UN reports that North Korea is earning half of its foreign income from the crypto industry, highlighting the industry’s vulnerability to weak security measures.

A recent report from the United Nations has shed light on North Korea’s increasing involvement in cyberattacks, particularly targeting cryptocurrency firms. According to the report, these cyberattacks now make up nearly half of North Korea’s foreign currency earnings, generating around $3 billion. The lack of security measures in crypto-related entities has allowed North Korea to exploit vulnerabilities and profit from these attacks. While the report does not have legal binding, it may urge the Security Council and member states to impose new sanctions on those found in violation. The report also highlighted that 40% of funds for weapons of mass destruction development were obtained through cyberattacks, with a focus on defense-related companies. Notably, hackers affiliated with the Reconnaissance General Bureau, North Korea’s primary foreign intelligence service, have been sharing infrastructure and tools for these operations. Despite the implementation of economic sanctions, cybercriminals linked to North Korea continue to target the cryptocurrency market. In 2023, they stole almost $430 million from decentralized finance and also targeted centralized services, exchanges, and wallet providers. Chainalysis, a blockchain forensics firm, reported that hacking groups Kimsuky and Lazarus Group successfully carried out 20 attacks, resulting in around $1 billion worth of crypto being stolen. However, this marked a 41.7% decrease compared to the previous year. The decline in stolen funds from smart contracts, which amounted to $1.1 billion, suggests that the improved security measures implemented in decentralized finance protocols have played a role in mitigating these attacks.