North Korea has been alleged to have stolen more cryptocurrency assets last year than any other year, according to an United Nations (UN) report.
Reuters broke the news after the country was alleged to have targeted foreign aerospace and defence companies to enact the cryptocurrency crimes, using cyberattacks to help fuel its nuclear and missile programs.
It is believed that South Korea estimates that North Korean hackers stole virtual assets worth up to $630m last year. In addition, an unknown cybersecurity company indicates that the country’s alleged cybercrime activities resulted in more than $1bn being stolen in total.
South Korean security monitors believe that a “higher value of cryptocurrency assets was stolen by the North Korean actors in 2022 than in any previous year”.
This was reported via a 15 member council last Friday, citing information from the UN member states, as well as cybersecurity firms.
North Korea has denied the allegations of hacking or any other cyberattacks made in previous years.
The UN Security Council committee report reads: “(North Korea) used increasingly sophisticated cyber techniques both to gain access to digital networks involved in cyber finance, and to steal information of potential value, including to its weapons programmes.
“The variation in USD value of cryptocurrency in recent months is likely to have affected these estimates, but both show that 2022 was a record-breaking year for DPRK virtual asset theft.
“The techniques used by cyber threat actors have become more sophisticated, thus making tracking stolen funds more difficult.”
The cyberattacks were reportedly carried out by North Korea’s primary intelligence bureau – the Reconnaissance General Bureau – and is believed to have included hacking teams to conduct its alleged stolen crypto.
The UN report outlines that these hacking teams performed malware through various methods such as phishing to obtain stolen crypto, with one campaign targeting employees in other countries.
“These actors continued illicitly to target victims to generate revenue and solicit information of value to the DPRK including its weapons programmes,” detailed the UN report.
“Initial contacts with individuals were made via LinkedIn, and once a level of trust with the targets was established, malicious payloads were delivered through continued communications over WhatsApp.”
The UN report is due to be released later this month or early next month to the public.