Billions stolen: report claims North Korea siphoned crypto and tech salaries

It’s quite a shocking revelation, but reports are surfacing about how North Korea has supposedly been boosting its funds.: by orchestrating massive cyber heists and cleverly embedding fake identities into the global tech workforce.

According to a comprehensive report from the Multilateral Sanctions Monitoring Team—a group that includes the U.S. and ten other allied nations—North Korean hackers have managed to snatch billions of dollars. Their methods are two-fold: they’ve been breaking into cryptocurrency exchanges, and they’ve also been creating elaborate fake personas to secure remote positions with foreign tech companies.

The ultimate goal, as the 138-page review details, is deeply concerning: apparently, these secret operations aim to fund the research and development of North Korea’s nuclear weapons program.

But it’s not just about stealing funds directly. The report also highlights that North Korea has been using cryptocurrency to launder money and facilitate military purchases, all as a means to circumvent international sanctions imposed due to its nuclear ambitions. These hackers haven’t just targeted financial assets; they’ve also unleashed malware on foreign businesses and organizations, aiming to disrupt networks and pilfer sensitive data.

Despite its relatively small size and isolated status, North Korea has clearly poured significant resources into its cyber capabilities. Investigators concluded that its hacking sophistication and skill now stand shoulder-to-shoulder with countries like China and Russia, posing a serious threat to governments, businesses, and individuals worldwide.

Interestingly, unlike China, Russia, or Iran, North Korea appears to have largely focused its cyber efforts on directly funding its government. This means using cyberattacks and these ‘ghost’ workers to steal from and defraud companies and organizations across the globe.

The consequences of these actions are far-reaching. With some alleged assistance from allies in Russia and China, North Korea’s cyber activities have been “directly linked to the destruction of physical computer equipment, endangerment of human lives, private citizens’ loss of assets and property, and funding for the DPRK’s unlawful weapons of mass destruction and ballistic missile programs,” the report stated, using the acronym for North Korea’s official name, the Democratic People’s Republic of Korea.

This monitoring group was formed last year after Russia blocked a resolution that would have allowed a UN Security Council panel to oversee Pyongyang’s activities. Their first report in May focused on North Korea’s military support for Russia.

Just earlier this year, for instance, hackers believed to be connected to North Korea were implicated in one of the largest crypto heists on record, making off with $1.5 billion worth of Ethereum from Bybit. The FBI later attributed this massive theft to a group of hackers working for North Korea’s intelligence service.

Furthermore, federal authorities have also claimed that thousands of IT workers employed by U.S. companies were, in fact, North Koreans operating under assumed identities. These individuals gained access to internal systems and allegedly funneled their salaries back to the North Korean government. In some instances, they were reportedly juggling multiple remote jobs simultaneously.

A request for comment from North Korea’s mission to the U.N. on these allegations has not yet received a response.