North Korea has reportedly employed cybercriminals to amass over $3 billion in cryptocurrency in the past half-decade, according to a report from The Wall Street Journal.
These stolen funds are believed to finance roughly half of the reclusive nation’s nuclear program. The exact state of their nuclear program, including the number of nuclear weapons they possess and the sophistication of these weapons, is not publicly available due to the secretive nature of the North Korean state.
This complex operation sees the hackers impersonating tech workers or job recruiters, with their targets including blockchain gaming firms such as Sky Mavis, from which over $600 million was reportedly stolen in a single heist.
In 2022, Lazarus, a hacking group linked to the North Korean state by the U.S. Treasury Department, was implicated in a massive cryptocurrency heist involving the Ronin Network. This network supports the popular blockchain game, Axie Infinity, and saw over $600 million worth of ether and USDC tokens stolen in the attack. This hack is one of many major cyberattacks associated with Lazarus, including the 2014 Sony Pictures hack and the infamous 2017 WannaCry ransomware attacks.
According to U.S. allegations, North Korea has constructed a shadow workforce of IT operatives dispersed across multiple countries, who regularly collaborate with the regime’s cybercrime operations.
The technical sophistication of North Korea’s cyber operations appears to be increasing, demonstrated by their successful execution of large-scale thefts and advanced cyber maneuvers.
In reaction to these illicit activities, the U.S. Treasury Department has issued sanctions on Tornado Cash, a «mixer» accused of aiding hackers, including those from North Korea, in laundering the proceeds of their cybercrimes. The Lazarus Group alone has supposedly funneled at least $455 million through the service.