This is Bloomberg Crypto, a daily Bloomberg I HUD podcast, and I'm Stacy Marie Ishmael, Managing editor of Crypto for Bloomberg News. It's Thursday, February twenty third. Want to hear a big number? How about three point eight billion with a b yep, that's the amount of crypto that hacker has managed to steal last year and it's a new record the company behind that number. Cha analysis also found that one specific hacking group was responsible for a huge chunk of that stolen crypto. If you guessed that the hacking group was Lazarus and you know that they're connected to North Korea, congratulations, you're probably a regular listener of this podcast. Lazarus allegedly stole one point seven billion dollars in twenty twenty two, with compares with less than half a billion dollars the year before. This further solidifies the notion that North Korean hackers are seeing the cryptocurrency sector as a way to raise funds and revenue in the face of international sanctions. Now, what does all of this mean for the crypto markets and what does it mean for you? If you hold crypto? Can anything to be done to prevent these kinds of hacks from happening. Joining me now is Bloomberg REPORTO Jeff Stone with more. Jeff, welcome back to the podcast. Thank you for having me. We are once again I'm going to talk about hackers. I love it. That's what I'm here for. Happy to do it. I continue to be fascinated by the fact that the North Koreans in particular seem to have emerged as the most profitable hackers in the entire old. Is that a fair assessment, I think so. It's a difficult thing to quantify candidly, but in very broad terms. If you think about the big nation state hacking groups, North Korea is singularly focused on generating revenue for Pyongyang. We know that they're under intense international sanctions, so raising money via hacking is a key part of their existence. Really, whereas like a Chinese hacking group might be more focused on stealing intellectual property, for instance. We know that Russia has been involved in all kinds of political stuff as well as just different kinds of mayhem, but that's really North Korea and hacker's singular focus. You know, you recently published a story about the fact that crypto hacks in general, right, so anything that you could mention, and this is based on a report by ch Analysis, had reached nearly four billion dollars in twenty twenty two, which was an increase from the year before when it was about three point three billion dollars. But the thing again that blew me away was how much of that was directly attributable to this one particular North Korean group. Me too, I mean, that was the biggest surprise, you know. I think everyone, probably all your listeners spent a lot of last year reading about different hacks and major hundreds of millions of dollars worth of theft in cryptocurrency. It's pretty staggering to think about almost half of that, half of that three point eight billion being the work of North Koreans and then the rest being various other parties. I think a lot of those are still under investigation, but this relatively small apparently military intelligence hacking units has taken the vast majority of the sum of virtual currency last year. It seems like they really sharpened their focus on crypto because the year before, hacks attributed to Lazarus, which is what they're called, were like less than five hundred million dollars, right, that's a pretty dramatic increase. Like what's driving that, It's difficult to know from sitting outside Telligence Agency. It seems like they were successful and they found a way to do it, and they're going to continue to do it. If you think back to previous generations, we know that North Koreans were accused of counterfeiting cash, you know, American US dollars and using that in the black market to raise money. We know that they have a history of using counterfeit cigarettes and kind of propping up a lot of that trade over the past couple decades. Cryptocurrency seems to be their next mL And is that because people in crypto are like uniquely prone to being bamboozled? Is it because the crypto company security isn't great? Is it kind of a culmination of things. I think there's a scramble to get rich in crypto. Certainly over the past couple of years. I think that has led to a reduction in the amount of perhaps scrutiny that people are putting on different projects and really rushing to kind of monetize in this space. There's a new currency we have to jump on this, there's a new market. We have to jump on this. There's lot of speculation, as you know better than anyone, and North Korea is honing their craft at really inserting themselves into that process. Well, so that point, you know, I think a lot of folks have this very stereotypical idea that all hacking is just like someone probably a dude, hovering in front of a computer in which like green text on a black background is flashing before their very eyes. But you've also reported on the ones that like there are folks doing fake interviews to try to get intelligence at crypto companies, say more about some of these strategies. Yeah, that kind of hacker in abasement stereotype is no longer the case. There have been US indictments against alleged North Kreen hackers, while one came out in twenty twenty one that was really revelatory in some of the scope of these efforts. These are professional soldiers who spend their lives going to international competitions abroad. They are working