North Korea using crypto, IT workers to dodge UN sanctions: Report

SEOUL – North Korea is circumventing UN sanctions by using cryptocurrency to trade raw materials and military weaponry, and by deploying large numbers of IT workers abroad to launder funds and generate income for Pyongyang, an international sanctions monitoring group reported.

Under leader Kim Jong Un, Pyongyang has ramped up cyber operations in recent years, turning hacking into a key source of foreign currency in the face of biting sanctions over its nuclear and weapons programmes.

The Multilateral Sanctions Monitoring Team (MSMT) found that North Korea’s sophisticated cyber force had stolen at least US$1.65 billion (S$2.1 billion) from January to September, including US$1.4 billion from crypto exchange Bybit in February.

That was in addition to North Korea’s ill-gotten cryptocurrency gains of US$1.2 billion in 2024, the monitoring group said in a report on Oct 22.

Pyongyang funnels the funds into “the unlawful development of its WMD (weapon of mass destruction) and ballistic missile programmes”, it said.

The report’s authors found that North Korean officials used a type of cryptocurrency called stablecoin “for procurement-related transactions, including the sale and transfer of military equipment and raw materials such as copper, which is used in munitions production”.

The country further evaded UN sanctions by sending IT workers to at least eight countries.

Most went to China, but others were dispatched to Russia, Laos, Cambodia, Equatorial Guinea, Guinea, Nigeria and Tanzania.

The MSMT also found that North Korea was planning to send “40,000 labourers to Russia, including several delegations of IT workers”.

Under UN sanctions, North Korean workers are prohibited from earning money abroad.

Pyongyang has secured crucial backing from Moscow in recent years, after sending weapons and thousands of North Korean troops to fight alongside Russian forces against Ukraine.

The MSMT also cited a 2024 report by 38 North, a specialist analysis programme run by the Stimson Centre think-tank, stating that North Korean IT workers – hiding their nationalities – secured contracts to work on animation projects that were being steered by Japanese and US companies like Amazon and HBO Max.

An Amazon spokesperson contacted by AFP stressed that the company had never hired any such workers directly, adding: “We had previously worked with an animation studio that hired sub-contractors who were allegedly involved in the scheme. However, they were not Amazon employees and didn’t have access to internal systems.”

HBO did not respond to an AFP request for comment.

The report said the North Korean animators also worked for companies like Pyongyang’s state-owned animation studio SEK – previously reported to have assisted in Western projects such as 2007’s The Simpsons Movie.

Seoul’s intelligence agency in 2024 said North Korean operatives had used LinkedIn to pose as recruiters and approach South Koreans working at defence firms to obtain information on their technologies.

The MSMT, launched in October 2024, monitors and reports violations of UN Security Council sanctions on North Korea, though it operates independently of the UN.

It comprises officials from Australia, Britain, Canada, France, Germany, Italy, Japan, the Netherlands, New Zealand, South Korea and the US. AFP