Cyber criminals made off with a record $3.8 billion through hacking attacks on cryptocurrency businesses in 2022, according to a report released Wednesday.
The figure surpasses the $3.3 billion in successful crypto hacks that were tracked in 2021. The findings suggest the lion’s share of the thefts, some $1.7 billion, were conducted by hackers based in North Korea.
The data is from a new report by Chainalysis, a data analysis firm that specializes in blockchain technology, that also found hacking activity ebbed and flowed throughout the year, with huge spikes in March and October. Last October saw the biggest single month of crypto hacks, when measured by value, with $775.7 million stolen in 32 separate attacks, according to the report.
Are crypto hacks funding North Korean government operations?
North Korea-linked hackers such as those in cybercriminal syndicate Lazarus Group have been by far the most prolific cryptocurrency hackers over the last few years, according to Chainalysis. In 2022, they shattered their own records for theft, stealing an estimated $1.7 billion worth of cryptocurrency, far outpacing the $429 million in thefts attributed to hackers with North Korean ties in 2021.
According to a November report by The Conversation, North Korea sponsors several hacker groups, including Lazarus Group (also called Guardian of Peace and Whois Team) and Advanced Persistent Threat 38 (APT38).
In 2016, Lazarus hackers came close to stealing $1 billion from Bangladesh’s national bank, but a typo in the computer code meant they only got away with $81 million.
Since then, they’ve refined their methods. Lazarus has been accused of stealing $571 million from cryptocurrency exchanges between January 2017 and September 2018, $316 million from 2019 to November 2020, and $840 million in the first five months of 2022.
The stolen funds are reportedly being used to bolster North Korea’s nuclear weapons development programs.
How are crypto hackers finding so much success?
Chainalysis reports hackers targeting cryptocurrency businesses are finding their biggest success on decentralized finance, or DeFi, platforms that utilize blockchain technology for peer-to-peer fund transfers, loans and other transactions that eliminate a centralized “authority” like banks or lending institutions.
DeFi protocols as victims accounted for 82.1% of all cryptocurrency stolen by hackers in 2022 — a total of $3.1 billion — up from 73.3% in 2021. And of that $3.1 billion, 64% came from protocols that aid cryptocurrency transfers from one blockchain platform to another.
So, why aren’t DeFi platforms doing a better job in securing against cyber hackers? David Schwed, chief operating officer for blockchain cybersecurity firm Halborn, told Chainalysis that many DeFi companies just aren’t dedicating enough resources to security operations and oversight.
“A big protocol should have 10 to 15 people on the security team, each with a specific area of expertise,” Schwed said. “The DeFi community generally isn’t demanding better security — they want to go to protocols with high yields. But those incentives lead to trouble down the road.”