishing attacks come in forms such as fake wallets that unsuspectingly collect users’ private keys.Fake exchange login pages that collect users’ login data, and fake wallet seed generators that create and then collect the regenerative phrases used to make cryptocurrency wallets.
Read this Term lures, code exploits, malware, and advanced social engineering to gain access to the crypto exchanges.
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” Chinalysis stated. “The growing variety of cryptocurrencies stolen has necessarily increased the complexity of DPRK’s cryptocurrency laundering operation.”
Laundering the Stolen Proceeds
The hackers usually swap the crypto tokens for Ether on decentralized exchanges (DEX) and then send them to mixers to hide their transactional history. Again, they swap the Ether for Bitcoin on DEX and send those Bitcoins to mixers before depositing them on Asia-based crypto exchanges for cashing out.
“More than 65% of DPRK’s stolen funds were laundered through mixers this year, up from 42% in 2020 and 21% in 2019, suggesting that these threat actors have taken a more cautious approach with each passing year,” the report added.
The analytics company further identified $170 million worth of stolen unlaundered cryptocurrency sitting ideal on North Korea-controlled wallets. These stolen cryptocurrencies were linked to 49 separate hacks spanning from 2017 to 2021.
“Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one,” added Chainalysis.
Meanwhile, the involvement of state-sponsored North Korean hackers attacking crypto exchanges was also pointed out by a United Nations panel earlier. The state was accused of using the stolen proceeds to fund its nuclear weapons program. North Korea, however, denied these allegations releasing a statement.
Source: https://www.financemagnates.com/cryptocurrency/news/north-korean-hackers-stole-400m-worth-crypto-in-2021/