Chainalysis предлагает новые стратегии для борьбы с угрозами со стороны хакеров из Северной Кореи Translation: Chainalysis proposes new strategies to combat threats from North Korean hackers.

The cryptocurrency sector must reevaluate its security strategies to combat the unprecedented thefts orchestrated by hackers from North Korea. This was stated by Andrew Firman, head of the national security department at Chainalysis, in a comment to The Block, highlighting that international sanctions alone are insufficient.

Firman urged companies to implement rigorous personnel screening measures, including mandatory video interviews, thorough identity verification, and geolocation monitoring. This approach aims to identify North Korean IT specialists who infiltrate blockchain projects and defense firms with fake credentials to gain access to internal infrastructures.

He emphasized that completely eliminating the threat is unfeasible. However, coordinated efforts among exchanges, analytic firms, and law enforcement will significantly complicate hackers’ operations. Swift sharing of intelligence will hinder attackers’ ability to rapidly liquidate assets.

The focus on preventive measures is driven by a notable surge in activity from the group Lazarus and other hackers linked to Pyongyang. In the first half of 2025, they stole over $2.17 billion in cryptocurrency, surpassing the total for the entirety of 2024, according to Chainalysis.

The largest incident was the hack of the Bybit exchange, where assailants withdrew $1.5 billion worth of Ethereum. This was followed by an attack on the South Korean platform Upbit, causing a loss of $37 million.

The hackers’ methodologies have grown more aggressive, now targeting supply chains by compromising third-party service providers. To enhance the effectiveness of their attacks and create convincing «digital identities,» criminals have begun utilizing artificial intelligence.

Money laundering schemes have also become more intricate, with funds flowing through mixers, OTC brokers, and decentralized exchanges. Hackers employ multiple channels simultaneously, crafting convoluted transaction paths to conceal their traces.

It is worth noting that in September, former Binance head Changpeng Zhao warned about the threat posed by «strawman employees» from North Korea.