According to the United Nations Security Council, this crypto was stolen over the last seven years and used in weapons development.

A new investigation has revealed that crypto companies and wealthy individuals are being scammed on social media by North Korean hackers. According to the United Nations, the money is reportedly being used for weapons development. 

David Robinson, co-founder of Internet 2.0 and former Australian Army Intelligence Officer, discussed these practices in an interview with Sky News. 

“Consumers are at a huge risk from North Korean hackers,” Robinson said. “They’ve stolen $3 billion to date, according to the UN.”

The U.N. Security Council sanctions committee investigated 97 suspected North Korean cyberattacks on cryptocurrency companies between 2017 and 2024, totaling $3.6 billion.

These hackers have stolen funds from crypto platforms, consumers, and high-end individuals who use crypto for business transactions. Chainalysis estimated that North Korean hackers stole $400 million in 2021, mostly Ethereum (ETH). 

New hacking techniques

In May, reports emerged of North Korean hackers using a new malware variant named “Durian” to target cryptocurrency companies in South Korea.

In a threat report dated May 9, cybersecurity company Kaspersky revealed that the North Korean hacking group Kimsuky utilized malicious software in specific attacks directed at two cryptocurrency companies. These attacks exploited authentic security software employed solely by South Korean crypto firms. 

Social media 

North Korean hackers use social media to create fake profiles of celebrities or professionals to promote crypto dumps, fraudulent schemes, and phishing links. They employ classic crypto fraud techniques like malicious links via messages or comments that lead to websites mimicking crypto exchanges.

Collaboration with Russia

Blockchain analysts have reported increasing collaboration between Russia-based crypto exchanges and North Korean hacking groups since 2021, as international monitoring hampers North Korea’s on-chain activities. 

Chainalysis revealed that these groups frequently use Russian exchanges to launder stolen crypto from various platforms.