Connect with us


Crypto Crash Threatens North Korea’s Stolen Funds as It Ramps Up Weapons Tests




By Reuters | Updated: 29 June 2022

The nosedive in cryptocurrency markets has wiped out millions of dollars in funds stolen by North Korean hackers, four digital investigators say, threatening a key source of funding for the sanctions-stricken country and its weapons programmes.

North Korea has poured resources into stealing cryptocurrencies in recent years, making it a potent hacking threat and leading to one of the largest cryptocurrency heists on record in March, in which almost $615 million (roughly Rs. 4900 crore) was stolen, according to the US Treasury.

The sudden plunge in crypto values, which started in May amid a broader economic slowdown, complicates Pyongyang’s ability to cash in on that and other heists, and may affect how it plans to fund its weapons programmes, two South Korean government sources said. The sources declined to be named because of the sensitivity of the matter.

It comes as North Korea tests a record number of missiles — which the Korea Institute for Defense Analyses in Seoul estimates have cost as much as $620 million (roughly Rs. 4900 crore) so far this year — and prepares to resume nuclear testing amid an economic crisis.

Old, unlaundered North Korean crypto holdings monitored by the New York-based blockchain analytics firm Chainalysis, which include funds stolen in 49 hacks from 2017 to 2021, have decreased in value from $170 million (roughly Rs. 1300 crore) to $65 million (roughly Rs. 500 crore) since the beginning of the year, the company told Reuters.

One of North Korea’s cryptocurrency caches from a 2021 heist, which had been worth tens of millions of dollars, has lost 80 percent to 85 percent of its value in the last few weeks and is now worth less than $10 million (roughly Rs. 10 crore), said Nick Carlsen, an analyst with TRM Labs, another US-based blockchain analysis firm.

A person who answered the phone at the North Korean embassy in London said he could not comment on the crash because allegations of cryptocurrency hacking are “totally fake news.”

“We didn’t do anything,” said the person, who would only identify himself as an embassy diplomat. North Korea’s foreign ministry has called such allegations US propaganda.

The $615 million March attack on blockchain project Ronin, which powers the popular online game Axie Infinity, was the work of a North Korean hacking operation dubbed the Lazarus Group, US authorities say.

Carlsen told Reuters that the interconnected price movements of different assets involved in the hack made it difficult to estimate how much North Korea managed to keep from that heist.

If the same attack happened today, the Ether currency stolen would be worth a bit more than $230 million (roughly Rs. 1900 crore), but North Korea swapped nearly all of that for Bitcoin, which has had separate price movements, he said.

“Needless to say, the North Koreans have lost a lot of value, on paper,” Carlsen said. “But even at depressed prices, this is still a huge haul.”

The United States says Lazarus is controlled by the Reconnaissance General Bureau, North Korea’s primary intelligence bureau. It has been accused of involvement in the “WannaCry” ransomware attacks, hacking of international banks and customer accounts, and the 2014 cyber-attacks on Sony Pictures Entertainment.

Analysts are reluctant to provide details about what types of cryptocurrency North Korea holds, which might give away investigation methods. Chainalysis said that Ether, a common cryptocurrency linked to the open-source blockchain platform Ethereum, was 58 percent or about $230 million, of the $400 million (roughly Rs. 3100 crore) stolen in 2021.

Chainalysis and TRM Labs use publicly available blockchain data to trace transactions and identify potential crimes. Such work has been cited by sanctions monitors, and according to public contracting records, both firms work with US government agencies, including the IRS, FBI and DEA.

North Korea is under widespread international sanctions over its nuclear programme, giving it limited access to global trade or other sources of income and making crypto heists attractive, the investigators say.

‘Fundamental’ to nuclear programme

Although cryptocurrencies are estimated to be only a small portion of North Korea’s finances, Eric Penton-Voak, a coordinator of the United Nations panel of experts that monitors sanctions, said at an event in April in Washington, D.C., that cyberattacks have become “absolutely fundamental” to Pyongyang’s ability to evade sanctions and raise money for its nuclear and missile programmes.

In 2019, sanctions monitors reported that North Korea had generated an estimated $2 billion (roughly Rs. 16,000 crore) for its weapons of mass destruction programmes using cyberattacks.

One estimate from the Geneva-based International Campaign to Abolish Nuclear Weapons says North Korea spends about $640 million (roughly Rs. 5,000 crore) per year on its nuclear arsenal. The country’s gross domestic product was estimated in 2020 to be around $27.4 billion (roughly 2 lakh crore), according to South Korea’s central bank.

Official sources of revenue for Pyongyang are more limited than ever under self-imposed border lockdowns to combat COVID-19. China – its biggest commercial partner – said in 2021 that it had imported just over $58 million (roughly 500 crore) in goods from North Korea, amid some of the lowest level of official bilateral trade in decades. Official numbers do not include smuggling.

