Share this article
North Korean Hackers Stole $400M in 2021, Mostly in Ether
For the first time, DeFi mixers were the biggest money-laundering tool for North Korean hackers.
Updated May 11, 2023, 3:41 p.m. Published Jan 14, 2022, 11:59 a.m.
North Korean hackers stole almost $400 million worth of digital assets from crypto platforms last year, mostly in the form of ether, according to a Chainalysis report published on Thursday.
- For the first time, ether accounted for most – 58% – of the stolen funds, according to the report. It was followed by altcoins and ERC-20 tokens, with bitcoin at just 20% of the total, Chainalysis said.
- The increased variety of tokens has led the hackers to step up their efforts to launder their spoils, the report said. The typical process now involves several steps of swapping one cryptocurrency for another on decentralized exchanges and using decentralized finance (DeFi) mixers, which are privacy tools for obscuring the history of the transactions, to conceal their tracks, according to Chainalysis.
- Mixers were the most used tool among North Korean hackers for the first time, accounting for over 65% of stolen funds, up from 42% in 2020 and 21% the year before, Chainalysis said. In 2017 and 2019, crypto exchanges were the most popular way of laundering money.
- About $170 million of stolen funds from 49 exploits dating back to 2017 have yet to be laundered, the report said.
- The number of North Korea-attributed attacks grew from four to seven, and the funds stolen grew by 40%, the highest since 2018, according to the report. The victims were mostly investment firms and centralized exchanges.
- Chainalysis said that many of last year's attacks were likely carried out by a group labeled as advanced persistent threat 38 (APT38), also known as Lazarus Group. The group is believed to be led by Pyongyang’s primary intelligence agency, the Reconnaissance General Bureau.
STORY CONTINUES BELOW
Read more: DOJ Charges 3 North Korean Hackers With Stealing $100M+ From Crypto Firms
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
NFT Project Pudgy Penguins Takes Over Las Vegas Sphere in Holiday Campaign
The NFT brand’s animated segments will air on the Sphere across Christmas week, signaling the crypto company's move into real-world consumer markets.
What to know:
- Pudgy Penguins will run an ad campaign at the Las Vegas Sphere during Christmas week, one of the few crypto brands to secure a spot at the high-profile venue.
- The NFT project, which launched on Ethereum in 2021, has expanded into physical toys and digital gaming as part of a broader consumer push.
- Pudgy Penguins briefly overtook Bored Apes in floor price earlier this year and recently launched its PENGU token on Solana, now trading on major exchanges.
Top Stories
