“North Korean Hackers Steal $659 Million in Crypto in 2024, Report US, Japan, South Korea”

In 2024, cyber actors from North Korea’s Democratic People’s Republic of Korea (DPRK) managed to steal a staggering $659 million in cryptocurrency, according to a joint statement from the United States, Japan, and South Korea. The report revealed five major heists, with the most significant being a $235 million theft from Indian crypto exchange WazirX, attributed to the notorious Lazarus Group, a hacking organization believed to be sponsored by North Korea. Lazarus has a history of high-profile cybercrimes, including the $625 million theft from Axie Infinity in 2022.

The largest theft of the year took place in Japan, where hackers targeted DMM Bitcoin, resulting in a $308 million loss and causing the exchange to shut down. The report emphasized that North Korea continues to aggressively target the cryptocurrency sector, using sophisticated tactics like social engineering to deploy malicious software such as TraderTraitor and AppleJeus.

Authorities from the US, South Korea, and Japan issued warnings about the growing threat, noting that these attacks often involve personalized phishing schemes. Hackers create elaborate fake scenarios—such as job offers or business opportunities—using information and images gathered from victims’ social media accounts to gain their trust.

A September 2024 FBI warning highlighted the risks of unknowingly hiring North Korean IT workers, urging businesses to be vigilant against cyber infiltration. Similarly, Japan and South Korea issued alerts about hackers increasingly exploiting trusted contacts and impersonating well-known figures in the cryptocurrency world. As these attacks evolve, authorities stress the need for heightened awareness and stronger security measures.