South Korea has recently decided to enforce sanctions on 15 North Korean individuals and one allied group who are presumed to be involved in malignant cyber activities. These hackers are suspected of funding North Korea’s nuclear missile development program, as reported by South Korea’s Ministry of Foreign Affairs on December 26.
These sanctioned agents allegedly earned foreign currency through clandestine operations. Among them is Kim Cheol-min from the 313th General Bureau, who is said to have earned a significant amount of foreign currency working covertly for companies in the United States and Canada before channeling the funds to North Korea’s nuclear weapons endeavor.
Kim Ryu Song, another sanctioned individual, reportedly generated over $88 million of revenue over six years through a series of offenses including violating sanctions, money laundering, and identity theft. They were subsequently indicted by US lawmakers on December 11.
These actions came in response to an alarming increase in hacking activities, with crypto hackers stealing well over $2.3 billion worth of cryptocurrency in 2024, a significant 40% spike compared to the previous year. North Korean-affiliated hackers have been identified as a major contributing factor to this rise, having stolen a value of more than $1.34 billion across 47 incidents during 2024, as per Chainalysis data. This figure represents more than half of the total crypto value stolen that year.
Furthermore, the data also indicates an increase in sophisticated attacks by North Korean hackers, despite an overall decrease in the total number of attacks. This implies that North Korea is refining its hacking techniques, allowing it to engage in more successful exploits.