Leaders of the G7 are preparing to address North Korea’s escalating cyberattacks and cryptocurrency thefts at their upcoming summit in Alberta, Canada, scheduled for mid-June.
This move comes amid growing global concerns over Pyongyang’s use of cybercrime to fund its weapons programs.
While talks are expected to be dominated by the wars in Ukraine and Gaza, North Korea’s cyber activities are likely to loom large on the agenda.
According to sources briefed on the matter, the leaders are planning to discuss a coordinated response to Pyongyang’s increasing cyber threat. That could involve strengthening international cybersecurity frameworks, blocking digital assets associated with North Korea, and cutting off crypto platforms that launder money with harsher penalties.
The G7 wants to signal that the world community will no longer accept such cyber aggression. Canada will seek firmer alliances and intelligence-sharing agreements as the host country to combat cyber-enabled crimes.
G7 leaders sound alarm over North Korea’s cyber heists
North Korea is back on the international stage. This time, it’s not missile launches but something more stealthy — billion-dollar cyberattacks.
In February 2025, cybercriminals with ties to North Korea stole around $1.5 billion from Bybit, a large digital currency exchange in Dubai. The F.B.I. said the hackers were part of the notorious Lazarus Group, a state-sponsored hacking organization believed responsible for the 2014 SONY attack.
The group quickly converted the extorted funds to Bitcoin and scattered them to thousands of blockchain wallets to launder the money.
This was not a one-off event. North Korean-linked hackers were behind 47 major attacks during 2024, stealing a total of $1.34 billion in cryptocurrency, up from $661 million in 2023, according to data from the blockchain analysis firm Chainalysis.
However, experts said the cash is not going into private pockets but instead being used to finance the regime’s sanctioned weapons programs. North Korea even uses digital money to get around international sanctions, allowing it to keep building nuclear and missile technology.
These thefts have grown in size and complexity and have alarmed world powers. North Korea is now a major player in cybercrime.
North Korean operatives infiltrate global tech jobs to fund weapons programs secretly
North Korea’s cyber offensive does not stop at hacking. The country has built another quieter weapon — its global IT workforce.
Thousands of tech-savvy North Koreans are reportedly working remotely from countries like China and Russia, posing as freelance software developers. Using false identities, they apply for jobs and secure well-paying positions, earning thousands of dollars. These earnings are then funneled back to support the North Korean regime, according to reports.
In a recent case earlier this year, crypto exchange Kraken discovered a sophisticated one-man operation in which a North Korean operative had applied to a software engineering role under multiple false personas. This person had weaved a complex web of false resumes and online profiles to insinuate themselves into tech companies worldwide.
The U.S. Department of Justice said these IT workers use advanced techniques to conceal their identities. They depend on pseudonymous email accounts, sham websites, proxy servers, and even unwitting cutouts in the United States and elsewhere.
In a statement released in January, the Justice Department said that these workers can earn up to $300,000 a year. When their numbers reach the tens of thousands, the income becomes a significant revenue stream for North Korea. It added that the proceeds typically go directly to the country’s Ministry of Defense and other entities involved in weapons programs.
In retaliation, the U.S. and its allies have tightened hiring practices around tech and crypto industries, encouraging companies to perform more thorough verification checks to identify remote workers.
Cryptopolitan Academy: Coming Soon - A New Way to Earn Passive Income with DeFi in 2025. Learn More
