A confidential United Nations report has revealed North Korean hackers stole more crypto assets in 2022 than in any other year so far.
The UN report, seen by Reuters, was reportedly submitted to a 15-member North Korea sanctions committee last week.
It found North Korean-linked hackers were responsible for between $630 million and more than $1 billion in stolen crypto assets last year and targeted networks of foreign aerospace and defense companies.
The UN report also noted that cyber attacks were more sophisticated than in previous years, making tracing stolen funds more difficult than ever.
“[North Korea] used increasingly sophisticated cyber techniques both to gain access to digital networks involved in cyber finance, and to steal information of potential value, including to its weapons programmes,” according to independent sanctions monitors in its report to the UN Security Council Committee.
Last week, a Feb. 1 report from blockchain analytics firm Chainalysis came to a similar conclusion, linking North Korean hackers to at least $1.7 billion worth of stolen crypto in 2022, the highest in history.
The firm named the cybercriminal syndicates as the most “prolific cryptocurrency hackers over the last few years.”
“For context, North Korea’s total exports in 2020 totalled $142 million worth of goods, so it isn’t a stretch to say that cryptocurrency hacking is a sizable chunk of the nation’s economy,” Chainalysis said.
According to Chainalysis, at least $1.1 billion of the stolen loot was taken from hacks of DeFi protocols, making North Korea one of the driving forces behind the DeFi hacking trend that intensified in 2022.
The firm also found that North Korea-linked hackers tend to send large sums to mixers such as Tornado Cash and Sinbad.
“In fact, funds from hacks carried out by North Korea-linked hackers move to mixers at a much higher rate than funds stolen by other individuals or groups,” Chainalysis said.
Related: North Korean hacking activity ceases after regulators implement KYC: Report
North Korea has frequently denied allegations of being responsible for cyber attacks, but the new UN report alleged North Korea’s primary intelligence bureau, the Reconnaissance General Bureau uses several groups such as Kimsuky, Lazarus Group and Andariel specifically for cyber attacks.
“These actors continued illicitly to target victims to generate revenue and solicit information of value to the DPRK, including its weapons programmes,” the UN report said.
Submitted before the 15-member council’s North Korea sanctions committee last week, the full report is reportedly due for public release later this month or early March.