ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronEye IconIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailPositive ArrowIcon PrintTitle ChevronIcon Twitter
International relations

North Korea cyberattacks gained $300m in cryptocurrency: UN panel

Draft report shows isolated nation continues to evade sanctions during pandemic

In two cases of hacking that targeted cryptocurrency exchanges, North Korea used a technique known as "chain hopping."   © Reuters

NEW YORK -- North Korea has been launching dozens of cyberattacks on cryptocurrency exchanges and companies in the defense sector to obtain foreign currencies and military information, according to a draft report by a UN expert panel.

The draft, obtained by Nikkei, shows that North Korea stole an estimated total of $316 million in 2019 and 2020 through cyberattacks on cryptocurrency exchanges -- a clear sign the country continues to try and sidestep international sanctions even during the coronavirus pandemic. 

The draft, submitted to the Security Council's North Korea Sanctions Committee reviewing the implementation of the measures on the isolated country, is to be made public after discussion and revisions by Security Council board member nations. The report will have no binding powers but could be referred to by the Security Council or member nations when imposing new sanctions on North Korea. 

The country continues to obtain cryptocurrencies in illegal ways, the draft said. In September 2020, a cryptocurrency exchange company was hacked and $218 million worth of cryptocurrency was stolen. 

In two cases of hacking that targeted cryptocurrency exchanges, North Korea used a technique known as "chain hopping" -- which makes it harder to track down stolen currencies by exchanging one cryptocurrency for another. The draft also revealed that North Korea changed cryptocurrencies through traders in China. Amounts stolen amounted to $272,000 in the first of the two cases and $2.5 million in the second. 

North Korean authorities carried out the cyberattacks using social networking services for businesses and approached personnel in companies related to the defense sector, where the attackers impersonated human resource officers in the sector, the draft suggested. The process involved earning trust through phone conversations and text messages and then sending emails with malware attached to them.

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Try 1 month for $0.99

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends January 31st

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to Nikkei Asia has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media

Nikkei Asian Review, now known as Nikkei Asia, will be the voice of the Asian Century.

Celebrate our next chapter
Free access for everyone - Sep. 30

Find out more