Anonymous

North Korean hackers use Russian crypto exchanges for Money Laundering

In a startling revelation, a recent report has exposed the intricate web of cybercriminal activity involving North Korean hackers using Russian crypto exchanges. The report sheds light on how these hackers are utilizing these exchanges to launder stolen cryptocurrencies, raising serious concerns about the global cybersecurity landscape.  Hacker collectives associated with North Korea have shown a growing preference for utilizing Russian exchanges in the process of laundering cryptocurrencies, as disclosed by Chainalysis. This shift in their modus operandi, as detected by the blockchain forensics firm, has occurred concurrently with a decline in the value of pilfered cryptocurrencies this year, in stark contrast to the record-breaking figures of 2022.

Chainalysis Report Suggests Emerging Collaboration Between North Korean and Russian Cybercriminals

“Cryptocurrency analytics firm Chainalysis, upon scrutinizing on-chain data, indicates a growing trend wherein hackers associated with the Democratic People’s Republic of Korea (DPRK) are increasingly resorting to cryptocurrency exchanges situated within the Russian Federation for the purpose of laundering illicit digital assets.

The publication of this report coincides with a summit between the leaders of these two sanctioned nations, Kim Jong-un and Vladimir Putin, where discussions on potential arms-related matters are suspected to have taken place. Concurrently, United Nations sanctions monitors have raised concerns over Pyongyang’s evolving tactics in cyberattacks, particularly against cryptocurrency and financial exchanges, as it seeks funds to support its nuclear weapons and missile programs.

Chainalysis provides a concrete illustration of this trend, citing the recent transfer of stolen cryptocurrency valued at $21.9 million from Harmony Protocol to a Russian exchange with a history of processing unlawful transactions. The firm also presents evidence suggesting that North Korean entities have been employing this platform, along with other Russian-based services, for money laundering purposes over the past couple of years, underlining the following:”

This latest action marks a significant escalation in the partnership between the cyber underworlds of these two nations.

Challenges in Asset Recovery and Shifting Trends in North Korean Hacking

Furthermore, the report’s authors highlighted a notable distinction. While mainstream centralized exchanges previously frequented by DPRK hackers tend to collaborate with international initiatives, Russian cryptocurrency exchanges and law enforcement agencies have developed a history of non-cooperation, substantially diminishing the prospects of recovering misappropriated assets.

Chainalysis data reveals that the cumulative value of pilfered cryptocurrency attributed to North Korean hacking groups has surpassed $340.4 million thus far in 2023, in contrast to the staggering $1.65 billion recorded last year. The analytics firm, however, cautioned that although it is anticipated that North Korea-affiliated hackers will likely steal considerably fewer cryptocurrencies than in 2022, it is essential to recognize that the figures from the previous year were exceptionally elevated.”

Chainalysis reached a significant conclusion, stating, ‘Despite a total estimated cryptocurrency theft of $3.54 billion, the Democratic People’s Republic of Korea (DPRK) remains a prolific breeding ground for cyberattacks and ranks among the most substantial ongoing threats in the realm of cybercrime.’ Their analysis suggests that, although their percentage has declined, collectives linked to this communist state continue to represent 29.7% of the cryptocurrency stolen as a result of hacking activities in 2023.


The Chainalysis report has unveiled a concerning nexus between North Korean hackers using Russian crypto exchanges, showcasing the evolving tactics used to launder stolen digital assets. This revelation comes at a critical juncture, coinciding with a summit between Kim Jong-un and Vladimir Putin and heightened scrutiny from U.N. sanctions monitors. The challenges in tracking and recovering these illicit funds are exacerbated by the lack of compliance within the Russian cryptocurrency ecosystem. While the total value of stolen cryptocurrency has decreased in 2023, North Korean hackers remain a persistent and formidable threat, underlining the imperative for strengthened international cooperation and enhanced cybersecurity measures.

Also Read: FTX Reopens the Claims Portal After Recuperating from Cyber Attack.