North Korea has stolen billions in cryptocurrency and tech firm salaries, report says

Advertisement

Advertise with us

WASHINGTON (AP) — North Korean hackers have pilfered billions of dollars by breaking into cryptocurrency exchanges and creating fake identities to get remote tech jobs at foreign companies, according to an international report on North Korea's cyber capabilities.

Read this article for free:

or

Already have an account? Log in here »

To continue reading, please subscribe:

Monthly Digital Subscription

$1 per week for 24 weeks*

  • Enjoy unlimited reading on winnipegfreepress.com
  • Read the E-Edition, our digital replica newspaper
  • Access News Break, our award-winning app
  • Play interactive puzzles

*Billed as $4.00 plus GST every four weeks. After 24 weeks, price increases to the regular rate of $19.00 plus GST every four weeks. Offer available to new and qualified returning subscribers only. Cancel any time.

Monthly Digital Subscription

$4.75/week*

  • Enjoy unlimited reading on winnipegfreepress.com
  • Read the E-Edition, our digital replica newspaper
  • Access News Break, our award-winning app
  • Play interactive puzzles

*Billed as $19 plus GST every four weeks. Cancel any time.

To continue reading, please subscribe:

Add Free Press access to your Brandon Sun subscription for only an additional

$1 for the first 4 weeks*

  • Enjoy unlimited reading on winnipegfreepress.com
  • Read the E-Edition, our digital replica newspaper
  • Access News Break, our award-winning app
  • Play interactive puzzles
Start now

No thanks

*Your next subscription payment will increase by $1.00 and you will be charged $16.99 plus GST for four weeks. After four weeks, your payment will increase to $23.99 plus GST every four weeks.

WASHINGTON (AP) — North Korean hackers have pilfered billions of dollars by breaking into cryptocurrency exchanges and creating fake identities to get remote tech jobs at foreign companies, according to an international report on North Korea’s cyber capabilities.

Officials in Pyongyang orchestrated the clandestine work to finance research and development of nuclear arms, the authors of the 138-page report found. The review was published by the Multilateral Sanctions Monitoring Team, a group that includes the U.S. and 10 allies and was set up last year to observe North Korea’s compliance with U.N. sanctions.

North Korea also has used cryptocurrency to launder money and make military purchases to evade international sanctions tied to its nuclear program, the report said. It detailed how hackers working for North Korea have targeted foreign businesses and organizations with malware designed to disrupt networks and steal sensitive data.

People perform during the ceremony marking the 80th anniversary of the founding of the ruling Workers' Party at the May Day Stadium in Pyongyang, North Korea, Thursday, Oct. 9, 2025. (AP Photo/Jon Chol Jin)
People perform during the ceremony marking the 80th anniversary of the founding of the ruling Workers' Party at the May Day Stadium in Pyongyang, North Korea, Thursday, Oct. 9, 2025. (AP Photo/Jon Chol Jin)

Despite its small size and isolation, North Korea has heavily invested in offensive cyber capabilities and now rivals China and Russia when it comes to the sophistication and capabilities of its hackers, posing a significant threat to foreign governments, businesses and individuals, the investigators concluded.

Unlike China, Russia and Iran, North Korea has focused much of its cyber capabilities to fund its government, using cyberattacks and fake workers to steal and defraud companies and organizations elsewhere in the world.

Aided in part by allies in Russia and China, North Korea’s cyber actions have “been directly linked to the destruction of physical computer equipment, endangerment of human lives, private citizens’ loss of assets and property, and funding for the DPRK’s unlawful weapons of mass destruction and ballistic missile programs,” the report said, using the acronym for North Korea’s official name, the Democratic People’s Republic of Korea.

The monitoring group is made up of the U.S., Australia, Canada, France, Germany, Italy, Japan, the Netherlands, New Zealand, South Korea and the United Kingdom. It was created last year after Russia vetoed a resolution directing a U.N. Security Council panel of experts to monitor Pyongyang’s activities. The team’s first report, issued in May, looked at North Korea’s military support for Russia.

Earlier this year, hackers linked to North Korea carried out one of the largest crypto heists ever, stealing $1.5 billion worth of ethereum from Bybit. The FBI later linked the theft to a group of hackers working for the North Korean intelligence service.

Federal authorities also have alleged that thousands of IT workers employed by U.S. companies were actually North Koreans using assumed identities to land remote work. The workers gained access to internal systems and funneled their salaries back to North Korea’s government. In some cases, the workers held several remote jobs at the same time.

A message left with North Korea’s mission to the U.N. was not immediately returned on Wednesday.

Report Error Submit a Tip