very carefully night and day to get as good as they can at using Western languages online. They're very good at programming. It's the same kind of programming that you would learn at Stanford or Harvard in a kind of coding program. And the reason that they're so motivated and the reason that they're so crafty is because a lot of their life depends on it. They are supporting families, you know, according to an analysis of these some of these charges that have come out against these alleged hackers, but they're really prolific and they're incredibly focused. I had a researcher tell me one of the reasons they're so good at using fake resumes, for instance, or searching on LinkedIn or indeed for job data they can kind of use for themselves is because they need to do it. There's not a lot of other options that they have to raise revenue online. You know. One person mentioned to me that they are doing a lot more with a lot less than other hacking groups have in terms of technology. Coming up more from Bloomberger posts Jeffstone on record breaking cryptoffs. We'll be right back. One of the other things that I find interesting about what you're describing in terms of like these motivations, you know, these are folks with families, These are folks who are who are trying to survive. It also seems to me that it doesn't seem to be slowing down at all, you know, like the numbers are getting bigger every single time, like year over year these reports are coming out. Is there any way to stop any of this? There's not an obvious way to stop it. We know the Department of Treasury is engaged in kind of an information tour to ensure that organizations, particularly in the cryptocurrency world and the financial world and the technology sector, have a stronger understanding of what's happening. A lot of your listeners will be familiar with the sanctions against Tornado Cash and Blender, which are some of these mixing services that these actors have used to launder cryptocurrency. We know, according to recent reports from just recently, there is a new service called Sinbad that has allegedly used to you know, convert a lot of these transactions in a way that is more difficult for law enforcement and for independent security researchers to track. So those are all really subtle but important indications that this phenomenon is going to continue, if not accelerating. You know. One of the things that people I remember, I grew up in the ins and as am of the generation that was like, you know, forget hotmail I had I had accounts before hotmail existed. It would be like, don't click any links, don't give anybody your credit card details. How do you defend against someone who is pretending to be not a North Korean hacker in a job interview, or who is engaging in some of the more sophisticated techniques like cloning your simcard? Like is there anything a person can do if even governments configure this out. The short answer is no, Unfortunately for a lot of investors and a lot of people who might find themselves even as the targets of surveillance. A little bit outside this conversation, but if there's a nation state hacking group that is specifically targeting a certain individual or perhaps in exchange, they have the means and motive and opportunity and probably the orders to make that happen. You might log into your personal cryptocurrency website and it looks completely legitimate, just like it did yesterday, asks you to insert your user name and password, and you do that, and then you find out, once your cryptocurrency is gone, that that was a fake page that was the product of eighteen months of reconnaissance and intelligence gathering and a really careful attack designed to take over as much as they possibly can. I mean, hearing things like that is one of the reasons folks are like everybody should have a cold wallet and you know, only access your crypto and computers that are not connected to the Internet. That has never felt like a scalable solution for the cryptocurrency world. I mean that advice that you're describing sounds to me like the cryptocurrency world is experiencing some of the pain that the rest of the Internet has gone through. When it comes to changing your passwords frequently and making sure that you're not reusing the same user name credentials across the Internet. It's a very difficult problem to solve, so a lot of organizations are not offloading that risk onto users but kind of saying, you know, those are subtle ways of saying, we can't completely protect you. Here's a couple things that you might be able to do, but again, it's just very difficult. Everyone has busy lives. You can't change your password and write it down every day. You have to be able to trust systems at a certain point in kind of hope that you're not taken for all your worth. You know, it's so interesting that so many of these conversations come back to trust, because one of the problems of crypto was supposed to solve is not having to trust anything or anybody, And here we are again talking about having to trust systems, just as a kind of a closing question, as somebody who has covered cybersecurity for a long time and is now kind of a crypto reports as a result of that. I really like the analogy that you made of you know, this is a problem that's been experienced in any other domain that is connected to a computer or a silver anywhere in the world. Are there things that other domains have done that have helped at all? Or is it really just like