8-5-2025 – As the Group of Seven prepares to convene in Canada next month, whispers of a critical agenda item have emerged: the intensifying menace of North Korea’s state-sponsored cyberattacks and cryptocurrency thefts, according to Bloomberg sources privy to summit discussions. These insiders, speaking anonymously, underscored the “alarming” scale of Pyongyang’s cyber operations, which serve as a financial lifeline for the regime’s weapons of mass destruction and ballistic missile programmes, a point echoed by a White House official. Yet, with the summit’s agenda still in flux, pressing geopolitical crises like the war in Ukraine may take precedence, potentially sidelining this digital threat.
North Korea’s cyber onslaught has surged in tandem with the global rise of cryptocurrencies as a cornerstone of finance and investment. State-backed hacker collectives, most notably the Lazarus Group, have orchestrated devastating assaults on digital asset platforms, reaping staggering losses. This year alone, Chainalysis reports that North Korean hackers plundered $1.34 billion across 47 incidents, accounting for a staggering 61% of all crypto thefts in 2024. Their methods have grown chillingly sophisticated, rendering stolen funds increasingly elusive as they vanish into the opaque depths of crypto mixers and peer-to-peer exchanges.
Among the most audacious heists was February’s $1.4 billion breach of Bybit, the largest ever recorded against a centralised exchange, attributed to a precision malware strike by the Lazarus Group. Other high-profile attacks linked to North Korean operatives include the $600 million Ronin Bridge exploit, the ransacking of Harmony’s Horizon Bridge, and a brazen assault on Japan’s DMM Bitcoin exchange. Beyond exploiting vulnerabilities in decentralised finance protocols and blockchain bridges, these actors have deployed cunning social engineering tactics, from phishing schemes to fake job interviews. Last month, Silent Push exposed how Lazarus-affiliated hackers established three shell companies—two registered in the United States—to target crypto developers with malicious software.
Despite international efforts to curb these transgressions, including sanctions from the United States, South Korea, and Japan, the attacks persist unabated. Earlier this month, the U.S. Treasury moved to bar Cambodia’s Huione Group from its financial system, accusing it of aiding North Korea in laundering pilfered crypto funds.
