The U.S. Treasury Department announced new sanctions against two individuals and two companies accused of participating in the theft of cryptocurrencies from American firms, aimed at financing Pyongyang's nuclear and missile programs.
According to the statement, the sanctions targeted a Russian citizen, a North Korean official residing in Russia, along with a group of North Korean IT experts, in addition to a Chinese company described as a front to mask their activities.
Investigations indicate that this network relied on employing North Korean workers with fake identities within technology and digital asset trading companies abroad, allowing it to steal digital funds and transfer them through complex money laundering operations into North Korea.
This step is part of a series of measures that Washington has been implementing for years to pursue the electronic activities of Pyongyang, as previous sanctions have included cryptocurrency mixing platforms such as Tornado Cash and Sinbad, in an attempt to cut off the routes that North Korea uses to circumvent international restrictions.
A report from the United Nations Security Council indicated that the total amount seized by hacking groups linked to North Korea between 2017 and 2024 exceeded $3.6 billion, with numbers continuing to rise. Analysts noted that North Korean-affiliated tech workers received over $16.5 million for their services from the beginning of 2025 until June, after managing to infiltrate hundreds of jobs in cryptocurrency companies around the world using forged documents.
These developments reflect the complexities of exploiting digital assets to finance illicit activities, while also highlighting the ongoing challenges faced by the cryptocurrency sector regarding safety and compliance with international standards. Experts believe that the solution requires tightening identity verification procedures for workers in this field, and enhancing compliance and regulatory systems.