At 11:49 a.m. on July 18, 2024, North Korean hackers pounced on a major cryptocurrency exchange handling hundreds of millions of dollars. The hackers slipped into the exchange’s virtual vault, took control and then started pilfering cryptocurrency tokens. Within a little more than an hour, the hackers had disappeared—and with them, more than $200 million for the Kim Jong Un regime. 

The shocking theft at WazirX, India’s largest cryptocurrency exchange, along with several other major recent heists, has made it clear: North Korea is now the world’s most dangerous crypto thief. It has swiped more than $6 billion in cryptocurrency over the past decade—a sum so large that no one else compares. The country’s hackers are both patient and brazen, according to investigators. To get into companies’ computers, they comb through employees’ Facebook and Instagram pages and invent tailor-made stories to trick them into clicking on links with viruses. Some North Korean hackers have even become employees themselves, fooling U.S. companies into hiring them as remote IT workers and gaining access to their networks.

After grabbing their bounty, North Korean hackers are masters at escaping. At WazirX, investigators believe they used algorithms to spread funds through global crypto networks faster than any human could, making it almost impossible for authorities to catch up. Once the crypto is dispersed, North Koreans often lie low until investigators lose interest and move on, waiting months or years to convert their haul into traditional money that can be spent….Pyongyang’s crowning achievement came in February with a $1.5 billion raid of Bybit, one of the world’s biggest cryptocurrency exchanges, in the largest-ever such heist. That followed several hackings in 2024, when North Korea stole more than $6 out of every $10 lost by the cryptocurrency industry, according to Chainalysis, which tracks crypto theft.

North Korea’s success reflects the major resources dedicated to the task. The regime commands more than 8,000 hackers as though they were in a military unit, with the country’s brightest minds. State support means its hackers can wait months or years to exploit a single slip in a company’s digital security. Pyongyang’s desperation for cash, and its lack of concern for diplomatic blowback, have fueled its drive to be better than anyone else. 

Excerpts from How North Korea Cheated Its Way to Crypto Billions, WSJ, Apr. 3, 2025