Since the world’s second-largest crypto exchange, FTX, declared bankruptcy earlier this month, the flow-on effects have been felt far and wide.
But among the many victims are also some not-so-innocent parties. For the Democratic People’s Republic of Korea, a country facing heavy sanctions, cryptocurrency theft has been a (relatively) to fund the country’s expanding nuclear arsenal.
It’s well documented that Kim Jong-un’s military operation hackers have been stealing to support North Korea’s for several years.
But with the general downturn in the crypto market, coupled with the recent FTX collapse and myriad other pitfalls, analysts estimate North Korea has probably lost most of its crypto haul.
What North Korea’s hackers have been up to
North Korea sponsors several hacker groups, including (also called Guardian of Peace and Whois Team) and Advanced Persistent Threat 38 (APT38).
While nobody knows exactly how many North Korea-backed hackers there are, experts Kim Jong-un has between 6,000 and 7,000 working both inside and outside the country.
North Korea has invested in for some 15 years. It’s almost impossible for an organisation to defend itself against an army of this size and calibre once it comes charging.
In 2016, Lazarus hackers came close to stealing US$1 billion ($1.47 billion) from Bangladesh’s national bank – but a typo in the computer code meant they only got away with US$81 million.
Since then, they’ve refined their methods. Lazarus has been accused of stealing US$571 million ($839 million) from cryptocurrency exchanges between January 2017 and September 2018, US$316 million from 2019 to November 2020, and US$840 million in the first five months of 2022.
According to Chainalysis, North Korean hackers have stolen an estimated total of about US$1 billion (1.47 billion) in cryptocurrency this year. A large chunk of this would have come from Lazarus’ massively lucrative heist against NFT-based online game Axie Infinity. In April, United States authorities held the group responsible for stealing US$620 million ($912 million) in cryptocurrency from the game.
For context, it’s North Korea only earned about US$142 million ($209 million) from trade exports in 2020.
Kim Jong-un’s cybercriminal army will likely find new sources of illicit income (and will probably keep stealing crypto too)
Okay, so how much has it now lost?
It’s difficult to say exactly how much cryptocurrency has been stolen (and used) by North Korean hackers – and, therefore, how much might remain.
In June, blockchain analyst and former FBI analyst Nick Carlsen told Reuters one of North Korea’s crypto caches had lost 80 per cent to 85 per cent of its value in a number of weeks, falling to less than US$10 million.
Losses will have intensified following the FTX collapse. According to a Chainalysis report, in January, North Korea held about US$170 million ($250 million) in stolen unlaundered cryptocurrency, taken from 49 hacks conducted from 2017 to 2021.
It also claims Ether was the most common cryptocurrency stolen by North Korea in 2021, making up 58 per cent of the total theft.
fell by more than 20 per cent following the FTX crash and remains low. It’s reasonable to expect North Korea will wait before cashing out. When it does, experts looking on will be in a better place to figure out how much it has.
North Korea’s stolen crypto loots have probably gone down in value, but that’s no reason to think it will stop stealing.
Kim Jong-un has previously said threats by the United States would be met with a resolute nuclear response. Source: Getty / Sopa Images
Why steal crypto to fund nuclear weapons tests?
The United States, South Korea and Japan have been warning North Korea against conducting a seventh nuclear test. But Kim Jong-un doesn’t seem to be letting up.
On Saturday, at the launch of North Korea’s largest ballistic missile yet, he the "ultimate goal is to possess the world’s most powerful strategic force, the absolute force unprecedented in the century."
and border closures due to COVID-19 have made it difficult for North Korea to trade and generate funds through other means – which makes the cryptocurrency market an attractive target.
Cryptocurrency remains unregulated by most countries’ governments. At the same time, transactions can be made quickly and allow more anonymity than transactions made through traditional banking systems.
It’s also easier to hack a cryptocurrency exchange than it is to hack a bank. The latter are almost always bolstered by advanced security barriers and sometimes require in-person appearances.
No more missile tests, for now?
The rapid drop in crypto’s value, compounded by the FTX crash, will have certainly left a dent in North Korea’s nuclear military expansion funds. Nonetheless, Kim Jong-un’s cybercriminal army will likely find new sources of illicit income (and will probably keep stealing crypto too).
North Korea has also support from supporters in South Korea who follow the “Juche” ideology – the same Marxist-Leninist-adjacent political philosophy imposed in North Korea.
And in April American crypto expert Virgil Griffith pleaded guilty to helping North Korea evade US sanctions through using cryptocurrency.
Then there’s China – a key player in deciding whether sanctions against North Korea will actually work. In May, China joined Russia a draft proposal from the US to tighten sanctions against North Korea, and continues to .
As long as North Korea can glean financial benefits from China, and other avenues, as mentioned above, it’s unlikely to stop its plans.
James Jin Kang is an adjunct lecturer of computing and security at Edith Cowan University
He does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.