Hacking groups linked to North Korea are increasingly using exchanges in Russia to launder crypto, Chainalysis revealed. The shift in their strategy, registered by the blockchain forensics firm, coincides with a drop in the value of the stolen cryptocurrency this year in comparison with the record-breaking 2022.
Chainalysis Report Alleges New Alliance Between North Korean and Russian Cybercriminals
Onchain data examined by crypto analytics company Chainalysis suggests that hackers associated with the Democratic People’s Republic of Korea (DPRK) are more and more often using cryptocurrency exchanges based in the Russian Federation to launder illicit digital assets.
The release of the report coincides with a summit of the leaders of the two sanctioned nations, Kim Jong-un and Vladimir Putin, who met for suspected arms talks. It also comes as U.N. sanctions monitors are drawing attention to Pyongyang’s changing tactics in cyberattacks against crypto and financial exchanges seeking to obtain funds for its nuclear weapons and missile programs.
Chainalysis provides an example with the recent transfer of cryptocurrency worth $21.9 million stolen from Harmony Protocol to a Russian exchange known for processing illicit transactions. The company also said it has evidence showing that North Korean entities have been using this platform and other services in Russia to launder money in the past couple of years and emphasized:
This latest action marks a significant escalation in the partnership between the cyber underworlds of these two nations.
The authors of the report also pointed out that while the mainstream centralized exchanges previously used by DPRK hackers typically cooperate with international efforts, Russia’s cryptocurrency exchanges and law enforcement agencies “have a track record of non-compliance, significantly reducing the chance of asset recovery.”
Chainalysis data shows that the value of stolen cryptocurrency associated with North Korean hacking groups exceeds $340.4 million so far in 2023, compared to $1.65 billion last year. The analytics firm said, however, that while North Korea-linked hackers are likely going to steal much less cryptocurrency than they did in 2022, it should be noted that last year’s figures were extraordinarily high.
“With the total amount of cryptocurrency stolen estimated at $3.54 billion, DPRK continues to be an incubator for hacking activities and remains one of the largest active threats in the cybercrime landscape,” Chainalysis concluded. According to its estimates, while their share has decreased, groups associated with the communist state still account for 29.7% of the cryptocurrency stolen through hacks in 2023.
Do you think Russian and North Korean cybercrime actors are cooperating to launder cryptocurrency stolen by DPRK-linked hackers? Tell us in the comments section below.