Cryptocurrency’s distributed nature and anonymity both enable North Korea’s cybercrime and create structural factors that help evade legal action. Addressing cryptocurrency theft and money laundering requires formal, global enforcement mechanisms. North Korea’s cyber activities have evolved beyond simple hacking to securing foreign currency for regime maintenance.
Estimates show North Korean hackers stole about $1.2 billion in cryptocurrency in 2024 and roughly $1.6 billion from January through September 2025. In February 2025, Bybit, then the world’s second-largest crypto exchange, experienced a theft of about $1.5 billion worth of Ethereum, cited as the largest single incident on record. Hackers approach targets with job offers or collaboration requests to disseminate malware and breach internal networks. Once assets are stolen, they are dispersed across multiple wallets and swapped for other cryptocurrencies to launder funds.
Because blockchain transactions occur directly between wallets without intermediaries, freezing assets through financial institutions is difficult. As a result, enforcement focuses on exchanges and other cash-out points, but there are fundamental challenges in tracing wallet owners and recovering assets. Existing international norms focus on anti-money laundering and do not fully address state-sponsored hacking, and cross-border judicial cooperation remains non-binding. Authors argue for binding, global investigative and enforcement mechanisms and advocate for a framework similar to international cybercrime treaties (such as UNCC) that transcends national regulation to deter North Korea’s crypto crimes.
Leave a Reply