North Korea continues to generate foreign currency by violating international sanctions through the use of cryptocurrency hacking and artificial intelligence (AI) technology, both of which are based on information technology (IT). Recent analyses suggest that North Korean hackers are responsible for about 70% of global cryptocurrency thefts.
According to TRM Labs, as of Wednesday, approximately 2.1 billion USD in cryptocurrency was stolen worldwide from January to June 26 of this year.
In February, the Dubai-based cryptocurrency exchange Bybit suffered a record loss of 1.46 billion USD due to a hack, which authorities attributed to North Korea’s Lazarus Group.
This means that North Korean hackers stole a staggering 70% of the total 2.1 billion USD in cryptocurrency theft in just one hacking incident.
Since then, North Korean hackers have continued their attacks targeting cryptocurrency. Blockchain analyst ZachXBT suspects that the Lazarus Group was involved in a May 16 incident in which 3.2 million USD was siphoned from several Solana wallets. ZachXBT noted that the stolen Solana was quickly converted into Ethereum.
Lazarus is a notorious North Korean hacking organization linked to significant cyber incidents, including the 2014 Sony Pictures hack, the 2016 Bangladesh Central Bank hack, and the 2017 WannaCry ransomware attack.
North Korea’s foreign currency earning strategies through information technology are becoming increasingly sophisticated. On Monday, the U.S. Department of Justice indicted four North Koreans who systematically sought foreign currency by getting hired by American IT companies.
According to the press release, they used stolen personal identification information to secure employment as virtual or disguised individuals in tech firms.
They face charges of embezzling cryptocurrency assets managed by these companies and laundering the profits, which amount to hundreds of thousands of dollars.
North Koreans are infiltrating tech companies on a large scale. The U.S. Department of Justice searched 29 laptop farms across 16 states, freezing 29 financial accounts used for illegal money laundering and 21 fraudulent websites. Authorities seized 200 laptops from the crime scenes.
A laptop farm refers to an illegal workspace where North Korean IT personnel can remotely work under pretenses for U.S. companies. Those dealing with North Korea set up multiple laptops in specific locations within the U.S., allowing North Korean workers to connect remotely and pose as employees of American firms.
Jongin Lim, a professor at Korea University and a former special cyber adviser at the presidential office, predicts that North Korea’s foreign currency-earning cases, such as ransomware attacks, cryptocurrency exchange hacks, and laptop farms, will only increase in frequency.
He further explained that while North Korea needs money for nuclear development, trade is blocked, and intermediaries receive commissions, creating a perfect demand-supply scenario. Especially with laptop farms, there are no language barriers, and payments can be made in cryptocurrency, making it an incredibly easy method.
