G7 world leaders are set to gather in Alberta, Canada, this June, where North Korea’s escalating involvement in cryptocurrency heists and cyberattacks will be a significant topic of discussion.
The G7 is expected to unveil stricter global measures to counter the growing cyber threats posed by North Korea. These measures may include additional cybersecurity steps, more stringent limits on crypto assets linked to North Korea, and harsher sanctions on platforms that facilitate the laundering of stolen funds.
Cyberattacks associated with North Korea have seen a marked increase over the last two years. According to blockchain data company Chainalysis, in 2024 alone, hackers linked to the regime conducted 47 significant crypto heists, accumulating over $1 billion. This represents a substantial increase from 2023, when North Korean hackers reportedly stole $661 million in crypto assets.
One of the most notable attacks occurred in February 2025, when hackers withdrew approximately $1.5 billion from the Dubai-based crypto exchange Bybit. The FBI later attributed this theft to the Lazarus Group, a hacking collective linked to North Korea and previously implicated in the 2014 Sony Pictures hack.
Reports indicate that the stolen funds are being channeled to support North Korea’s defense initiatives, including its missile technology and nuclear weapons programs. Cryptocurrency provides a means for North Korea to bypass international sanctions imposed on its weapons development.
In addition to direct hacking, North Korea has also established a global network of freelance IT workers. These individuals often operate from countries like China or Russia, securing remote employment at crypto firms and other technology companies using assumed names. They reportedly employ fake resumes, burner email accounts, and sometimes American middlemen to circumvent background checks during the hiring process.
