North Korean Hackers Lazarus Group Stolen $3B in Cryptocurrency

The hacker group stole the funds over the last six years, which was likely used to fund the country's projects, a report said.

AccessTimeIconDec 1, 2023 at 4:15 p.m. UTC
Updated Jan 26, 2024 at 3:24 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

(Soohwan Oh, CoinDesk Korea) - North Korea-linked hacker organization Lazarus Group has stolen $3 billion in cryptocurrency over the past six years, according to a report by cybersecurity firm Recorded Future.

The report released on Thursday reveals that in 2022 alone, the group plundered $1.7 billion in cryptocurrency, likely to fund North Korean projects.

Blockchain data analysis firm Chainalysis indicates that out of this total, $1.1 billion was stolen from decentralized finance (DeFi) platforms. A September report published by the U.S. Department of Homeland Security (DHS) as part of its Analytic Exchange Program (AEP) also highlighted Lazarus's exploitation of DeFi protocols.

The U.S. Treasury Department introduced new sanctions against North Korea's cyber activities, adding 'Sinbad' to the Office of Foreign Assets Control's specially designated sanctions list. Sinbad has been implicated in laundering the cryptocurrencies stolen by the Lazarus Group.

The group is known to have used Sinbad's mixer services to hide the origins of the stolen funds. Such mixers obscure individual transaction trails by blending multiple users' transactions.

Lazarus Group's specialty is fund theft. In 2016, they hacked the Bangladesh Central Bank, stealing $81 million. In 2018, they hacked the Japanese cryptocurrency exchange Coincheck, diverting $530 million, and attacked the Central Bank of Malaysia, stealing $390 million.

The story first appeared in CoinDesk Korea.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish group, owner of Bullish, a regulated, institutional digital assets exchange. Bullish group is majority owned by; both groups have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.