Despite whatever security features it may be equipped with, cryptocurrency can be stolen just like any other form of currency. And not just in small quantities. It was recently revealed that an army of trained cybercriminals working for the North Korean government managed to steal around $3 billion in cryptocurrency in various online schemes. Frighteningly, the money was then used to fund the country's nuclear weapons program.
The hack is the result of five years of concerted operations that have bilked crypto holders out of funds under false pretenses. Despite the imagery of an elite "hacker army" using pulling off high-tech heists, a lot of the money was stolen using simple scams, like posing as a job recruiter and installing a Trojan horse program disguised as a phony document on the victim's computer. In this particular case, the victim was an engineer at a blockchain gaming company called Sky Mavis, and the software gave the hackers access to the company mainframes, allowing them to steal a reported $600 million largely from players of a virtual pets game called "Axie Infinity."
ED JONES/AFP via Getty Images
That was the single biggest take in the last five years of North Korean cyberheists, according to officials within the US government. The operations have netted the North Korean government a total of $3 billion so far, enough to fund about half of the country's ballistic missile program, again according to US officials.
That's one reason the Sky Mavis theft caught the attention of the White House. Anne Neuberger is the deputy national security adviser for cyber and emerging technology for the Biden administration revealed:
"The real surge in the last year has been against central crypto infrastructure around the world that hold large sums, like Sky Mavis, leading to more large-scale heists…That has driven us to intensely focus on countering this activity."
That's not an easy job, and so far the North Korean hackers have had a total of around 42 documented successes since the operations began in 2018. And even though much of what goes on within the country is a mystery to outsiders, US officials have also documented increases in missile testing across the same period.
One former FBI analyst named Nick Carlsen even goes so far as to call North Korea "a modern-day pirate state," distinct from other country's hacking operations in its focus on financial assets rather than secret information. A 2020 UN report calls the operations like those being pulled off by the hackers as "low-risk, high-reward and difficult to detect, and their increasing sophistication can frustrate attribution."
North Korea has reportedly been linked to many high-profile cybercrimes going much further back than 2018 (we all remember the 2014 Sony hack, for example), but US officials say the country has succeeded in ramping up its operations in recent years, growing much more sophisticated and effective. And the concurrent rise of cryptocurrency has been beneficial in this regard as well.
So it's up to crypto companies as well as the US government to try and create new security measures for the heists, some of which are so sophisticated that officials say their methodologies aren't seen from any other corner of the hacking world. Earlier this year, officials allege that hackers in North Korea pulled off a "cascading supply-chain attack" against two software companies Trading Technologies and 3CX. Using the systems of the latter, they were able to pilfer an untold (but reportedly small) number of individual crypto accounts from exchanges that used 3CX software.
As Sky Mavis COO Aleksander Larsen, whose company was almost destroyed by the attack on their servers, put it: "It's an arms race with these hackers."
