Cryptocurrency Editor's Picks

North Korean Hackers Use MetaMask to Launder Cryptocurrencies

North Korean Hackers Use MetaMask to Launder Cryptocurrencies

TL;DR

  • North Korean hackers used MetaMask to move $200,000 in cryptocurrency, concealing the origin of the funds. 
  • Transactions linked to the Hyperliquid bridge were identified, raising concerns about potential vulnerabilities in DeFi protocols. 
  • North Korea reportedly earned up to $1.3 billion in illicit crypto gains in 2024.

MetaMask and Cryptocurrency Laundering

Addresses associated with North Korean hackers have been identified moving $200,000 in cryptocurrency through MetaMask, likely as a test for larger future operations. Although transaction fees amounted to $1,985, experts believe these movements aim to obscure the origin of the funds and prevent asset freezing. 

These addresses, already tied to illicit activities, exhibit a recurring pattern: avoiding stablecoins like USDC due to their freezeable nature. Instead, they quickly convert these assets into Ethereum or less traceable tokens. Furthermore, part of the transactions were linked to the Hyperliquid bridge, a growingly popular protocol currently holding over $2 billion in locked value. While no direct attack has been reported, interactions with this protocol spark concerns about potential future vulnerabilities, particularly as DeFi protocols continue to expand and attract more attention. 

Tweet by tayvano


Concerns Over DeFi Protocols and Expanding Hacking Tactics

The activity of these hackers isn’t limited to MetaMask. According to a recent analysis, the addresses have also interacted with other DeFi protocols, NFT platforms, and meme tokens, always aiming to disguise financial movements. Transactions are typically in small amounts, often under $500, to reduce the chances of detection and avoid triggering red flags in blockchain surveillance systems. 

Additionally, the rising adoption of the Hyperliquid bridge could make it an attractive target for future attacks. This protocol, used to connect blockchains and facilitate decentralized trading, is viewed as a potential weak point due to its limited number of validators, which could be exploited by sophisticated attackers. 

Picture of HAcker

In 2024, North Korea reportedly amassed up to $1.3 billion in illicit profits, cementing itself as one of the largest threats in the crypto ecosystem. Although hacking activity has decreased in recent months, the use of advanced tools like MetaMask and emerging protocols demonstrates the constant evolution of their tactics, posing an ongoing challenge for the global cryptocurrency community.

Related posts

Phlomis Finance Enters Real-World Asset Tokenization Through Chromia

guido

Polymarket Reaches $1 Billion in Volume Driven by U.S. Election Bet

fernando

Ethereum and altcoins could face correction according to Benjamin Cowen’s analysis

fernando