US, Japan, and South Korea warn blockchain industry of North Korea’s ongoing cyber threats

Share this article

The United States, Japan, and South Korea issued a joint warning to the blockchain industry about ongoing cyberattacks by North Korean actors, highlighting threats to crypto exchanges, custodians, and individual users.

North Korean-linked groups, including the Lazarus Group, have stolen $650 million in 2024, with major breaches at DMM Bitcoin ($308 million), Upbit ($50 million), and Rain Management ($16.1 million).

The US and South Korea also attributed 2023 attacks on WazirX ($235 million) and Radiant Capital ($50 million) to North Korean cyber actors.

The attacks utilize sophisticated methods, including social engineering and malware such as TraderTraitor and AppleJeus. These operations target the crypto sector to fund North Korea’s weapons programs.

“Deeper collaboration among public and private sectors is essential to disrupt these malicious actors and secure the international financial system,” the joint statement read.

Efforts to counter DPRK cyber activities include initiatives like the US Illicit Virtual Asset Notification (IVAN) system and the Cryptoasset and Blockchain Information Sharing and Analysis Center (Crypto-ISAC).

Japan’s Financial Services Agency, collaborating with the Japan Virtual and Crypto Assets Exchange Association, has called for business self-inspections to reduce risks.

The three nations plan to strengthen sanctions against North Korean cyber actors and enhance cybersecurity across the Indo-Pacific region through trilateral working groups.

Share this article