Blockchain analysis firm Chainalysis reports that North Korea launched at least seven attacks on cryptocurrency platforms last year.
The attacks extracted nearly $400 million worth of digital assets.
Chainalysis said that “once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out.”
The United Nations had accused North Korea of using stolen funds to support its nuclear and ballistic missile programs to circumvent sanctions.
Last year the United States charged three North Korean computer programmers working for the country’s intelligence service with a massive, years-long hacking spree aimed at stealing more than $1.3 billion in money and cryptocurrency, affecting companies from banks to Hollywood movie studios, Reuters recounts.
According to the report, the attackers used phishing lures, code exploits, malware, and advanced social engineering to siphon funds out of these organizations’ internet-connected ‘hot’ wallets into North Korea-controlled addresses.
Chainalysis indicts the Lazarus Group, a hacking group sanctioned by the United States, which says it is controlled by the Reconnaissance General Bureau, North Korea’s primary intelligence bureau.
The group has been accused of involvement in the “WannaCry” ransomware attacks, hacking of international banks and customer accounts, and the 2014 cyber-attacks on Sony Pictures Entertainment.
North Korea also appeared to step up efforts to launder stolen cryptocurrency, significantly increasing its use of mixers, or software tools that pool and scramble cryptocurrencies from thousands of addresses, Chainalysis said.