Seoul, Oct 17: North Korean hackers have stolen an estimated $3 billion worth of cryptocurrency since 2017, using the funds to support the regime's nuclear and missile programmes, a Microsoft report showed on Thursday. Of that amount, between $600 million and $1 billion was stolen just last year, based on Microsoft's ‘Digital Defence Report for 2024’.
The report highlights that these stolen funds have financed over half of Pyongyang's nuclear development efforts, reports Yonhap news agency. Since last year, Microsoft has identified several new North Korean hacking groups Moonstone Sleet, Jade Sleet, Sapphire Sleet and Citrine Sleet, which have been targeting cryptocurrency organisations.
In particular, Moonstone Sleet has developed a custom ransomware variant and deployed it against unidentified entities in the aerospace and defence sectors for both intelligence gathering and financial gain. Microsoft analysts said the emergence of new hacking groups suggests that the North Korean regime is expanding its involvement in ransomware activities, increasing the use of cybercriminal tools to bolster the regime's financial resources and advance its strategic interests.
"Nation states are becoming more aggressive in the cyber domain, with ever-growing levels of technical sophistication that reflect increased investment in resources and training," said Tom Burt, Microsoft's vice president of customer security and trust. Microsoft also warned of rising cyber threats by state-backed actors, especially those related to Russia, China and Iran, ahead of the U.S. presidential election and amid persistent geopolitical conflicts in Europe and the Middle East.
Meanwhile, South Korea, the US and Japan recently agreed to bolster joint efforts to combat North Korea's illegal cyber activities, which are increasingly targeting the virtual currency industry. The three sides stressed the importance of strengthening partnerships with the private sector, particularly with cryptocurrency service providers, to raise awareness of Pyongyang's cyber threats.