Hackers affiliated with the Democratic People’s Republic of Korea (DPRK) doubled their illicit gains from cryptocurrency theft in 2024 compared to the previous year, according to a December 19 report by blockchain analytics firm Chainalysis. The report highlights the escalating threat posed by DPRK-linked cybercriminals, who reportedly stole over $1.3 billion across 47 incidents, accounting for 61% of all reported crypto thefts in 2024.
The Chainalysis report underscores a worrying trend: North Korean hackers have become more proficient at executing large-scale attacks. The number of incidents yielding between $50 million and $100 million, as well as those exceeding $100 million, rose significantly compared to 2023. This marks a shift from the smaller-scale exploits of the previous two years, where most thefts resulted in profits below $50 million.
“[It] appears that the DPRK’s crypto attacks are becoming more frequent,” Chainalysis stated, adding that their methods have evolved, enabling them to exploit vulnerabilities more effectively.
High-Profile Crypto Breaches
North Korean hacking groups have been linked to some of the most devastating breaches in the crypto sector. These cyberattacks have targeted blockchain firms, exchanges, and decentralized finance (DeFi) platforms, resulting in massive financial losses. U.S. authorities have frequently imposed sanctions on entities linked to the DPRK’s money-laundering operations, emphasizing their role in funding the reclusive regime’s activities.
Despite the uptick in DPRK-related hacks, Chainalysis reported an overall decline in global hacking activity during the third and fourth quarters of 2024. This decline may be linked to geopolitical factors, including North Korea’s growing ties with Russia.
Chainalysis noted a marked decrease in stolen funds attributed to DPRK hackers after July 2024. The timing coincides with heightened diplomatic and military cooperation between North Korea and Russia, leading analysts to speculate that the country may be diversifying its financial strategies away from crypto theft. However, Chainalysis cautioned against drawing definitive conclusions, noting that further hacking incidents could alter the trend before the year’s end.
Globally, hackers stole approximately $2.2 billion in crypto assets in 2024, representing a 21% increase compared to 2023. However, this figure remains significantly lower than the $3.7 billion stolen during the record-setting year of 2022. DeFi platforms were the primary targets in the first quarter of 2024, while centralized services became the focus in subsequent quarters.
Notable incidents include a September breach of crypto exchange BingX, resulting in $44 million in stolen tokens, and a July hack on India-based exchange WazirX, where attackers compromised a Safe multisig wallet on Ethereum to siphon off $235 million — one of the year’s largest heists.
| Year | Total Value Stolen | Major Target Sectors | Largest Theft Incident |
|---|---|---|---|
| 2022 | $3.7 billion | DeFi platforms | Axie Infinity hack ($625M) |
| 2023 | $1.8 billion | Centralized and DeFi | Euler Finance hack ($197M) |
| 2024 | $2.2 billion | DeFi (Q1), Centralized (Q2–Q3) | WazirX hack ($235M) |
Author’s Opinion
The activities of DPRK hackers highlight the persistent challenges faced by the cryptocurrency industry in securing digital assets against sophisticated cybercriminals. While blockchain technology offers transparency, it also presents vulnerabilities that malicious actors exploit with increasing precision. Industry stakeholders must prioritize advanced security protocols, collaborative threat intelligence sharing, and robust regulatory frameworks to deter bad actors. Failure to address these threats comprehensively could undermine trust in the digital asset ecosystem, slowing its broader adoption and innovation.
