Three of the world’s largest economies just sat down in Washington to figure out how to stop one of the world’s smallest from robbing the internet blind. The US, Japan, and South Korea convened their fifth Trilateral Diplomatic Working Group on DPRK Cyber Threats on June 25-26, committing to deeper coordination against North Korea’s crypto theft operations, money laundering networks, and increasingly sophisticated AI-driven hacking campaigns.

North Korea’s hackers were responsible for 76% of all reported crypto hack losses in early 2026. Two major hacks in 2026 alone, targeting Drift Protocol and KelpDAO, netted North Korean actors $577 million combined. Since 2017, cumulative crypto thefts attributed to the DPRK now exceed $6 billion. Japan put a finer point on the scale of the problem, with reports indicating North Korea has stolen approximately 93 billion yen in crypto assets. These aren’t random smash-and-grab operations. They’re methodical, state-sponsored campaigns designed to funnel money directly into Pyongyang’s nuclear weapons and missile development programs.

The trilateral working group, which has been operational since 2023, has tracked a consistent pattern of North Korean attacks on global crypto exchanges and decentralized finance protocols. In January 2025, a joint statement from the three nations highlighted thefts totaling $308 million from DMM Bitcoin alone. Historical targeting has also included Upbit’s Solana-based assets in 2025.

The Washington gathering focused on three core areas: intelligence sharing on suspicious activities, raising awareness about North Korean cyber tactics, and building public-private partnerships to disrupt laundering operations. Participants also spent considerable time discussing how DPRK hackers are leveraging AI-driven techniques to enhance their operations. No new sanctions were announced. No specific recovery strategies for stolen funds were outlined.

The immediate takeaway for anyone holding crypto or operating an exchange is straightforward: the regulatory environment is about to get more intense. When three major economies coordinate specifically on crypto crime, stricter compliance requirements tend to follow. Exchanges and DeFi protocols operating in the US, Japan, or South Korea should expect increased scrutiny of their security practices and anti-money laundering controls.

The pattern of North Korean targeting suggests that exchanges and DeFi protocols with weaker security postures are sitting ducks. Drift Protocol and KelpDAO weren’t obscure projects, and their combined $577 million in losses demonstrates that even established platforms can be vulnerable.

The $6 billion stolen since 2017 isn’t coming back. But whether the next $6 billion gets stolen depends largely on whether meetings like this one in Washington translate into something more than communiques and handshakes.