According to a recent report by Recorded Future’s Insikt Group, North Korean hackers have stolen a total of $3bn in cryptocurrency since 2017. This highlights the regime’s prolonged involvement in the cryptocurrency sector, which has expanded from targeting financial institutions through the SWIFT network to a wider strategy during the 2017 cryptocurrency boom.
In 2022, North Korean threat actors were alleged to have stolen a staggering $1.7bn in cryptocurrency – representing 5% of the country’s recorded economy or 45% of its military budget. The funds were laundered in the same manner as conventional cybercriminal groups, providing the regime with a significant source of financial resources despite international sanctions.
Back by the state, North Korean threat actors have put into motion operations similar to those of other cybercriminal groups, accounting for 44% of the stolen cryptocurrency in 2022. They have targeted not only cryptocurrency exchanges, but also individual users, venture capital firms and alternative technologies.
The pilfered cryptocurrency is usually converted into fiat currency through various methods, such as stolen identities and manipulated photos, which are employed to circumvent anti-money laundering measures. According to the report, the regime has been relying on cryptocurrency theft as a major source of income in order to finance military and weapons programs, along with ballistic missile launches.
The report draws attention to the need for more robust regulations, improved cybersecurity measures and further investments in cryptocurrency firms’ cybersecurity. Without these, North Korea is likely to continue to exploit the industry for additional revenue. The regime’s elite and highly trained computer science professionals possess privileged access to technology, enabling them to conduct cyber-attacks against the cryptocurrency industry.