North Korea's cyber threats to cryptocurrency exchanges and custodians prompt coordinated actions by the U.S., Japan, and South Korea to safeguard global financial systems.
 |
| US, Japan, and South Korea tackle DPRK cyber threats targeting cryptocurrency industry with joint measures to disrupt malicious activities and improve financial security. Image/ Illustration: ChicHue |
Washington, USA — January 15, 2025
The United States, Japan, and South Korea have issued a joint statement warning of the growing cyber threat posed by North Korea’s (DPRK) illicit activities targeting the cryptocurrency industry. The statement, issued on Tuesday, highlights the DPRK’s use of cyber thefts to fund its weapons of mass destruction and ballistic missile programs, which threaten global security and the integrity of international financial systems.
Advanced persistent threat groups, such as the Lazarus Group, have orchestrated numerous high-profile heists. In 2024 alone, the DPRK stole $308 million from DMM Bitcoin, $50 million from Upbit, and $16.13 million from Rain Management. Previous attacks attributed to the DPRK include the theft of $235 million from WazirX and $50 million from Radiant Capital in 2023. The regime employs sophisticated tactics, including social engineering and malware like TraderTraitor and AppleJeus, to target cryptocurrency exchanges, custodians, and individual users.
The statement also warns of insider threats posed by DPRK IT workers infiltrating private sector entities. Multiple advisories issued since 2022 by the U.S., Japan, and South Korea urge blockchain and freelance industries to implement robust measures to mitigate risks.
Public-private collaboration is central to countering these threats. Initiatives like the U.S.’s Illicit Virtual Asset Notification (IVAN) program, the Crypto-ISAC information-sharing platform, and South Korea’s joint symposiums with the U.S. strengthen coordination between governments and businesses. Japan’s Financial Services Agency, in partnership with the Japan Virtual and Crypto Assets Exchange Association (JVCEA), has also urged crypto businesses to enhance self-inspections and security practices.
The three nations reaffirmed their commitment to imposing sanctions on DPRK cyber actors and enhancing cybersecurity across the Indo-Pacific region. Through trilateral working groups, they aim to disrupt the DPRK’s cybercrime operations and secure the global financial ecosystem.
This united front underscores the urgency of countering the DPRK’s malicious activities and ensuring the safety and stability of the international cryptocurrency market.