Japan, South Korea, and the US warned the global crypto industry about threats posed by hacks attributed to North Korean actors in a joint statement published on Jan. 14.
According to the statement, groups allegedly tied to the Democratic People’s Republic of Korea (DPRK) are targeting exchanges, crypto custodians, and individual users. It highlighted the activity of the notorious “Lazarus Group,” which continues to engage in highly strategic cybercrime campaigns.
The authorities highlighted high-profile hacks in 2024, such as the DMM Bitcoin, Upbit, and Rain Management, all of which are tied to North Korean actors. These hacks resulted in over $370 million in losses cumulatively.
Additionally, retrospective analyses have revealed significant breaches in 2023, including a $235 million theft on WazirX and the $50 million hack of the money market Radiant Capital.
Evolving tactics
The statement also highlighted the use of social engineering and malware strategies. It highlighted tools such as TraderTraitor and AppleJeus deployed in targeted attacks to infiltrate and compromise victims.
Governments have also observed a trend of DPRK IT workers embedded within global private sector organizations, posing insider threats.
To address these risks, the US, South Korea, and Japan have issued numerous advisories urging businesses, particularly in the blockchain and freelance industries, to vet their workforce and rigorously bolster cybersecurity measures.
Furthermore, the trilateral warning emphasizes the importance of deeper collaboration between governments and private sector stakeholders.
In the US, initiatives such as the Illicit Virtual Asset Notification (IVAN) program, the Cryptoasset and Blockchain Information Sharing and Analysis Center (Crypto-ISAC), and the Security Alliance (SEAL) have been launched to improve incident response and information sharing.
Similarly, South Korea and Japan have intensified efforts to strengthen coordination within their respective regions. The Japan Virtual and Crypto Assets Exchange Association (JVCEA) and the Korean government have initiated self-inspections and symposiums to enhance public-private partnerships.
Trilateral cooperation extends beyond the crypto sector. All three countries have imposed sanctions on DPRK cyber actors and jointly enhanced cybersecurity capabilities across the Indo-Pacific.
Over $1 billion
According to the blockchain security firm Cyvers, victims lost $2.3 billion to crypto fraud in 2024.
The firm noted that hackers use various attack vectors, such as access control breaches, and were responsible for 67 incidents last year.
According to Chainalysis, security incidents related to North Korean actors resulted in the theft of $1.3 billion worth of crypto in the same year.
The amount represented a 103% increase from the $660 million attributed to North Korean hackers in 2023, highlighting the growing threat these actors pose to crypto investors and businesses.
The post Japan, South Korea, and the US issue joint warning over North Korea-related crypto thefts appeared first on CryptoSlate.
