Jan 15, 2025Ravie LakshmananBlockchain / Cryptocurrency

Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam.

The new evidence suggests that Pyongyang-based threat groups may have pulled off illicit money-making scams that predate the use of IT workers, SecureWorks Counter Threat Unit (CTU) said in a report shared with The Hacker News.

The IT worker fraud scheme, which has been reported by the US Department of Justice, said.

Some of the companies targeted in 2024 alone included DMM Bitcoin, Upbit, Rain Management, WazirX, and Radiant Capital, leading to the theft of more than $659 million in cryptocurrency. The announcement marks the first official confirmation that North Korea was behind the hack of WazirX, India’s largest cryptocurrency exchange.

“This is a critical moment. We urge swift international action and support to recover the stolen assets,” WazirX founder Nischal Shetty posted on X. “Rest assured, we will leave no stone unturned in our pursuit of justice.”

Last month, blockchain intelligence firm Chainalysis also revealed that threat actors affiliated with North Korea have stolen $1.34 billion across 47 cryptocurrency hacks in 2024, up from $660.50 million across 20 incidents in 2023.