Threat actors managed to steal a staggering $2.2 billion from cryptocurrency platforms in 2024, with the majority of the illicit funds (61%) being attributed to North Korean hackers, as per findings from blockchain analytics company Chainalysis. This marks the fifth year in the past decade where hackers have successfully pilfered over $1 billion from crypto firms.
The total amount stolen in 2024 represents a substantial 21% increase compared to the previous year, with the number of individual incidents also on the rise, jumping from 282 in 2023 to 303 in 2024. However, the intensity of these attacks seemed to taper off in the latter half of the year, potentially due to geopolitical factors. Between January and July 2024, a total of $1.58 billion was siphoned, marking an 84% increase compared to the same period in 2023. Had this trend continued into the second half of the year, losses could have exceeded $3 billion.
Chainalysis speculated that the decline in attacks could be linked to a meeting between Vladimir Putin and Kim Jong-un in June, where a deal was potentially struck to release frozen North Korean assets and possibly advanced missile and submarine technology. Following the summit, the value of funds stolen by North Korean hackers dropped by 54%. Nonetheless, attacks originating from North Korea are becoming more frequent.
The report highlighted that attacks ranging from $50 million to over $100 million occurred more frequently in 2024 compared to the previous year, indicating an improvement in the DPRK’s ability to conduct large-scale exploits. Conversely, there was also a rise in hacks yielding lower amounts, around $10,000 in value.
Chainalysis cautioned that North Korean IT workers are increasingly infiltrating crypto and Web3 companies, utilizing sophisticated tactics to compromise networks and operations. To combat these threats, the company recommended companies to enhance employee vetting procedures, improve private key security, and implement data-sharing initiatives, advanced tracing tools, and targeted training to bolster resilience against cyber threats.
As regulatory frameworks in the crypto space continue to evolve, the scrutiny on platform security and customer asset protection will likely intensify. It is crucial for industry players to stay abreast of these changes, adhere to best practices, and forge stronger partnerships with law enforcement agencies to fortify defenses against theft. By equipping teams with the necessary resources and expertise to respond swiftly, the crypto industry can better safeguard its assets and mitigate the risk of cyberattacks.