A joint team of South Korean spies and American private investigators gathered at the South Korean intelligence service to track $100 million stolen from California cryptocurrency firm, Harmony. The team had been waiting for North Korean hackers to move the stolen crypto into accounts that could be converted to dollars or Chinese yuan, hard currency that could fund the country’s illegal missile program. In late January, the hackers moved some of the stolen cryptocurrency to a dollar-pegged cryptocurrency account, temporarily relinquishing control of it. The spies and investigators seized the opportunity, flagging the transaction to US law enforcement officials who were able to freeze the money. Although the majority of the stolen $100 million remains out of reach in cryptocurrency and other assets controlled by North Korea, it was the kind of seizure that the US and its allies will need to prevent big paydays for Pyongyang. Cutting off North Korea’s cryptocurrency pipeline has quickly become a national security imperative for the US and South Korea.
North Korean hackers have stolen billions of dollars from banks and cryptocurrency firms in recent years. The regime has been trying increasingly elaborate ways to launder the stolen digital money into hard currency, US officials and private experts say. The North Koreans’ ability to use the stolen digital money to fund its weapons programs is part of the regular set of intelligence products presented to senior US officials, including, sometimes, President Joe Biden. North Korea’s cryptocurrency hacking was top of mind at an April 7 meeting in Seoul, where US, Japanese, and South Korean diplomats released a joint statement lamenting that Kim Jong Un’s regime continues to “pour its scarce resources into its WMD [weapons of mass destruction] and ballistic missile programs.” It’s a family business that scholar John Park calls “North Korea Incorporated,” and it’s gone virtual. North Korea’s cyber capabilities and crypto theft are a significant revenue generator for the Kim regime.
Last year, North Korean-linked hackers were responsible for almost half of the record $3.8 billion in cryptocurrency stolen from around the world, according to Chainalysis. It’s unclear how much of the billions in stolen cryptocurrency North Korea has been able to convert to hard cash. The public record of blockchain transactions helps US officials track suspected North Korean operatives’ efforts to move cryptocurrency. However, when North Korea gets help from other countries in laundering that money, it is “incredibly concerning,” says a US Treasury official focused on North Korea. Pyongyang’s hackers have also combed the networks of various foreign governments and companies for key technical information that might be useful for its nuclear program. Cutting off North Korea’s cryptocurrency pipeline has quickly become a national security imperative for the US and South Korea.