



As part of the joint statement, the US State Department, South Korea, and Japan underlined the efforts that North Korean hackers put into targeting the blockchain industry, with the three nations warning about the substantial threat to the integrity and stability of the international financial system.











The US underlined its plans to continue to keep an eye on North Korean hackers leveraging social engineering tactics, including impersonation, to deceive victims into installing Windows or Mac-based malware. Additionally, these hackers utilised identity theft to apply for remote IT jobs, which gave them another way to infiltrate cryptocurrency-related companies.

This was also the case in September 2024, when the FBI announced that North Korea was engaging in social engineering campaigns targeting employees in the DeFi and cryptocurrency sectors. The operations were meant to distribute malware and steal digital assets from companies. Also, North Korean cyber actors developed advanced social engineering schemes initially difficult to detect, with these methods being complex enough to compromise individuals with strong technical backgrounds. As a response to these findings, the US, South Korea, and Japan are now pushing blockchain companies and freelance work industries to scale their vetting processes and avoid accidentally hiring North Korean IT workers.

The joint statement did not provide a solution to the North Korean hacker threat, only mentioning that further collaboration between the public and private sectors of the three countries is critical to halting the hacking schemes.





North Korea behind several crypto heists in 2024

The US, South Korea, and Japan now also confirmed that North Korea was behind a minimum of five heists at cryptocurrency exchanges and financial platforms in 2024. Among them was the USD 235 million hack of WazirX, one of India’s largest cryptocurrency exchanges, from July 2024. This forced WazirX to suspend trading and then restructure the company. In addition, other significant attacks include a USD 308 million theft from Japan’s DMM Bitcoin, USD 50 million each from Upbit and Radiant Capital, and USD 16.13 million from Rain Management.