North Korea already only gets a fraction of what it steals because it must use brokers willing to convert or buy cryptocurrencies with no questions asked, said Aaron Arnold of the RUSI think-tank in London. A February report by the Center for a New American Security (CNAS) estimated that in some transactions, North Korea only gets one-third of the value of the currency it has stolen.

After obtaining cryptocurrency in a heist, North Korea sometimes converts it to Bitcoin, then finds brokers who will buy it at a discount in exchange for cash, which is often held outside the country.

“Much like selling a stolen Van Gogh, you’re not going to get fair market value,” Arnold said.

Converting to cash

The CNAS report found that North Korean hackers exhibit only “moderate” concern over hiding their role, compared to many other attackers. That allows investigators to sometimes follow digital trails and attribute attacks to North Korea, though rarely in time to recover the stolen funds.

According to Chainalysis, North Korea has turned to sophisticated ways of laundering stolen cryptocurrency, increasing its use of software tools that pool and scramble cryptocurrencies from thousands of electronic addresses – a designator for a digital storage location.

The contents of a given address are often publicly viewable, allowing firms such as Chainalysis or TRM to monitor any that investigations have linked to North Korea.

Attackers have tricked people into giving access or hacked around security to siphon digital funds out of internet-connected wallets into North Korea-controlled addresses, Chainalysis said in a report this year.

The sheer size of recent hacks has strained North Korea’s capacity to convert cryptocurrency to cash as quickly as in the past, Carlsen said. That means some funds have been stuck even as their value drops.

Bitcoin has lost about 54 percent of its value this year and smaller coins have also been hit hard, mirroring a slide in equities prices linked to investor concerns about rising interest rates and the growing likelihood of a global recession.

“Converting to cash remains a key requirement for North Korea if they want to use the stolen funds,” said Carlsen, who investigated North Korea as an analyst at the FBI. “Most of the commodities or products the North Koreans want to buy are only traded in USD or other fiat, not cryptocurrencies.”

Pyongyang has other, larger sources of funding that it can rely on, Arnold said. U.N. sanctions monitors have said as recently as December 2021 that North Korea continues to smuggle coal — usually to China and other major exports banned under Security Council resolutions.

Volatile Currencies

North Korean hackers sometimes appear to wait out rapid dips in the value or exchange rates before converting to cash, said Jason Bartlett, the author of the CNAS report.

“This sometimes backfires as there is little certainty in predicting when the value of a coin will rapidly increase and there are several cases of highly depreciated crypto funds just sitting in North Korea-linked wallets,” he said.

Sectrio, the cybersecurity division of Indian software firm Subex, said there are signs North Korea has begun ramping up attacks on conventional banks again rather than cryptocurrencies in recent months.

The firm’s banking sector-focused “honeypots” – decoy computer systems intended to attract cyberattacks – have seen an increase in “anomalous activities” since the crypto crash, as well as an increase in “phishing” emails, which try to fool recipients into giving away security information, Sectrio said in a report last week.

But Chainalysis said it had yet to see a major change in North Korea’s crypto behaviour, and few analysts expect North Korea to give up on digital currency heists.

“Pyongyang has added cryptocurrency into its sanctions evasion and money laundering calculus and this will likely remain a permanent target,” Bartlett said.

© Thomson Reuters 2022


Bitcoin falls below $19,000 as cryptos creak under rate hike risk




By: Reuters, Updated September 19, 2022

SINGAPORE, Sept 19 (Reuters) – Cryptocurrencies fell to fresh lows on Monday on regulatory concerns and as investors globally turned shy on risky assets with interest rate rises looming around the world.

Bitcoin , the biggest cryptocurrency by market value, fell about 5% to a three-month low of $18,387.

Ether , the second largest cryptocurrency, dropped 3% to a two-month low of $1,285 and is down more than 10% in the last 24 hours. Most other smaller tokens were deeper in the red.

The Ethereum blockchain, which underpins the ether token, had a major upgrade over the weekend called the Merge that changes the way transactions are processed and cuts energy use.

The token’s value has fallen amid some speculation that remarks last week from U.S. Securities and Exchange Commission Chairman Gary Gensler implied the new structure could attract extra regulation. Trades around the upgrade also were unwound.

“It’s speculation as to what might or might not happen,” said Matthew Dibb, COO of Singapore crypto platform Stack Funds, on the regulatory outlook.

“A lot of the hype has come out of the markets since the Merge,” he said. “It’s really been a sell-the-news type of event,” he added, given the nervous global backdrop, and said ether could test $950 in coming months.

“Looking at the landscape right now, both fundamentally and technically, it’s not looking great. There’s no immediate bullish catalyst that we can see that’s going to prop up these markets and bring in a whole lot of new money and liquidity.”

Continue Reading


Bitcoin once again slips below $20,000




By: Reuters, September 18, 2022

Sept 18 (Reuters) – Bitcoin on Sunday dropped 1.54% to $19,804, slipping from the 20,000 mark after losing $310 from its previous close.

