According to the latest report by Chainalysis, cybercrime actors stole $2.2 billion from various cryptocurrency platforms in 2024. Also, $1.3 billion of the unlawful funds were stolen to North Korean hackers, this represents 61 per cent which is more than half of the total illicit funds.
Chainalysis, a blockchain analytics platform that has been analyzing cryptocurrency flows for several years, explained that 2024 is the fifth year in the past decade that hackers have stolen over $1bn from crypto firms.
The 2024 statistics compared to that of 2023 – which recorded $1.8 billion represents a 21 per cent year-on-year (YoY) increase. Individual attacks also rose by 7 per cent to 303 in 2024 from 282 in 2023.
The summed value stolen during the first half of the year was $1.58 billion, which represents an 84 per cent increase on the same period in 2023. If matched in the second half of the year, the figure would have led to losses of more than $3 billion for the entire 2024. Meanwhile, the boils of cyberattacks on cryptocurrency which slowed down during the second half of the year was attributed to geopolitical reasons.
In addition, Chainalysis suggested that the slowdown in attacks during H2 2024 could be a result of Vladimir Putin’s meeting with Kim Jong-un in June. The report felt a deal was struck to release millions of dollars’ worth of North Korean assets previously frozen in compliance with UN Security Council sanctions, and potentially advanced missile and submarine technology.
Following the summit, the report noted that the value of funds stolen by North Korean hackers dropped by 54 per cent.
Other experts claimed that the decline may be tied to shifting priorities as North Korea strengthens ties with Russia and possibly redirects resources to the Ukraine conflict. However, Chainalysis warned that December events or holiday attacks could change the overall picture.
North Korea’s dominance on crypto attacks
On the other end, the report shows that the overall cyberattacks on cryptocurrency platforms from North Koreans are becoming more frequent. Reports show that in 2023, they stole around $660.5 million through 20 incidents while this amount increased to $1.34 billion across 47 cases in 2024, marking a whopping 102.88 per cent surge in stolen value. This means that North Korea accounts for 61 per cent of the total stolen crypto for the year and 20 per cent of all incidents.
The figure revealed that North Korean hackers set a new record for cryptocurrency theft. Globally known for their advanced skills in malware deployment, social engineering, and crypto asset theft, these attackers often channel stolen funds into state-sponsored projects, including weapons of mass destruction and missile programs by avoiding global sanctions.
The report also explained that despite the YoY drop in the total number of incidents across all scales, the statistics of North Korea’s cryptocurrency attacks continue to grow. Mostly in 2024, there was a noticeable dominance in large-scale attacks involving $50 to $100 million and amounts exceeding $100 million.
It added that North Korea (DPRK) is becoming more efficient in orchestrating high-value breaches. This signals a notable change from the past two years when their attacks predominantly generated less than $50 million per incident.
“Notably, attacks between $50 and $100m, and those above $100m, occurred far more frequently in 2024 than they did in 2023, suggesting that the DPRK is getting better and faster at massive exploits. This is in stark contrast to the previous two years, during which its exploits more often yielded profits below $50m,” the report revealed.
Chainalysis reports added that North Korean industrial training workers have increasingly infiltrated crypto and Web3 companies, compromising their systems and integrity through several advanced tactics.
“Some of these events appear to be linked to North Korean IT workers, who have been increasingly infiltrating crypto and Web3 companies, and compromising their networks, operations, and integrity. These workers often use sophisticated tactics, techniques, and procedures (TTPs), such as false identities, third-party hiring intermediaries, and manipulating remote work opportunities to gain access,” the report added.
Earlier in the year, the US Department of Justice arrested 14 North Korean nationals who posed as remote IT employees for US companies. They were accused of stealing proprietary information and extorting employers, resulting in $88 million in illicit earnings.
The report likewise raised concern about the worrisome surge in global attacks on cryptocurrency.
The Nigerian Anti-crime Agency – Economic and Financial Crimes Commission (EFCC) – on Tuesday arrested 792 suspects for their alleged crimes of cryptocurrency investment fraud and online romance scams. The suspects comprise 148 Chinese, 40 Filipinos, two Kharzartans, one Pakistani, and one Indonesian while the rest are Nigerians. The raid was the largest in a day for the agency
Security measures
In order to curb the influx of attacks, the report urged cryptocurrency companies to examine prospective employees more rigorously, ensure periodic training of their teams, and improve private key hygiene to safeguard their assets.
“By fostering stronger partnerships with law enforcement and equipping teams with the resources and expertise to respond rapidly, the crypto industry can reinforce its defenses against theft,” the report reads.
In its words, it also recommended “data-sharing initiatives, advanced tracing tools, and targeted training”. This, it explained, will help crypto firms build a resilience spirit and better identify and alleviate threats.
“Additionally, as crypto regulatory frameworks continue to develop, the scrutiny on platform security and customer asset protection will likely intensify. Industry best practices must keep pace with these changes, ensuring both prevention and accountability,” it concluded.
Technext Newsletter
Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!
