According to a report released by the Multilateral Sanctions Monitoring Team (MSMT), North Korea-linked hackers stole a staggering $2.83 billion in virtual assets between 2024 and September 2025. ๐คฏ
The report emphasizes that Pyongyang not only excels at theft but also possesses sophisticated methods for liquidating the illicit gains. ๐ต๏ธโโ๏ธ๐ฐ
Hacking Revenue Fuels One-Third of Nationโs Foreign Currency ๐ค
The MSMT is a multinational coalition of 11 countries, including the US, South Korea, and Japan. It was established in October 2024 to support the implementation of UN Security Council sanctions against North Korea. ๐
According to the MSMT, the $2.83 billion stolen from 2024 to September 2025 is a critical figure. ๐
โNorth Koreaโs virtual asset theft proceeds in 2024 amounted to approximately one-third of the countryโs total foreign currency income,โ the team noted. ๐งฎ
The scale of theft has accelerated dramatically, with $1.64 billion stolen in 2025 alone, representing an increase of over 50% from the $1.19 billion taken in 2024, despite the 2025 figure not including the final quarter. ๐
The Bybit Hack and the TraderTraitor Syndicate ๐
The MSMT identified the February 2025 hacking of the global exchange Bybit as a major contributor to the surge in illicit revenue in 2025. The attack was attributed to TraderTraitor, one of North Koreaโs most sophisticated hacking organizations. ๐ก๏ธ
The investigation revealed that the group collected information related to SafeWallet, the multi-signature wallet provider used by Bybit. They then gained unauthorized access via phishing emails. ๐ง
They utilized malicious code to access the internal network, disguising external transfers as internal asset movements. This allowed them to hijack control of the cold walletโs smart contract. ๐
The MSMT noted that in major hacks over the past two years, North Korea often prefers to target third-party service providers connected to exchanges. This is done rather than attacking the exchanges themselves. ๐ต๏ธโโ๏ธ
The Nine-Step Laundering Mechanism ๐ง
The MSMT detailed a meticulous nine-step laundering process North Korea uses to convert the stolen virtual assets into fiat currency:
1. Attackers swap stolen assets for cryptocurrencies like ETH on a Decentralized Exchange (DEX). ๐
2. They โmixโ the funds using services such as Tornado Cash, Wasabi Wallet, or Railgun. ๐งน
3. They convert ETH to BTC via bridge services. ๐
4. They move the funds to a cold wallet after passing through centralized exchange accounts. ๐ง
5. They disperse the assets to different wallets after a second round of mixing. ๐
6. They swap BTC for TRX (Tron) using bridge and P2P trades. ๐ก
7. They convert TRX to the stablecoin USDT. ๐ต
8. They transfer the USDT to an Over-the-Counter (OTC) broker. ๐ค
9. The OTC broker liquidates the assets into local fiat currency. ๐ฐ
Global Network Facilitates Cash-Out ๐
The most challenging stage is converting crypto into usable fiat. This is accomplished using OTC brokers and financial companies in third-party countries, including China, Russia, and Cambodia. ๐จ๐ณ๐ท๐บ๐ฐ๐ญ
The report named specific individuals. These include Chinese nationals Ye Dinrong and Tan Yongzhi of Shenzhen Chain Element Network Technology and P2P trader Wang Yicong. ๐จ๐ณ
They allegedly cooperated with North Korean entities to provide fraudulent IDs and facilitate asset laundering. Russian intermediaries were also implicated in the liquidation of approximately $60 million from the Bybit hack. ๐ท๐บ
Furthermore, Huione Pay, a financial service provider under Cambodiaโs Huione Group, was utilized for laundering. ๐ฐ๐ญ
โA North Korean national maintained a personal relationship with Huione Pay associates and cooperated with them to cash out virtual assets in late 2023,โ the MSMT stated. ๐ค
The MSMT raised concerns with the Cambodian government in October and December 2024. These concerns regarded Huione Payโs activities supporting UN-designated North Korean cyber hackers. As a result, the National Bank of Cambodia refused to renew Huione Payโs payment license; however, the company continues to operate in the country. ๐ซ๐ธ
Read More
- Gold Rate Forecast
- FET PREDICTION. FET cryptocurrency
- EUR VND PREDICTION
- Brent Oil Forecast
- Mysterious Forces Ignite Cardano: Bitcoin Bridges, ETF Rumors & the Crypto Peasant Rebellion
- Silver Rate Forecast
- UK Crypto Craze: ETF Avalanche Hits London! ๐๐
- Bitcoinโs Decline Continues: Investors Hold Their Breath as Price Stagnates!
- Coinbase Tells U.S. to Get with the Times and Use Blockchain to Fight Crypto Crime
- Scandal and Speculation! Trumpโs Blue Chip Folly Sends Cronos Tumbling and Tumultuous
2025-10-23 14:38