Chainalysis: $2.2 billion stolen from crypto platforms in 2024 cyberattacks

More than $2 billion worth of cryptocurrency has been stolen from crypto platforms in 2024 according to blockchain research firm Chainalysis. 

The company found that for the fifth year in a row, thefts from such entities have surpassed $1 billion, growing more than 21% in 2024 to $2.2 billion. The number of incidents 282 in 2023 to 303 in 2024, Chainalysis observed. 

The researchers noted that crypto platforms reached $1.5 billion in losses between January and July alone — setting the industry on pace for $3 billion worth of thefts for the year. But the number of attacks and the size of incidents cooled significantly midway through the year following headline-grabbing losses of $305 million from Japanese platform DMM Bitcoin in May and nearly $235 million from Indian company WazirX in July. 

Both of the attacks had real world implications. DMM Bitcoin announced two weeks ago that the hack forced its owners to shut down the site and sell off all crypto assets to Japanese financial services giant SBI Group. Chainalysis tracked the stolen DMM funds as they were laundered through several different platforms and eventually cashed out on notorious Cambodian financial platform Huione Guarantee — a hub for Chinese organized crime and cyber scams.

In November, Indian authorities arrested a man from West Bengal who they accuse of being behind the pilfering of $235 million of WazirX. 

North Korea nexus

Chainalysis said hacking groups connected to North Korea’s government continued to lead the way in the majority of thefts from crypto platforms, stealing $1.34 billion across 47 incidents in 2024. Those figures are significant increases after 2023 saw $660.50 million stolen in 20 attacks.

North Korean hackers have now become “notorious,” according to Chainalysis, for their crypto heists — which the country uses to circumvent international sanctions and fund its ballistic missiles programs. 

“Unfortunately, it appears that the DPRK’s crypto attacks are becoming more frequent,” the researchers said.

“Notably, attacks between $50 and $100 million, and those above $100 million occurred far more frequently in 2024 than they did in 2023, suggesting that the DPRK is getting better and faster at massive exploits. This is in stark contrast to the previous two years, during which its exploits more often each yielded profits below $50 million.”

While several of the biggest hacks ever based on the amount stolen have been attributed to North Korean actors, the country also continues to evolve into stealing small amounts from more miniscule platforms. Chainalysis said it has seen a growing density of North Korean attacks “most notably around $10,000 in value.”

Chainalysis noted that there was a steep decline in attacks by North Korean groups after July and attributed it to a June summit held between Russian President Vladimir Putin and North Korean leader Kim Jong Un. 

Since the summit, Russia has lavished North Korea with money and weapons while Pyongyang in turn has allegedly sent its own soldiers to fight in the invasion of Ukraine. 

The researchers said the amounts stolen by the DPRK dropped by approximately 53.73% after the summit, whereas non-DPRK amounts stolen rose by approximately 5%.

The skill of North Korea’s crypto hackers continues to confound security experts. Last week, crypto platform Radiant Capital published a postmortem on a September incident where more than $50 million was stolen. 

The hackers, allegedly connected to North Korea’s Reconnaissance General Bureau (RGB), used innovative tactics to corrupt devices used by Radiant Capital engineers. 

North Korea’s government netted $3 billion from cryptocurrency platform attacks between 2017 and 2023, according to United Nations investigators.