The United States, Japan, and South Korea released a joint statement highlighting the threat posed by Democratic People’s Republic of Korea (DPRK) cyber actors targeting the global cryptocurrency industry. The statement underscores ongoing concerns about DPRK’s use of cyber thefts to fund its unlawful weapons of mass destruction and missile programs.
According to the statement, issued on Tuesday (Washington local time), advanced persistent threat groups, including the Lazarus Group, have executed numerous high-profile cryptocurrency heists. Notable thefts attributed to DPRK in 2024 include $308 million from DMM Bitcoin, $50 million from Upbit, and $16.13 million from Rain Management. Prior incidents include $235 million stolen from WazirX and $50 million from Radiant Capital in 2023.
The DPRK employs sophisticated tactics such as social engineering and malware deployment, with tools like TraderTraitor and AppleJeus targeting exchanges, custodians, and individual users. IT workers from the DPRK also present insider threats, with advisories issued by the U.S., Japan, and South Korea warning private sector companies to exercise vigilance in hiring practices.
The statement emphasizes the importance of public-private collaboration to disrupt these cybercrime operations. Initiatives like the U.S.’s Illicit Virtual Asset Notification (IVAN) program, Japan’s collaboration with the Japan Virtual and Crypto Assets Exchange Association (JVCEA), and joint symposiums hosted by South Korea and the U.S. showcase the commitment to enhancing cybersecurity defenses.
The three nations reaffirmed their commitment to imposing sanctions on DPRK cyber actors and improving cybersecurity in the Indo-Pacific region, pledging to bolster trilateral coordination against cyber threats.
Bd-pratidin English/ Jisan
