North Korea Using Crypto Exchange Hacks to Fund WMD Programs

A new United Nations report states North Korea has generated over $2 billion for its WMD programs by cyberattacks on banks and cryptocurrency exchanges.

North Korea has been under extreme pressure since the United Nations Security Council imposed economic sanctions upon it in 2006. The goal of these sanctions was to put a stranglehold on the country’s weapons of mass destruction (WMD) programs, especially its ballistic and nuclear missile programs. However, Pyongyang has found a way to circumvent such sanctions: launching cyberattacks on cryptocurrency exchanges and banks.

Hacking Leads to a Big Payday

Reuters reports that a new United Nations report shows that North Korea is profiting handsomely off their cyberattacks. The report estimates that Pyongyang has generated $2 billion for its WMD programs through such hacks.


The report states that North Korea “used cyberspace to launch increasingly sophisticated attacks to steal funds from financial institutions and cryptocurrency exchanges to generate income.”

The report added:

Democratic People’s Republic of Korea cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for its WMD (weapons of mass destruction) programmes, with total proceeds to date estimated at up to two billion U.S. dollar[s].

North Korea Supports Numerous Hacking Attempts

The UN report notes that experts are investigating at least 35 occurrences in 17 countries where operatives of Pyongyang have attacked “financial institutions, cryptocurrency exchanges, and mining activity designed to earn foreign currency.”

The reality is that North Korea has been active in hacking banks and cryptocurrency exchanges for some time. Late in 2017 as Bitcoin shot up in value, Lazarus, a hacking group linked to Pyongyang, launched a series of hacking attacks on several South Korean crypto exchanges. This followed the attacks on four South Korea exchanges by North Korean hackers in July and August 2017.


Pyongyang stole $571 million in cryptocurrency from five Asian cryptocurrency exchanges between January 2017 and September 2018. The main group of hackers associated with North Korea is APT 38, a highly-skilled and well-funded group that stole $1 billion from banks and crypto exchanges in 2018. The group conducted cyberattacks in India, Turkey, Pakistan, Taiwan, Bangladesh, South Korea, Philippines, Chile, and Vietnam during that time.

A European security expert described APT 38 as a small team comprised of a handful of individuals who operate under the control of the Reconnaissance General Bureau, North Korea’s principal intelligence organization.

A spokeswoman for the U.S. State Department remarked upon the new UN report, saying:

We call upon all responsible states to take action to counter North Korea’s ability to conduct malicious cyber activity, which generates revenue that supports its unlawful WMD and ballistic missile programs.

While large amounts of money can be obtained, it’s likely that North Korea will continue their hacking attempts to bolster its economy and fund their WMD programs.

Originally published on

How do you rate this article?



Bitcoin Mafia
Bitcoin Mafia

My real name is Cynthia Turcotte. I am the CEO & Co-Founder @ International editor @ Crypto enthusiast, writer, SEO expert, WordPress developer. Tabletop paper-and-dice RPG gamer, sci-fi fan and movie buff.

Bitcoin Mafia's Crypto & Blockchain Blog
Bitcoin Mafia's Crypto & Blockchain Blog

A mix of original and curated (with permission) crypto and blockchain news content as well as daily and weekly news roundups. If you have content you would like published here, please contact me and let me know.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.