In recent years, the surge in cryptocurrency adoption has been shadowed by a darker trend: the rise of crypto-related cybercrime. A recent U.N. report reveals a shocking statistic—North Korea stole between $630 million to over $1 billion in cryptocurrency last year. This staggering sum is more than double the total amount stolen in 2021.
But what makes this revelation even more alarming is the intricate web of international relations it impacts. New data from Chainalysis, a blockchain analytics firm, shows that North Korea is laundering these stolen assets through Russia-based exchanges. This adds a layer of geopolitical complexity to an already intricate issue.
The implications of North Korea's crypto theft are far-reaching, affecting not just the global financial system but also international security.
In this article, we'll delve into the scale of North Korea's crypto theft, their tactics, and the broader impact on sanctions and international relations. We'll also explore how blockchain technology, while facilitating these illicit activities, offers unique tools for investigation and prevention.
The Scale of North Korea's Crypto Theft
The numbers are staggering. According to a U.N. Security Council report, North Korea stole a record sum of cryptocurrency last year. The estimated amount ranges from $630 million to over $1 billion.
This figure is more than double the amount stolen in 2021.
Chainalysis data adds another layer to the scale of the problem. The value of stolen cryptocurrency associated with North Korean groups is reported to be over $340.4 million for the end of the third quarter in 2023.
It's essential to contextualize these numbers. In 2022, the total amount of cryptocurrency stolen globally was estimated at $3.54 billion. North Korea-linked groups were responsible for nearly 30% of that total.
The numbers for 2023 show a decrease in the total value of stolen cryptocurrency. However, this is not necessarily a sign of progress.
Last year set an unusually high benchmark. High-profile hacks, like the one targeting the Ronin Network, accounted for $600 million of the total funds stolen.
The scale of North Korea's crypto theft is not just a financial issue. The U.N. report suggests that the stolen funds are likely used to finance North Korea's nuclear and missile programs.
The Russia Connection
North Korea's crypto theft activities have taken a disturbing turn with the involvement of Russia.
Recent data from Chainalysis reveals that $21.9 million in cryptocurrency stolen from Harmony Protocol was transferred to a Russia-based exchange known for processing illicit transactions.
This marks a significant escalation in the partnership between the cyber underworlds of these two nations.
Russia's role in this is far from passive. The country's exchanges have become a haven for laundering illicitly obtained crypto assets, including those stolen by North Korean hacking groups. This collaboration is not new; evidence shows that North Korean entities have been using Russian services for money laundering since 2021.
The implications of this alliance are manifold. Russia's notoriously uncooperative stance toward international law enforcement efforts makes the prospect of recovering stolen funds particularly grim.
While other countries' exchanges often cooperate with global authorities, Russia's track record of non-compliance significantly reduces the chance of asset recovery.
Targets and Tactics
North Korea's crypto theft operations are far from random. They are meticulously planned and executed. The focus is on high-value digital assets and platforms.
High-profile hacks are the hallmark of North Korean operations. Take last year, for example. The notorious hacker collective Lazarus Group targeted the Ronin Network). This is a sidechain created for the popular play-to-earn game Axie Infinity.
The impact? Significant. It accounted for $600 million of the total funds stolen.
But it's not just about stealing. Laundering the assets to make them usable is the next step.
Enter Tornado Cash. North Korea has turned to decentralized mixing services like this for laundering. Tornado Cash was sanctioned in August 2022 and again in November. Why? Primarily for facilitating money laundering related to cryptocurrency hacks by North Korean cybercriminals.
What makes Tornado Cash particularly concerning? Its decentralized nature.
Unlike centralized services, no single entity can easily "pull the plug" on Tornado Cash. This raises questions. Questions about the feasibility of sanctioning such services and who, if anyone, can be held responsible for the criminal activities they facilitate.
The Impact on Sanctions and International Relations
The theft of cryptocurrency by North Korea isn't just a financial issue. It has far-reaching implications for international relations and sanctions.
The U.N. report urges member countries to adopt guidelines from the Financial Action Task Force (FATF). The aim is to prevent virtual assets from being used to acquire weapons of mass destruction.
North Korea's crypto activities are a slap in the face to existing sanctions. They undermine international efforts to curb the country's nuclear ambitions.
The stolen funds provide a financial lifeline that can be used for various illicit activities, including the procurement of military equipment.
Moreover, the report touches on North Korea's suspected exports of military communications equipment to Russia. This adds another layer of complexity to the geopolitical landscape, especially considering Russia's ongoing invasion of Ukraine.
The Security Council and individual member countries have used such reports in the past as a basis for new sanctions. However, the effectiveness of these sanctions is increasingly being called into question. The crypto thefts indicate that North Korea is finding ways to circumvent these measures, raising concerns about the future efficacy of international sanctions.
The Blockchain Paradox
Interestingly, the same features that make blockchain a haven for illicit activities also make it a powerful tool for law enforcement.
Unlike traditional financial systems, blockchain doesn't allow for the hiding of illicit activities behind shell companies or uncooperative banking jurisdictions.
Chainalysis and other blockchain analytics firms equip authorities with tools to interpret transaction data. This enables them to trace the flow of stolen funds back to their source. In essence, the blockchain can serve as a double-edged sword.
The Harmony Protocol incident, among others, has led to an increased focus on blockchain analytics.
These tools can potentially dismantle cybercrime operations from their core, even if those operations are state-sponsored by nations like North Korea.