an intellectual arms race over who's going to be more sophisticated, you know, like Red team Blue team kind of stuff. The smartest thing that you can do is use multi factor authentication. You know, from an individual standpoint, it's not going to solve every problem, but from an individual standpoint, you want to make sure that when you're logging into a website with your password, that website verifies you that you are who you say you are in a different way, whether that be through a text message, which is not the most reliable example anymore, or a phone call or a QR code. Make sure that that is on all of your accounts, and try to be mindful about how far and wide the services that you're signing up to are. That's to say, don't sign up to every other thing. Try to keep things relatively concentrated under your control so that it's not a huge shock when in two years a website that you completely forgot about is breached in your information spills out. Yeah, I mean a couple of weeks ago, I got an email from a stationary websites like they literally print cards and envelopes, and they're like, so sorry, your information has been revealed for the entire incident. I was like, are you kidding me? Let me ask you this. When you read that, were you like, were you just like of course, or were you like, you're not even shocked anymore? Right, I'm not even shocked anymore. I mean I think after like the big Experience debacle in the United States, which you know is that that is a company with literally one job right, just identity prosection and they were like oopsie. So it can feel really demoralizing that It's like, you know you, you're screaming into the void of I'm trying so hard and yet I wish I had better news. Sorry. You know, so much of being a reporter is like, let me tell you how bad it is. So sorry, Yeah, especially lately. Well, Jeff on that cherry note, thank you as always for coming on the show. Thank you such a fan. That was Bloomberg Report to Jeff Stone. You can find more of his reporting on the Bloomberg Terminal and on Bloomberg dot com. And don't forget to sign up for twice weekly newsletter, Bloomberg Crypto. This is Bloomberg Crypto, a daily podcast from Bloomberg and iHeartRadio. For more shows from iHeartRadio, visit the iHeartRadio app, Apple Podcasts, or wherever you get your podcasts. Send us your comments, questions, or suggestions for the show to Crypto at Bloomberg dot net. The supervising producer of Bloomberg Crypto is Vicky Vergelina. Our senior producer is Janet Babin. Our producers are Mohammed Farouk and Sharon Barrero. Our associate producers are Ty Butler and Moses on m Desta wonder At is our engineer. Original music by Leo Sidron. I'm Stacy Marie Schml. We'll be back tomorrow.

This is Bloomberg Crypto, a daily Bloomberg I HUD podcast, and I'm Stacy Marie Ishmael, Managing editor of Crypto for Bloomberg News. It's Thursday, February twenty third. Want to hear a big number? How about three point eight billion with a b yep, that's the amount of crypto that hacker has managed to steal last year and it's a new record the company behind that number. Cha analysis also found that one specific hacking group was responsible for a huge chunk of that stolen crypto. If you guessed that the hacking group was Lazarus and you know that they're connected to North Korea, congratulations, you're probably a regular listener of this podcast. Lazarus allegedly stole one point seven billion dollars in twenty twenty two, with compares with less than half a billion dollars the year before. This further solidifies the notion that North Korean hackers are seeing the cryptocurrency sector as a way to raise funds and revenue in the face of international sanctions. Now, what does all of this mean for the crypto markets and what does it mean for you? If you hold crypto? Can anything to be done to prevent these kinds of hacks from happening. Joining me now is Bloomberg REPORTO Jeff Stone with more. Jeff, welcome back to the podcast. Thank you for having me. We are once again I'm going to talk about hackers. I love it. That's what I'm here for. Happy to do it. I continue to be fascinated by the fact that the North Koreans in particular seem to have emerged as the most profitable hackers in the entire old. Is that a fair assessment, I think so. It's a difficult thing to quantify candidly, but in very broad terms. If you think about the big nation state hacking groups, North Korea is singularly focused on generating revenue for Pyongyang. We know that they're under intense international sanctions, so raising money via hacking is a key part of their existence. Really, whereas like a Chinese hacking group might be more focused on stealing intellectual property, for instance. We know that Russia has been involved in all kinds of political stuff as well as just different kinds of mayhem, but that's really North Korea and hacker's singular focus. You know, you recently published a story about the fact that crypto hacks in general, right, so anything that you could mention, and this is based on a report by ch Analysis, had reached nearly four billion dollars in twenty twenty two, which was an increase from the year before when it was about three point three billion dollars. But the thing again that blew me away was how much of that was directly attributable to this one particular North Korean group. Me too, I mean, that was the biggest surprise, you know. I think everyone, probably all your listeners spent a lot of last