North Korea Steals $2B in Crypto: What Do the Law Experts Say?

Why Trust Techopedia Crypto

North Korean crypto hackers have allegedly stolen over $340 million worth of crypto so far in 2023. South Korea plans a bill, but technical challenges and privacy concerns loom.

North Korean (DPRK) cybercrime targeting cryptocurrencies continues to intensify, with recent reports pointing to a total of $340.4 million worth of crypto stolen by hackers.

What are the recent insights and measures taken by governments to tackle the surging problem?

North Korean Cyberattacks and Stolen Assets

At the start of the month, news broke out that North Korean hackers had allegedly stolen over $200 million worth of cryptocurrencies between January and August 2023. In the last five years, this amount has managed to surpass $2 billion in crypto assets in over 30 attacks, a report by TRM Labs found.

The value of stolen crypto assets is significantly lower in 2023 than it was in 2022. Still, TRM Labs highlighted that “North Korea has maintained its focus on the crypto ecosystem,” with the percentage of total assets stolen in 2023 amounting to over 20% of all stolen crypto this year.

Needless to say, nations worldwide are starting to worry, as a more recent Chainalysis report found that North Korea-linked hack attacks had wiped out a total of $340.4 million worth of crypto so far in 2023.

“While North Korea-linked hackers are on pace to steal much less cryptocurrency than they did last year, it’s important to acknowledge that the catastrophically high figures from 2022 created an unusually high bar to surpass.”

Chainalysis added that the DPRK remains an “incubator for hacking activities.”


In addition, an upcoming United Nations report highlights that the DPRK is using such cyberattacks to fund its nuclear missile programs.

Managing partner and attorney at Law specializing in international cybercrime and blockchain-related crime at Cha & Kwon, Ohoon Kwon told Techopedia that the threat posed by North Korean hackers has been a growing concern in the global cybersecurity landscape.

“Given North Korea’s economic sanctions imposed due to its nuclear developments, the nation has reportedly been channeling efforts into avenues such as cryptocurrency theft to secure foreign currencies, including U.S. dollars. The threat is perceived to be escalating, particularly with South Korean exchanges serving as a major hub for cryptocurrency transactions globally.”

Moreover, such hack attacks can also impact the security of a number of blockchain protocols as well as their users, Dan Park, the CTO of SuperBlock, which launched the Layer 1 blockchain OverProtocol, added.

South Korea to Intensify Cybercrime Legislation

In light of the following news, South Korea has expressed a desire to submit a bill that would aim to track and neutralize North Korean cryptocurrency assets.

The bill was revised earlier this year, following the orders of the South Korean president, Yoon Suk Yeol, who wanted the bill to contain “practical measures to bolster national security,” local sources reported.

But will the new, planned bill work out?

According to attorney Kwon and OverProtocol’s Park, the track and neutralize incentive faces a series of technical issues, which are primarily driven by the innate anonymity that blockchain technology affords its users.

Kwon said:

“Tracking and identifying the individuals behind wallet addresses without direct evidence or leads can be exceptionally challenging. Furthermore, while many global exchanges have adopted anti-money laundering measures, these are still under development and their effectiveness can be variable.”

Moreover, Kwon stressed that the proposed bill also has the potential to carry ramifications for both South Korea as well as the global crypto landscape.

This is because such proposals, which have been brought up in the past, had faced opposition from the South Korean president, who ordered the bill to be amended and include stronger measures to neutralize the attacks initiated by North Korea.

Kwon noted: “Domestically, there is a mounting apprehension that the legislation could infringe upon the privacy rights of South Korean citizens. It potentially grants the government broader access to personal financial records, purportedly as a security measure to counter threats.

“Moreover, it could usher in stringent regulations that discourage participation in cryptocurrency activities and deter businesses in the industry. It paints a complex scenario where the government must tread a fine line to balance national security with safeguarding individual rights and fostering business prosperity.”

International Efforts to Counter North Korean Hacking

According to OverProtocol’s Park, international cooperation, as well as information sharing, can play a crucial role in countering North Korean cyberattacks, especially in light of recent news.

“Various mechanisms and channels for collaboration exist, allowing governments and cybersecurity entities from different countries to exchange insights, threat intelligence, and best practices. These mechanisms are designed to facilitate a coordinated response to cyber threats without specifying particular organizations or institutions. Such collaboration helps pool resources and expertise to address the complex and transnational nature of cyber threats effectively.”

Attorney Kwon added that existing mechanisms such as the “travel rule” that requires Virtual Asset Service Providers (VASPs), such as cryptocurrency exchanges, to share the identity and information of the sender and recipient of crypto transactions could help minimize any future cryptocurrency cybercrime.

“However, it is worth noting that these measures have limitations, particularly if users deceive the exchanges with false information. It highlights the need for further development of sophisticated technologies and cooperative frameworks to enhance the efficacy of such strategies in tackling cyber threats.”

Cryptocurrency and Cybercrime

Over the years, cryptocurrencies have become a popular target for a number of cybercriminals, highly driven by a number of their characteristics, including their high anonymity.

Meanwhile, the transactions conducted in a cryptocurrency space are recorded on a public ledger known as the blockchain, the identities of the individuals who conduct the said transactions are typically pseudonymous.

As previously highlighted by Kwon and Park, such a high level of anonymity can oftentimes make it difficult for law enforcement agencies to trace transactions back to specific individuals, making cryptocurrencies the perfect space for cybercriminals.

Chainalysis reported that by July 2023, crypto scams had seen a 65% overall decline. Although ransomware attacks, on the other hand, had surged, surpassing $440 million in the first half of 2023.

Cryptocurrencies are frequently used in ransomware attacks, where cybercriminals encrypt a victim’s data and demand a ransom payment in cryptocurrency for its release.

Chainalysis noted:

“It is clear the ransomware ecosystem has rebounded in 2023 both in terms of payments and attacks, with record-setting incident numbers. The data serves as an important reminder that ransomware remains a significant threat and that businesses should continue to shore up their cybersecurity and data backup procedures for added protection.”

In addition to ransomware, cryptocurrencies are also used on the dark web as their relative anonymity continues to make them a preferred choice for cybercriminals.

The Bottom Line

As the value of cryptocurrencies continues to surge, the intensifying North Korean crypto hacks serve as a stark reminder of the ever-evolving landscape of cybercrime. With billions at stake, nations grapple with the challenge of countering these attacks while safeguarding individual rights and fostering a thriving crypto industry.

International collaboration and technological advancements hold the key to addressing this complex issue as the world navigates the intricate interplay between anonymity, security, and global geopolitics in the realm of digital currencies.


Related Reading

Related Terms

Iliana Mavrou
Crypto journalist
Iliana Mavrou
Crypto journalist

Iliana is an experienced crypto/tech journalist reporting on blockchain, regulation, DeFi, and Web3 industries. Before joining Techopedia, she contributed to a number of online publications, including, Cryptonews, and Business2Community, among others. In addition to working in journalism, she also has experience in tech and crypto PR.  Iliana graduated from the City University of London with a degree in Journalism in 2021. She is currently pursuing a Master's degree in Communication.