Retail crypto traders who have had their accounts hacked, or fell victim to last year’s Coinbase (NASDAQ:COIN) scam which saw one poor soul lose over $2 million, know how stressful it is to wake up to an empty wallet. Worse yet, there is almost no recourse for recovery. Who’s stealing all those Bitcoins? Where are all these hackers coming from?
North Korea. That’s where. Around 60% of total value stolen in crypto last year could be traced to cybercriminals in North Korea, according to Web3 security services firm CertiK. So far this year, North Korea-linked activity accounted for 55% of global crypto losses. It looks like they are maintaining the trend. CeriK estimated that 185 incidents resulted in at least $1.1 billion in total losses to cryptocurrency holders since January. Of that amount, around $621 million was attributed to sources in North Korea. Most of that came from the $291 million KelpDAO exploit.
CertiK, founded in 2017 by professors from Yale and Columbia universities, released their 23-page report on Wednesday.
Social relationship building is the dominant attack vector. Coinbase users who fell victim to scammers last spring likely moved money from their account to their wallets after being advised to do so by perfect-English speaking conmen claiming to be Coinbase staffers. After the money was in the wallet, the wallet was emptied.
CertiK specifically gave examples of fake LinkedIn job offers. “Most of the major North Korean heists begin with human manipulation,” CertiK said in the report, adding, “fake venture capital impersonators, fraudulent job interviews, and malicious code repositories account for the majority of initial access across all …
