- North Korea stole $1.34 billion in crypto this year using cyberattacks on global platforms.
- G7 leaders are weighing joint steps to block stolen crypto from funding banned weapons programs.
- Hackers used fake job offers, shell firms, and malware to target exchanges and developers.
Ahead of a G7 summit in Canada next month, the Group of Seven countries are expected to explore new ways to clamp down on North Korea’s role in cryptocurrency theft. The issue is part of a wider agenda of global security challenges being reviewed at the summit, according to a Bloomberg report.
Talks about the conflicts in Ukraine and Gaza will dominate most of the fireworks, but concern over how North Korea finances its arms development via cyber theft is also bubbling. Cybercrime attributed to North Korea has become more nuanced and sophisticated and represents a serious challenge to the financial and security systems of many countries, officials said.
Crypto Hacks Support North Korea’s Military Goals
Security officials and researchers say North Korea has stolen billions in digital currency by orchestrating a series of cyberattacks. It is alleged that these funds are used to help to finance ballistic missile programs and nuclear research while bypassing international sanctions.
In February this year, one of the most damaging attacks occurred as Cybercrime linked to North Korea stole $1.4 billion from Bybit, a cryptocurrency exchange. It was the largest known theft from a centralized crypto platform. Investigators say much of the stolen money was moved using unregulated crypto services quickly after.
According to blockchain analysis company Chainalysis, North Korean hackers conducted 47 crypto attacks this year, making $1.34 billion. More than half of total global value stolen through crypto theft that year was from this.
Methods Used by Hackers Are Becoming More Complex
Cyber groups believed to be backed by the North Korean state are using a wide range of tactics to carry out these attacks. In addition to exploiting technical weaknesses in crypto networks, these groups also trick employees through fake job offers and social media scams.
A cybersecurity firm recently revealed that one North Korean-linked group created three fake companies to deliver malware to crypto developers. Two of the companies were registered in the United States. These groups often pose as hiring managers, investors, or developers to gain trust before launching attacks.
In another case, the Kraken crypto exchange said it discovered a job applicant attempting to gain insider access. The company’s security team used background checks and internal tests to catch the attempt before any damage was done.
Global Action May Expand
The United States, Japan and South Korean governments have responded with sanctions and alerts designed to educate the private sector. Crypto firms have been warned by these countries that hiring unknown remote workers could be connected to state-backed’s cybercrime group.
Recent US Treasury action has sought to block Cambodia’s Huione Group from the US financial system, alleging that the company helped North Korea channel stolen crypto assets.
With leaders preparing to meet in Canada, however, there is growing agreement among sources that digital theft needs to be coordinated as a means to stop the funding of North Korea. The officials said more international cooperation is needed to trace and freeze the money, and then recover it before it’s lost in the anonymity of the crypto tools.
