In a devastating exposé, the latest findings reveal that North Korea laundered a staggering $1.65 billion in cryptocurrency from January to September 2024. The illicit activities, according to a report from the Multilateral Sanctions Monitoring Team (MSMT), are primarily aimed at financing the country’s weapons of mass destruction (WMD) and ballistic missile initiatives. This alarming trend underscores North Korea’s ongoing efforts to evade stringent UN sanctions and perpetuate its rogue activities.
A significant portion of this illicit revenue traces back to a major theft of $1.4 billion from the prominent cryptocurrency exchange, Bybit, in February. The breach highlights North Korea’s reliance on cybercrime to fund its arms race, with an additional $1.2 billion amassed through various other nefarious cryptocurrency operations. Such actions are inherent to the regime’s strategy to circumvent international financial restrictions.
According to the MSMT’s scathing report, the reclusive state is increasingly utilizing cryptocurrency, particularly stablecoins, to facilitate transactions involving military supplies and critical raw materials essential for weaponry production, notably copper.
In a striking maneuver, North Korea has deployed IT professionals across the globe to launder these funds deliberately and generate further income for Pyongyang. This workforce is reported to be strategically positioned in countries such as China and Russia, with the MSMT indicating that North Korean IT specialists have operatives in at least eight nations, cleverly evading sanctions while continuing illicit operations.
Russia appears to host the largest contingent of North Korean IT workers, who not only aid in money laundering but also bolster the country’s military ambitions. Under Kim Jong-un’s directive, North Korea’s cyber operations have intensified exponentially, emphasizing a focused effort to sidestep imposed sanctions.
The burgeoning alliance between North Korea and Russia has become increasingly apparent, with North Korea reportedly offering military support in exchange for arms. This mutually beneficial rapport fortifies both nations’ defiance against international sanctions.
Further insights from a 2024 investigation by the 38 North program, part of the Stimson Center, reveal that North Korean IT professionals have even taken work on animation projects for major companies, disguising their affiliations to obscure their activities. In response to these concerning revelations, Amazon acknowledged previous collaborations with an animation studio utilizing subcontractors potentially linked to these operations. However, HBO did not comment on the issue, leaving many questions unanswered.
Intriguingly, the MSMT has also uncovered that North Korean agents have employed tactics such as using LinkedIn to recruit South Koreans associated with defense firms, posing as legitimate recruiters. Such strategies demonstrate North Korea’s relentless pursuit of sensitive information, further challenging the efficacy of existing sanctions.
Since its inception in October 2024, the MSMT has intensified monitoring actions to oversight violations of UN Security Council sanctions imposed on North Korea. Operating independently yet in coordination with various member states, the team aims to strengthen oversight around North Korea’s increasingly sophisticated methods of laundering funds and evading sanctions.
As these developments unfold, it becomes increasingly clear that despite concerted international attempts to isolate North Korea, the regime is leveraging its cyber capabilities and cryptocurrency innovations to sustain its illicit programs and continue advancing its military ambitions.
