A 2024 cyber attack involving Polyfill.io was long assumed to be the work of Chinese hackers, but new evidence indicates it was more likely North Korea’s state-sponsored hacking teams making use of a Chinese front company.
The majority of the $2 billion stolen by the North Korean hackers this year came from crypto exchange Bybit, which was hit for $1.46 billion in February. About 30 more recorded incidents this year make up the difference of a little over half a billion dollars, though the Elliptic researchers warn there are likely more unreported and unattributed instances of stolen crypto out there.
North Korea’s Lazarus hackers appear to have pulled off another record-setting crypto theft as security researchers are attributing the $1.5 billion Bybit hack to them.
North Korean hackers have set another record for themselves in 2024, topping all previous campaigns with $1.34 billion of stolen crypto.
US federal grand jury has indicted Rim Jong Hyok of North Korea in connection with a 2022 campaign that saw the North Korean Hacker first conduct ransomware attacks against hospitals for profit, then turn those funds to conduct data theft attacks against the US Air Force, NASA and assorted defense contractors.
A report issued by South Korea’s National Police Agency indicates that the “big three” of North Korean hackers have all been involved in a project to hack national defense companies since at least late 2022.
Report from Chainalysis finds that ties between North Korea’s state-backed APT groups and Russian cyber criminal cartels are deepening. In the past two years North Korean hackers are finding refuge at illicit Russian crypto exchanges to move their funds back home.