![The Multilateral Sanctions Monitoring Team (MSMT) found that North Korea’s sophisticated cyber force had stolen at least $1.65 billion from January to September 2025 [File] | Photo Credit: REUTERS](https://newspage360.com/wp-content/uploads/2025/10/2025-09-12T093317Z_612832270_RC2PEV9AHBSL_RTRMADP_3_NORTHKOREA-UN-RIGHTS-1068x601.jpg "The Multilateral Sanctions Monitoring Team (MSMT) found that North Korea’s sophisticated cyber force had stolen at least $1.65 billion from January to September 2025 [File] | Photo Credit: REUTERS")
Key Takeaways
- North Korea stole $2.85 billion in cryptocurrency during 2024-2025 to fund weapons programs
- Pyongyang deployed IT workers globally, including to major Western animation projects
- Sanctions monitoring group reveals stablecoins used for military equipment trade
North Korea is systematically bypassing United Nations sanctions through sophisticated cryptocurrency theft and by sending thousands of IT workers abroad, according to a new international report. The regime has generated billions to fund its illegal weapons programs despite global restrictions.
Massive Crypto Theft Operations
The Multilateral Sanctions Monitoring Team (MSMT) revealed that North Korea’s cyber forces stole at least $1.65 billion between January and September 2025 alone. This includes a massive $1.4 billion heist from crypto exchange Bybit in February.
These recent thefts come on top of $1.2 billion in cryptocurrency gains during 2024, showing a dramatic escalation in Pyongyang’s digital robbery campaigns.
All stolen funds are funneled directly into “the unlawful development of its WMD and ballistic missile programs,” the report confirmed.
Stablecoins for Military Procurement
Investigators discovered North Korean officials using stablecoins for weapons-related transactions. The digital currency facilitates “the sale and transfer of military equipment and raw materials such as copper, which is used in munitions production.”
This represents a sophisticated evolution in how the isolated regime finances its military ambitions while avoiding traditional financial tracking systems.
Global IT Worker Deployment
Beyond cryptocurrency, North Korea has dispatched IT workers to at least eight countries to generate foreign currency. Most workers went to China, with significant numbers also sent to Russia, Laos, Cambodia, and several African nations including Nigeria and Tanzania.
Most alarmingly, MSMT found plans to send “40,000 labourers to Russia, including several delegations of IT workers” – a direct violation of UN sanctions prohibiting North Korean workers from earning money abroad.
Western Animation Projects Infiltrated
The monitoring group cited a 2024 report revealing that North Korean IT workers, hiding their nationalities, secured contracts on animation projects for major companies including Amazon and HBO Max.
An Amazon spokesperson clarified they never hired such workers directly, but acknowledged working with an animation studio that employed sub-contractors “allegedly involved in the scheme.”
HBO did not respond to requests for comment. The North Korean animators also worked for Pyongyang’s state-owned studio SEK, which previously assisted on Western projects including “The Simpsons Movie.”
Broader Espionage Campaigns
Seoul’s intelligence agency separately reported that North Korean operatives used LinkedIn to pose as recruiters targeting South Korean defense workers. The goal was obtaining sensitive technological information from defense firms.
The MSMT, comprising eleven nations including the US, UK, Japan and South Korea, operates independently while monitoring UN Security Council sanctions violations. The group began operations in October 2024 amid growing concerns about sanctions evasion.
