Hackers stole billions in crypto to keep North Korea’s regime afloat
136 comments
·April 3, 2025horacemorace
If cryptocurrencies are self-regulating, aren’t the techniques used by these hackers actually the best and most effective way to play the game by its own rules? Calling this behavior “cheating” smells of sore-loserism.
acc_297
There is a certain Bitcoin evangelist who will preach the gospel of a self governing currency that via a system of rules will automatically validate transactions between trust-less parties in a decentralized manner over a globe-spanning internet protocol but then complain when that same system does not prevent them from accidentally sending the entire contents of their "wallet" to an address in North Korea.
The system does not represent ownership the system only tracks of the validity of transactions and if the North Korean government proposes a valid transaction of your BTC or ETH to an address they control and a mining-node includes that transaction in a block which a majority of the network accepts then those assets are no longer yours they belong to North Korea.
The properties of the crypto-asset ecosystem which allow it to be ungoverned also make it ungovernable.
earnesti
I would imagine exchanges these days routinely monitor incoming and outgoing transactions, and if they suspect the funds are stolen, they are freezed. I would imagine North Korea doesn't have really an easy job laundering that BTC they have stolen.
mhluongo
You're right, many crypto exchanges operating on the right side of the law will freeze these funds.
For those interested in this, CT (crypto twitter) makes tracking North Korea's stolen winnings a bit of a sport.
samczsun, an excellent security auditor who's working at Paradigm these days, broke down some of the org in a post the other day.
https://x.com/samczsun/status/1906754853063565720?t=N4aqa6Vy...
Taylor Monahan at MetaMask also makes a habit of tracing funds and shares some pretty interesting finds around NK's laundering efforts.
strangattractor
They are simply having to duplicate all the things Visa provides its customers.
BTC is inherently deflationary in the sense that once new coins cease to be mined the total number of BTC will decrease over time due to lose, theft and death. I know that I lost my wallet with the only BTC I owned 10 years ago. I can name several other people that have done the same. I would think this one property makes it undesirable for use as a currency.
mvdtnz
You can imagine things all you want, the rest of us will be over here in the real world.
strangattractor
"The shocking theft at WazirX, India’s largest cryptocurrency exchange..."
Oddly I am not in the least bit shocked. Now if we found out that this was an inside job I would again not be the least bit shocked.
metalliqaz
It appears crypto is just speed-running the last few hundred years on their way to modern financial regulation
rchaud
These are but pricey bug bounties. This will lead to a more efficient and secure cryptocurrency market, as participants will insist on better financial controls, threatening to flee to the regulated fiat markets if their needs are not met. /s
yieldcrv
> These are but pricey bug bounties.
This isn't sarcasm to me, but the rest of your comment is.
kelsey978126
[flagged]
_1
What does this sentence even mean?
erikerikson
It is a reference to Magic The Gathering. Blue decks are known for wildly changing the rules of the game. Black decks are known for interacting with death and the graveyard which is where cards go after they are used.
A paraphrasing of the GP without using magic terminology is to say that they are playing by the rules in an unexpected way using unexpected combinations and sequences. More briefly "playing by the rules as written".
benrutter
Tangential recommendation, but anyone interested in North Korean hacking should check our the BBC World Service's Lazarus Heist podcast[0].
0. https://www.bbc.co.uk/programmes/w13xtvg9/episodes/downloads
whatever1
This is the only promise that cryptocurrency held. Avoid government barriers. So we should celebrate the fact that it was not a complete scam.
__MatrixMan__
I disagree. There's a tremendous amount of waste in the economy related to reconciling different companies' records of who owes what to whom and then getting that info to the bank and then hearing back from the bank about whether the debt was fully or partially paid and then relating that to whether the service continues to be rendered.
Moving from an accounts-receivable/accounts-payable model to a insert-coin-receive-service model would be a huge advantage.
It just hasn't happened because the vibes are wrong and it appears that they'll stay wrong for a while.
feoren
> There's a tremendous amount of waste in the economy related to reconciling different companies' records of who owes what to whom and then getting that info to the bank and then hearing back from the bank about whether the debt was fully or partially paid and then relating that to whether the service continues to be rendered.
Is all that really a tremendous waste, in the days of databases and instant communication? How much waste are we talking about here? I'd wager a lot of money it's at least one order of magnitude less than the literal heat waste produced by validating bitcoin transactions. Crypto is much more wasteful.
> Moving from an accounts-receivable/accounts-payable model to a insert-coin-receive-service model
The monetary system isn't what's preventing this. You can't provide a service and also charge for it in the exact same instant. If I hire a contractor to renovate my bathroom, there's a ton of negotiation, possible disagreements about whether the work is "done" or not, payment deadlines, etc., and crypto vs. fiat currency changes none of that.
__MatrixMan__
> You can't provide a service and also charge for it in the exact same instant.
Sometimes you can, and it's those cases that I'm thinking of.
But even when you can't, why not create the transaction up front and include the conditions under which it should or should not proceed at a later date? If you want a third party as a mediator, just in case, why not make that part of the transaction too? Why not ensure now, that the money you'll be paid later, actually exists and can't be spent on something else in the meantime?
So much becomes possible if both parties are on the same page yet neither had to build that page from scratch.
> How much waste are we talking about here?
Well there's all the business that doesn't happen because while I'm a bit curious about your service, I'm not curious enough to give you my credit card and trust your pinky-promise that you'll charge me like you said you would.
And then there's the business that doesn't happen because micropayments are required for the business model (many tiny credit card transactions being prohibitively expensive).
And then there's all the money that gets wasted when resolving disputes in court when mediators could've been bound to the transaction up front--mediators who are more familiar with the parties and the situations and who have access to a single source of truth about the nature of the disagreement rather than having to reconcile both versions of some "handshake agreement".
