- North Korea laundered $1.65B in cryptocurrency to finance its WMD and missile programs between January and September 2024.
- The regime uses cybercrime, including the $1.4B Bybit exchange hack, to support the military.
- North Korea deploys IT workers in multiple countries, including Russia, to launder funds.
North Korea continues to use cryptocurrency as a tool to evade international sanctions and finance its weapons of mass destruction (WMD) and ballistic missile programs. The government, during the period from January to September 2024, was able to clean up $1.65 billion worth of digital assets, thus proving its determination to get around the United Nations (UN) imposed restrictions. The major source of these funds was illegal activities in the digital currency sector, specifically targeting cryptocurrency exchanges and other related actions.
Bybit Exchange Hack and Other Crypto Thefts
In February 2024, one of the biggest thefts made the headlines when North Korea snatched away $1.4 billion from the Bybit cryptocurrency exchange . The country’s cyber operations have gone far beyond this particular attack, with another $1.2 billion pocketed through other illegitimate crypto activities. The money is mainly used for North Korea’s military goals, particularly its nuclear arms development.
North Korea has really started to use stablecoins for transactions, including military purchases of equipment and basic materials like copper. The dependency on cryptos gives the dictatorial regime the power to trade in a less visible manner, thus making it easier to obtain the goods the military needs for the weapons programs.
In addition to cyber thefts, North Korea has deployed IT workers in foreign countries to launder money and bypass UN sanctions. Reports show that North Korean workers have been sent to at least eight nations, including Russia, China, and Laos. These workers often operate under the radar, blending into the local workforce while generating income for the regime. Russia, in particular, hosts the largest number of North Korean IT workers.
Russia’s Role and North Korean Cyber Operations
The North Korea-Russia bond is now a tight and trustworthy one that was caused partly by the economic restrictions and sanctions these two countries are receiving from the international community. One of the major factors that has awakened the solidarity between them is North Korea’s army dispatch to Russia’s side in Ukraine. At the same time, North Korean cyber operations, mainly under the current regime’s rule, have come to be quite clever, and thus the regime is able to get around sanctions more easily.
Besides, North Korean labor has lost flow control and has been flowing into some international companies at various levels. Just for example, some North Korean IT workers did animation projects for Amazon and HBO Max. They worked under false identities, and thus tracking their real origins was hard. North Korean spies also got in touch with South Korean defense professionals through LinkedIn, and thus, stealing sensitive info became much easier.
The world has been more vigilant with its eyes on North Korea. The Multilateral Sanctions Monitoring Team (MSMT) has been keeping an eye on North Korea’s breaches of the Security Council sanctions since it started operating in October 2024. The regime’s advanced cyber potentials and use of digital currency have, however, made it possible for the illegal activities to continue notwithstanding the above-mentioned measures.