year reading about different hacks and major hundreds of millions of dollars worth of theft in cryptocurrency. It's pretty staggering to think about almost half of that, half of that three point eight billion being the work of North Koreans and then the rest being various other parties. I think a lot of those are still under investigation, but this relatively small apparently military intelligence hacking units has taken the vast majority of the sum of virtual currency last year. It seems like they really sharpened their focus on crypto because the year before, hacks attributed to Lazarus, which is what they're called, were like less than five hundred million dollars, right, that's a pretty dramatic increase. Like what's driving that, It's difficult to know from sitting outside Telligence Agency. It seems like they were successful and they found a way to do it, and they're going to continue to do it. If you think back to previous generations, we know that North Koreans were accused of counterfeiting cash, you know, American US dollars and using that in the black market to raise money. We know that they have a history of using counterfeit cigarettes and kind of propping up a lot of that trade over the past couple decades. Cryptocurrency seems to be their next mL And is that because people in crypto are like uniquely prone to being bamboozled? Is it because the crypto company security isn't great? Is it kind of a culmination of things. I think there's a scramble to get rich in crypto. Certainly over the past couple of years. I think that has led to a reduction in the amount of perhaps scrutiny that people are putting on different projects and really rushing to kind of monetize in this space. There's a new currency we have to jump on this, there's a new market. We have to jump on this. There's lot of speculation, as you know better than anyone, and North Korea is honing their craft at really inserting themselves into that process. Well, so that point, you know, I think a lot of folks have this very stereotypical idea that all hacking is just like someone probably a dude, hovering in front of a computer in which like green text on a black background is flashing before their very eyes. But you've also reported on the ones that like there are folks doing fake interviews to try to get intelligence at crypto companies, say more about some of these strategies. Yeah, that kind of hacker in abasement stereotype is no longer the case. There have been US indictments against alleged North Kreen hackers, while one came out in twenty twenty one that was really revelatory in some of the scope of these efforts. These are professional soldiers who spend their lives going to international competitions abroad. They are working very carefully night and day to get as good as they can at using Western languages online. They're very good at programming. It's the same kind of programming that you would learn at Stanford or Harvard in a kind of coding program. And the reason that they're so motivated and the reason that they're so crafty is because a lot of their life depends on it. They are supporting families, you know, according to an analysis of these some of these charges that have come out against these alleged hackers, but they're really prolific and they're incredibly focused. I had a researcher tell me one of the reasons they're so good at using fake resumes, for instance, or searching on LinkedIn or indeed for job data they can kind of use for themselves is because they need to do it. There's not a lot of other options that they have to raise revenue online. You know. One person mentioned to me that they are doing a lot more with a lot less than other hacking groups have in terms of technology. Coming up more from Bloomberger posts Jeffstone on record breaking cryptoffs. We'll be right back. One of the other things that I find interesting about what you're describing in terms of like these motivations, you know, these are folks with families, These are folks who are who are trying to survive. It also seems to me that it doesn't seem to be slowing down at all, you know, like the numbers are getting bigger every single time, like year over year these reports are coming out. Is there any way to stop any of this? There's not an obvious way to stop it. We know the Department of Treasury is engaged in kind of an information tour to ensure that organizations, particularly in the cryptocurrency world and the financial world and the technology sector, have a stronger understanding of what's happening. A lot of your listeners will be familiar with the sanctions against Tornado Cash and Blender, which are some of these mixing services that these actors have used to launder cryptocurrency. We know, according to recent reports from just recently, there is a new service called Sinbad that has allegedly used to you know, convert a lot of these transactions in a way that is more difficult for law enforcement and for independent security researchers to track. So those are all really subtle but important indications that this phenomenon is going to continue, if not accelerating. You know. One of the things that people I remember, I grew up in the ins and as am of the generation that was like, you know, forget hotmail I had I had accounts before hotmail existed. It would be like, don't click any links, don't give anybody your credit card details. How do you defend against someone who is pretending to be not a North Korean hacker in a job