And then there's maintenance for all that billing pipeline code which is implemented over and over again--slightly differently by each company but rarely meaningfully so--which has to account for two worlds: one which creates debts, another which eliminates them, just to align the conjunction of those worlds to an arbitrary cadence (typically monthly) which has no correspondence with the product's usage. If you offload the accounting to public infra immediately, then you don't have to build and maintain infra which keeps both worlds in sync.
All told, I think it's quite a lot. As for the waste heat from bitcoin--yes, bitcoin is stone-age crypto. What we need for this probably doesn't exist yet.
itsoktocry
>Moving from an accounts-receivable/accounts-payable model to a insert-coin-receive-service model would be a huge advantage.
Why would the method of payment affect how you track accounts payable/receivable in your books?
__MatrixMan__
Maybe there were better words I could have used there, sorry.
You can of course track it however you want, but the complexity of what you end up tracking explodes if you're operating on something like a monthly billing cycle. Especially if you have more than one financial institution with an opinion about whether money should/did get moved.
I've been involved with the maintenance of several billing pipelines and having to handle events like maybe the bank was only able to collect half of this person's bill but it took them a few days to let us know that, but we've already sent that money over here so now we' have this deficit and do we shut off their service over a deficit of just $5...
It's a nightmare that's totally orthogonal to the business that's being run. Nobody wants to be on the billing team, but it's viewed as a necessary evil. But I'm saying that it's an unnecessary evil. If you can very quickly settle up for practically nothing, then you can just build the app to withhold service for a few milliseconds until payment clears and then there's no debts to keep track of and resolve later. And having it on a public blockchain means that if you're collaborating with other companies over how the pie gets sliced, there's a single source of truth for how big the pie actually is.
woleium
i agree smart contracts are the way forward, but you don’t need crypto or blockchain to implement them. You do need a trusted third party, to adjudicate when things go wrong.
breakyerself
We already have that. It's called courts.
null
wyldfire
> It just hasn't happened because the vibes are wrong and it appears that they'll stay wrong for a while.
No. A civil society needs to be able to issue judgments that override transactions / seize assets. And therefore they cannot have automatons determining where the assets belong.
When criminals are caught with their hand in the cookie jar, we can't just shrug and say "gee I wish we had a way to get that money back."
I'm a big fan of bitcoin and to some extent cryptocurrency. I think it has real value. But I'm not deluded enough to think it can somehow replace all ledgers everywhere.
__MatrixMan__
I'm not proposing that this all happen on an L1, of course you need some time for various parties to decide whether settlement should proceed. Nor am I saying that all ledgers everywhere would benefit from this change.
I'm just saying that many businesses would benefit (or become feasible in the first place) if the time between service-rendered and payment-pending were sub-second and built into the product and instead of relying on month-long-billing cycles. It would also be beneficial if the infrastructure for handling that process were common to both parties rather than having each of them track it separately hoping they agree on what is owed after the fact.
ty6853
And pretty unique online irreversible near instant transactions. For this reason it was often the cheapest way to buy bullion online in a way that cleared in less than an hour, since most banks charge for a wire and credit cards (or vendor risk departments) charge high vendor premiums on bullion transactions.
rchaud
> Hackers then send the ether to “mixers”—crypto platforms that co-mingle tokens from various users, obscuring their ownership. After that, the ether is swapped for bitcoin and then converted into tether, a token whose value is linked to the U.S. dollar.
Good timing for the US to lift sanctions on Tornado Cash [0].
Too many people think "lock them up" is the solution to crime, without considering that crime relies on certain types of infrastructure to remain in business. And that people who are "tough on crime" often have good reasons to keep operational the things that facilitate said crimes.
NelsonMinar
North Korea launders its stolen cryptocurrency through every available means. Including Tornado Cash, quite aggressively, which is why they were sanctioned. It is very hard to understand why the Trump administration would reverse those sanctions unless they are trying to aid this kind of money laundering.
mhluongo
Because code had never been sanctioned before, and it's a clear freedom of speech issue?
yieldcrv
adding sanctions to a smart contract address that cannot appeal itself was not a winning position in the US courts
and determing that a smart contract deployment was a "foreign asset" was also not a winning position in the US courts, as its not clear if it was deployed on a node outside of the US to begin with, or if the person that actually sent the deployment transaction was a non-US citizen
The Treasury with its new head just short circuited that challenge and stopped wasting taxpayer money on this
yeah, stick with prosecuting the actual crime instead of the laziest approach of calling everyone a criminal for using a sanctioned smart contract
os2warpman
Cheated?
From an outsider's perspective their methods seem typical.
starwin1159
Why are North Korean hackers so skilled? Are their technical skills top-tier?
micah94
They work for a government that can help with the threats, bribery and social engineering required to get access to employees of exchanges.
abidhusain
The issue of cybersecurity in crypto is becoming more critical by the day. The scale at which nation-state actors are targeting the crypto world shows just how vulnerable many systems still are.
bjornsing
Before there was crypto North Korea stole 1000 Volvo cars from Sweden. They simply ordered them and never payed.
ForOldHack
We should return the favor.
IncreasePosts
It's pretty incredible that a sizable percentage of North Korea's GDP derives from crypto theft. Actually about the same percentage as Spain was pulling from the Americas at the end of the colonial period.
rsanek
For others wondering, it's about 2%: 2023's GDP was $29.6b, and this article mentions that the $6b was "over a decade."
benlivengood
Satoshi identified!
OutOfHere
Something tells me that WazirX's cold wallet wasn't actually cold - it was multisig but hot. The only thing that leaves the hardware running a cold wallet is a signed transaction that is limited in scope to the signed amount and recipient.
https://archive.is/1vkXG