A preliminary report from a United Nations inquiry suggests North Korea is using the proceeds from crypto hacks to funds its weapons programs.
The United Nations has accused the North Korean state of stealing $281 million worth of crypto from an exchange during September 2020.
According to Reuters, the findings from a “confidential report” authored by independent sanctions monitors for U.N. Security Council members “strongly suggests” links between the hack’s perpetrators and the North Korean regime. Reuters quoted the report:
“Preliminary analysis, based on the attack vectors and subsequent efforts to launder the illicit proceeds, strongly suggests links to the DPRK.”
Reuters noted the U.N. report accuses North Korea of using the stolen funds to support its nuclear and ballistic missile programs in violation of international sanctions.
Despite the report containing few concrete details surrounding the victimized exchange, crypto data firm Whale Alert’s Frank van Weert speculated the report must be referring to the September 2020 KuCoin hack. Chainalysis estimated losses from the KuCoin hack at $275 million.
The incident saw swift reactions from Tether and major crypto exchanges to quickly freeze crypto assets associated with the attack, preventing roughly 22% of breached funds from being stolen. KuCoin says it has since recovered 80% of the stolen funds.
Citing sources familiar with the incident, the U.N. report cites asserts the attackers breached the exchange by exploiting the smart contracts of DeFi protocols:
“The attackers exploited ‘DeFi’ protocols — i.e., smart contracts that facilitate automated transactions.”
The report estimates North Korea generated roughly $2 billion in total through “widespread and increasingly sophisticated” cyber attacks targeting banks and crypto exchanges as of 2019.
The U.N. notes that one member state believes North Korea stole $316.3M worth of digital assets between 2019 and November 2020, suggesting the regime was responsible for a further $36 million worth of crypto thefts on top of the KuCoin hack during that time.
Last month, a U.S. federal judge ruled that an Ethereum developer accused of helping North Korea to evade sanctions by delivering a speech at a 2019 crypto conference in Pyongyang must soon face a jury. The developer, Virgil Griffith, is accused of conspiring to violate international sanctions by providing “services” to the rogue state.