G7 Flags North Korean Cybercrime After $2B Stolen in 2025

G7 leaders broadened their warning over North Korean crypto theft to include wider cybercrime as researchers link DPRK-affiliated actors to billions of dollars in stolen digital assets.

Group of Seven (G7) leaders have renewed their call for joint action against North Korean cryptocurrency thefts and cybercrime.

In a statement adopted at this week's G7 summit in Évian-les-Bains, France, the leaders expressed “deep concern” over North Korea’s nuclear and ballistic missile programs. The United Nations and security researchers have linked North Korea's crypto thefts to funding for the country's weapons programs.

The G7 leaders did not specify how members should act on the call, making no mention of measures such as exchange screening, sanctions or actions against mixing services often discussed in connection with North Korean crypto laundering.

The G7 also referenced North Korean cryptocurrency thefts after its June 2025 summit in Canada, when the group's chair called for members to jointly address “DPRK cryptocurrency thefts fueling” the country’s nuclear and ballistic missile programs.

The renewed call comes amid a series of high-profile exploits with suspected links to North Korean actors, including the roughly $285 million Drift Protocol exploit in April and the $36 million Humanity Protocol breach in June.

DPRK hack activities from 2016 to 2025. Source: Chainalysis

North Korean hackers stole at least $2 billion in crypto in 2025, according to Chainalysis, pushing the all-time total attributed to DPRK-affiliated actors to at least $6.75 billion.

Chainalysis said the hackers generated bigger returns last year, despite carrying out fewer confirmed attacks, often by embedding information technology workers inside crypto companies or impersonating recruiters and investors to obtain access to internal systems.

Related: North Korea ‘industrialized’ crypto theft, laundered billions: CertiK

On May 15, a CrowdStrike report described North Korean actors as the largest threat group targeting crypto users by value stolen. The cybersecurity company said the campaigns prioritized high-value targets, with proceeds “almost certainly laundered to fund the regime’s military programs.”

Meanwhile, North Korea has rejected the allegations that it poses a cyber threat. In a May 3 statement published by state news agency KCNA, a Foreign Ministry spokesperson accused the US of spreading false information and described claims of a North Korean cyber threat as politically motivated “slander.”

Magazine: The end of anon? AI could unmask crypto’s hidden identities

Cointelegraph is committed to providing independent, high-quality journalism across the crypto, blockchain, AI, and fintech industries.

All news, reviews, and analyses are produced with full journalistic independence and integrity. For more details on our standards and processes, please read our Editorial Policy .

新闻图片