US Treasury Report Finds North Korean Hackers Exploit DeFi Loopholes for Money Laundering

A report released by the US Treasury on Thursday revealed that North Korean hackers and other illicit actors have been exploiting loopholes in the decentralized finance (DeFi) space to launder money and hide criminal activity. The report claimed that some DeFi platforms do not comply with certain Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) regulations, allowing for weak or non-existent AML/CFT controls and poor cybersecurity controls. This non-compliance has allowed North Korean hackers and other groups to engage in illicit activity and transfer and launder their illicit proceeds.

The report found that most money laundering, terrorist financing, and proliferation financing occurs in fiat currency or outside of the digital asset ecosystem. However, the Treasury still recommends increasing regulatory oversight of AML/CFT for DeFi platforms and addressing any regulatory gaps. The report is in line with President Biden's executive order on digital assets, which aims to promote responsible development of digital assets.

The report's findings also highlighted the ongoing innovation of North Korean hacking groups, which have been finding new ways to steal crypto assets and launder those funds. Pyongyang-based hacking group APT43, also known as Kimuski, was found to buy cloud mining services with its stolen funds to produce clean crypto with no blockchain-based connections for law enforcement to trace. The White House also claimed earlier this year that North Korean hackers had stolen over $1 billion worth of crypto in the past two years.

The report recommended greater regulatory oversight of DeFi platforms and increased cybersecurity controls to prevent illicit activity. It also called for addressing regulatory gaps in the DeFi space and implementing AML/CFT controls to prevent money laundering and terrorist financing.

The report noted that DeFi services often do not implement AML/CFT controls or other processes to identify customers, allowing for the layering of proceeds to take place instantaneously and pseudonymously. Some DeFi projects intentionally lack AML/CFT controls as part of their decentralization goals. However, the report emphasizes that both centralized and decentralized services are subject to the Bank Secrecy Act.

Brian Nelson of the Treasury noted that DeFi presents challenges for identifying individuals behind business activities, but suggested that some DeFi activity may be closer to traditional finance than claimed. "In some ways, they're really decentralized in name only," he said.

The US government has repeatedly accused North Korean hacking groups of stealing crypto assets and using them to fund their missile program, while North Korea has denied these accusations. The Lazarus group, a North Korean hacking group, was also accused of masterminding the hack of Axie Infinity's Ronin blockchain earlier this year.