North Korea is stealing millions in cyber attacks on banks and crypto firms, UN warns

UN experts say North Korea continues to steal hundreds of millions of pounds from financial institutions and cryptocurrency firms, with the dictatorship using the illicit money to fund its nuclear and missile programs.

The panel of experts said that, according to an unnamed government, North Korean “cyber-actors stole more than 50 million dollars (£37 million) between 2020 and mid-2021 from at least three cryptocurrency exchanges in North America, Europe and Asia, probably reflecting a shift to diversify its cybercrime operations”.

In the report’s section on cyber activities, obtained by the Associated Press, the experts said that an unidentified cybersecurity firm reported that in 2021 the North’s “cyber-actors stole a total of 400 million dollars worth of cryptocurrency through seven intrusions into cryptocurrency exchanges and investment firms”.

These cyberattacks “made use of phishing lures, code exploits, malware, and advanced social engineering to siphon funds out of these organisations’ internet-connected ‘hot’ wallets into DPRK-controlled addresses”, the panel said, using the initials of the country’s official name, the Democratic People’s Republic of Korea.

The cryptocurrency funds stolen by the DPRK cyber actors “go through a careful money laundering process in order to be cashed out”, the panel of experts monitoring sanctions on North Korea explained in the report to the UN Security Council.

A year ago, the panel quoted an unidentified country saying North Korea’s “total theft of virtual assets from 2019 to November 2020 is valued at approximately 316.4 million dollars”.

In the executive summary of the new report, the experts said North Korea has continued to develop its nuclear and ballistic missile programs.

For stories from where you live, visit InYourArea.

Leave a Comment