An analysis found that about two-thirds of the global virtual asset hacking losses in the first half of this year were caused by hacking groups linked to North Korea.
Voice of America (VOA) reported this on the 3rd, citing a report by Blockchain analysis corporations TRM Labs.
According to the report, the amount of virtual asset stolen by North Korea-linked hacking groups in the first half of this year reached $643 million (about 1 trillion won). During the same period, global virtual asset hacking losses were tallied at $972 million (about 1.5 trillion won). The amount stolen by North Korea-linked groups accounted for 66.2% of the total losses.
In particular, two large-scale hacks of decentralized finance (DeFi) platforms were identified as the work of North Korea-linked groups. The report assessed that the $285 million hack that occurred on the DeFi platform "Drift" in April and the roughly $292 million hack on another DeFi platform, "KelpDAO," were attacks by North Korea-linked hacker groups.
Combined losses from the two incidents amount to $577 million (about 900 billion won). Most of the virtual asset stolen by North Korea-linked hacker groups in the first half of this year occurred in these cases.
However, the amount stolen in the first half of this year is lower than about $1.7 billion, about 2.6 trillion won, in the same period last year. The report, however, said it is difficult to interpret this as a weakening of North Korea's hacking capabilities.
The report explained, "It is not because North Korea's attack capabilities have weakened, but because there have been relatively fewer super-large hacking incidents this year compared with last year." It added, "This tally reflects only North Korea's hacking incidents and does not include illegal revenue from phishing, cryptocurrency fraud, or disguised overseas IT employment," and "North Korea's actual cryptocurrency-related revenue could be much larger."
Trilateral cooperation among South Korea, the United States, and Japan to counter North Korea's cyber threats is also continuing. South Korea, the United States, and Japan held the "5th working group meeting among the foreign ministries of South Korea, the United States, and Japan on responding to North Korean cyber threats" in Washington, the United States, on the 25th–26th of last month.
Regarding the meeting, a U.S. Department of State Spokesperson told VOA, "North Korea has increasingly turned to cybercrime to evade international sanctions and finance its illicit weapons of mass destruction and ballistic missile programs," and "the theft of virtual currency and money laundering have become a substantial part of this strategy."