I came across a very good article by Chainalysis: Here is a short summary and what you can do to become a target.
North Korea siphoned off $400 million in 2021 by attacking investment firms and centralized exchanges. Think digital wallet or your investment portfolio. Around $50 million was spent on their missile program.
How does it work?
According to Chainalys, they use phishing lures, code exploits, malware, and advanced social engineering. The standard list of tools except that it has nation-state support.
They then use a carefully orchestrated mixing of funds with Mixers to obfuscate the currencies and the wallets. The newer exchanges allow more freedom to use more liquid exchanges that will enable conversion to cash.
Many of these exchanges or de-centralized exchanges don't vet their customers.
Who are "They"?
They are highly sophisticated groups that report to the Reconnaissance General Bureau, North Korea's main intelligence group. One of them, APT38, more commonly known as the Lazarus Group, is already famous, having hacked Sony pictures.
North Korea's hacker groups are an existential threat to the cryptocurrency ecosystem.
How to protect oneself
Check the reputation of the digital exchange which you use for storing your wallet Look for alternatives. I will be coming up with a blog on how to assess their reputation
Avoid exchanges that do not vet their customers. You may be helping the hackers, or worse, become a target
Request cybersecurity bonafides of the exchanges.
Coming soon: Reputation of digital exchanges.