The world’s biggest and best-known cryptocurrency is down 58.9% from the year’s high of $48,234 on March 28.

Ether , the coin linked to the ethereum blockchain network, dropped 3.2 % to $1,422.1 on Sunday, losing $47 from its previous close.

Continue Reading


U.S. seizes $30 mln in crypto from North Korea-linked hackers




By: Reuters, September 9, 2022

Sept 8 (Reuters) – The United States has seized over $30 million in cryptocurrency stolen by North Korean-linked hackers Lazarus from the popular online game Axie Infinity, crypto intelligence firm Chainalysis said on Thursday.

The company said in a blog post it played a role in the recovery with U.S. law enforcement and other crypto organizations, without naming them, in the first ever recovery of stolen cryptocurrency by a North Korea hacking group.

Chainalysis and North Korea’s mission to the United Nations did not immediately respond to requests for comment. The FBI did not immediately respond to a request for comment.

The seizures represent about 10% of the total funds stolen in March from Ronin Network, a sidechain built for the play-to-earn game Axie Infinity, Chainalysis said.

Ronin said in March hackers stole about $615 million in cryptocurrency.

“We estimate that so far in 2022, North Korea-linked groups have stolen approximately $1 billion of cryptocurrency from DeFi protocols,” Chainalysis said. He was referring to decentralized finance protocols, an umbrella term for financial services offered on public blockchains.

The U.S Department of Treasury in May sanctioned virtual currency mixer Blender, saying it was used in the laundering process for the Axie Infinity heist.

The Treasury Department in April also linked Lazarus to the attack.

Continue Reading


Crypto gaming firm Animoca Brands raises $110 million




By: Reuters, September 8, 2022

LONDON, Sept 8 (Reuters) – Hong Kong-based blockchain gaming developer Animoca Brands has raised $110 million from investors, the company said in a statement on Thursday.

The company said the fund raising values the company “similar to its previous funding round” but did not specify its new valuation.

In July, Animoca said it had a valuation of around $5.5 billion. read more

(This story corrects paragraph 1 to read Hong Kong-based not Singapore)

Continue Reading


Binance to convert users’ USDC into its own stablecoin




By: Reuters, September 6, 2022

Sept 5 (Reuters) – Binance, the world’s largest crypto exchange, said on Monday it is introducing “BUSD Auto-Conversion,” which will be used to convert any existing user balances and new deposits of USD Coin (USDC), Pax Dollar (USDP) and True USD (TUSD) into its own stablecoin.

The move is intended to enhance liquidity and capital efficiency for users, the company said in a statement.

Binance said it will remove and cease any trading on spot pairs that include USDC, USDP and TUSD; it will start the conversion on Sept. 29.

USDC, which is principally operated by Circle Internet Financial and is the second largest stablecoin, has a nearly $51.9 billion market capitalization. Binance’s stablecoin, BUSD, is valued at about $19.4 billion, according to crypto data provider CoinGecko.

USDC products affected include saving accounts, DeFi staking subscriptions and crypto loans, which will be closed and liquidated on Sept. 23.

Continue Reading


Crypto Exchange FTX Ordered to Halt ‘False and Misleading’ Claims by US Bank Regulator




By Reuters | Updated: 20 August 2022

A US bank regulator ordered crypto exchange FTX on Friday to halt what it called “false and misleading” claims the exchange had made about whether funds at the company are insured by the government. The Federal Deposit Insurance Corporation said a July tweet by Brett Harrison, head of FTX’s US operations, contained misleading claims that funds held at and stocks purchased through FTX were FDIC insured, and ordered the company to remove any misleading language from its social media accounts and websites.

In the tweet, which Harrison has since deleted, he stated that direct deposits from employers to the crypto exchange are “stored in individually FDIC-insured bank accounts” and that stocks purchased via FTX US “are held in FDIC-insured” brokerage accounts. The FDIC said in its cease and desist letter to FTX US that those statements implied that FDIC insurance was available for cryptocurrency and stock holdings, and that the agency does not insure brokerage accounts.

The order, one of five sent to crypto firms by the FDIC on Friday, comes as regulators have ramped up efforts to police crypto firms that may be misleading investors on whether their funds enjoy a government backstop. The issue has come to a head of late, as turmoil in the crypto market has led to stress and the collapse of some high profile firms.

The bank regulator issued a similar cease and desist letter to bankrupt crypto firm Voyager Digital, arguing that the company had misled customers by claiming their funds with Voyager would be covered by the FDIC. Later, the FDIC issued an advisory urging banks dealing with crypto companies to ensure that customers are aware of what types of assets are government-insured, particularly in cases where firms offer a mix of uninsured crypto products alongside insured bank deposit products.

© Thomson Reuters 2022

In a tweet on Friday, FTX CEO Sam Bankman-Fried emphasised FTX is not FDIC-insured, and apologised if anyone misinterpreted previous comments.

Continue Reading