US, Japan, South Korea Warn of North Korean Crypto Hacks
The US, Japan, and South Korea condemn North Korea's $1.3 billion crypto theft in 2024, urging stronger collaboration to counter cyber threats.
The United States, Japan, and South Korea have issued a joint statement condemning North Korea's ongoing cyberattacks, emphasizing the severe threat they pose to global security. The three nations urged stronger collaboration between public and private sectors to counter these attacks and recover stolen funds. North Korean hackers stole over $1.3 billion in cryptocurrency in 2024, a record amount, with much of it funding ballistic missile and weapons of mass destruction programs.
The statement highlights the advanced tactics used by North Korean hackers, who frequently target cryptocurrency exchanges, digital asset custodians, and individuals. These cyberattacks often involve malware, social engineering, and insider operations. North Korean IT workers have infiltrated Web3 and blockchain companies, compromising their networks while posing as employees of legitimate organizations. The governments warned companies in these sectors to carefully vet freelancers and contractors to avoid unintentionally hiring DPRK-affiliated workers.
According to Chainalysis, North Korean hackers stole $660.50 million in 2023 across 20 incidents. In 2024, this figure rose dramatically to $1.34 billion across 47 incidents—a 102% increase. These funds are believed to directly support North Korea’s missile programs and military advancements. The notorious Lazarus Group, a DPRK-linked hacker collective, has been responsible for many of the largest thefts in the cryptocurrency sector.
Three weeks ago, South Korea sanctioned 15 North Korean IT organization members for allegedly aiding the country’s nuclear weapons program. The sanctioned individuals were reportedly operating in China, Russia, Southeast Asia, and Africa under fake identities, funneling earnings back to North Korea.
The US, Japan, and South Korea emphasized the need for transnational collaboration to disrupt these activities. They called for increased efforts to prevent theft, recover stolen funds, and deny North Korea access to illicit revenue streams. The statement also urged private entities to implement stricter cybersecurity measures and to review governmental advisories on mitigating cyber threats.
In October, US authorities seized Bitcoin and Tether linked to the Lazarus Group after they stole $879 million. Legal actions were initiated to recover $2.67 million in digital assets from two major hacks: one involving $1.7 million USDT stolen from Deribit and another targeting Bitcoin holdings worth over $970,000.
The statement underscores the persistent threat posed by DPRK-affiliated hacking groups. These advanced groups, including the Lazarus Group, have been labeled as ongoing security risks by authorities in the US, Japan, and South Korea. By leveraging stolen cryptocurrency to bypass sanctions, North Korea continues to endanger international stability.