interview, or who is engaging in some of the more sophisticated techniques like cloning your simcard? Like is there anything a person can do if even governments configure this out. The short answer is no, Unfortunately for a lot of investors and a lot of people who might find themselves even as the targets of surveillance. A little bit outside this conversation, but if there's a nation state hacking group that is specifically targeting a certain individual or perhaps in exchange, they have the means and motive and opportunity and probably the orders to make that happen. You might log into your personal cryptocurrency website and it looks completely legitimate, just like it did yesterday, asks you to insert your user name and password, and you do that, and then you find out, once your cryptocurrency is gone, that that was a fake page that was the product of eighteen months of reconnaissance and intelligence gathering and a really careful attack designed to take over as much as they possibly can. I mean, hearing things like that is one of the reasons folks are like everybody should have a cold wallet and you know, only access your crypto and computers that are not connected to the Internet. That has never felt like a scalable solution for the cryptocurrency world. I mean that advice that you're describing sounds to me like the cryptocurrency world is experiencing some of the pain that the rest of the Internet has gone through. When it comes to changing your passwords frequently and making sure that you're not reusing the same user name credentials across the Internet. It's a very difficult problem to solve, so a lot of organizations are not offloading that risk onto users but kind of saying, you know, those are subtle ways of saying, we can't completely protect you. Here's a couple things that you might be able to do, but again, it's just very difficult. Everyone has busy lives. You can't change your password and write it down every day. You have to be able to trust systems at a certain point in kind of hope that you're not taken for all your worth. You know, it's so interesting that so many of these conversations come back to trust, because one of the problems of crypto was supposed to solve is not having to trust anything or anybody, And here we are again talking about having to trust systems, just as a kind of a closing question, as somebody who has covered cybersecurity for a long time and is now kind of a crypto reports as a result of that. I really like the analogy that you made of you know, this is a problem that's been experienced in any other domain that is connected to a computer or a silver anywhere in the world. Are there things that other domains have done that have helped at all? Or is it really just like an intellectual arms race over who's going to be more sophisticated, you know, like Red team Blue team kind of stuff. The smartest thing that you can do is use multi factor authentication. You know, from an individual standpoint, it's not going to solve every problem, but from an individual standpoint, you want to make sure that when you're logging into a website with your password, that website verifies you that you are who you say you are in a different way, whether that be through a text message, which is not the most reliable example anymore, or a phone call or a QR code. Make sure that that is on all of your accounts, and try to be mindful about how far and wide the services that you're signing up to are. That's to say, don't sign up to every other thing. Try to keep things relatively concentrated under your control so that it's not a huge shock when in two years a website that you completely forgot about is breached in your information spills out. Yeah, I mean a couple of weeks ago, I got an email from a stationary websites like they literally print cards and envelopes, and they're like, so sorry, your information has been revealed for the entire incident. I was like, are you kidding me? Let me ask you this. When you read that, were you like, were you just like of course, or were you like, you're not even shocked anymore? Right, I'm not even shocked anymore. I mean I think after like the big Experience debacle in the United States, which you know is that that is a company with literally one job right, just identity prosection and they were like oopsie. So it can feel really demoralizing that It's like, you know you, you're screaming into the void of I'm trying so hard and yet I wish I had better news. Sorry. You know, so much of being a reporter is like, let me tell you how bad it is. So sorry, Yeah, especially lately. Well, Jeff on that cherry note, thank you as always for coming on the show. Thank you such a fan. That was Bloomberg Report to Jeff Stone. You can find more of his reporting on the Bloomberg Terminal and on Bloomberg dot com. And don't forget to sign up for twice weekly newsletter, Bloomberg Crypto. This is Bloomberg Crypto, a daily podcast from Bloomberg and iHeartRadio. For more shows from iHeartRadio, visit the iHeartRadio app, Apple Podcasts, or wherever you get your podcasts. Send us your comments, questions, or suggestions for the show to Crypto at Bloomberg dot net. The supervising producer of Bloomberg Crypto is Vicky Vergelina. Our senior producer is Janet Babin. Our producers are Mohammed Farouk and Sharon Barrero. Our associate producers are Ty Butler and Moses on m Desta wonder At is our engineer. Original music by Leo Sidron. I'm Stacy Marie Schml. We'll be back tomorrow.