news

G7 Flags North Korea's Crypto Hack Spree as Global Security Threat

Dhananjay Singh
Published: June 19, 2026
4 min read
G7 Flags North Korea's Crypto Hack Spree as Global Security Threat

STAY UPDATED WITH COTI

Follow COTI across social media platforms to get the latest news, updates and community discussions.

X IconFollow on XTelegram IconJoin Telegram
Make us preferred on Google

Summary:

  • G7 leaders have raised fresh concerns over North Korea's crypto thefts and cybercrime activities.
  • The group linked digital asset hacking activity to broader nuclear and ballistic missile financing risks.
  • Chainalysis estimated DPRK-linked hackers stole $2.02 billion in crypto in 2025 alone.
  • The G7 statement called for joint action but did not introduce new sanctions or enforcement measures.

Global attention on North Korea's cyber operations intensified after G7 leaders issued a coordinated warning highlighting the country's growing involvement in cryptocurrency theft and cybercrime. The statement was released following the G7 summit held in Evian-les-Bains, France, where leaders discussed geopolitical risks linked to digital assets alongside broader security issues. In the official communiqué, G7 members expressed concern over North Korea's nuclear and ballistic missile programs and connected those concerns to cyber-enabled financial activity.

"We reiterate the need to jointly address North Korea's cryptocurrency thefts and cybercrimes." Source

The statement reflects growing recognition among advanced economies that crypto-related cybercrime is no longer just a financial issue, but also part of broader national security discussions. However, the G7 did not announce new sanctions, regulatory measures, or enforcement tools targeting exchanges, mixers, or on-chain intermediaries. It also did not provide a timeline for future coordinated action.

Billions in stolen crypto linked to DPRK cyber operations

The G7 warning follows a series of reports from blockchain intelligence firms suggesting that North Korean-linked hacking groups remain among the most active and financially successful cybercriminal networks targeting the crypto ecosystem. According to Chainalysis, North Korean hackers stole approximately $2.02 billion in cryptocurrency in 2025 alone, bringing the estimated total attributed to DPRK-linked activity to at least $6.75 billion.

Source

The report highlights how stolen digital assets continue to play a role in funding North Korea's broader strategic programs, including its weapons development initiatives. While the methods vary, blockchain analysts have consistently identified patterns involving phishing campaigns, infrastructure breaches, and social engineering attacks targeting both centralized platforms and decentralized protocols. Recent incidents in 2026 further reinforced those concerns. Two major attacks attributed to North Korea-linked Lazarus-style operations reportedly drained $577 million combined from Drift Protocol and KelpDAO in April 2026, making them among the largest crypto thefts reported that year. These incidents underline how rapidly evolving DeFi infrastructure continues to present opportunities for sophisticated attackers capable of exploiting technical and human vulnerabilities. At the same time, cybersecurity researchers note that attribution remains complex, relying on behavioral analysis, infrastructure overlap, and historical attack patterns rather than direct evidence. 

READ MORE: Coinbase Returns to India With Direct Rupee Transfers After Regulatory Approval

No new sanctions announced as geopolitical pressure builds

Despite the scale of reported losses, the G7 statement stopped short of introducing new enforcement mechanisms. There were no additional sanctions announced, no specific guidance on tightening exchange compliance rules, and no new coordinated framework targeting mixers or laundering channels. This reflects a broader challenge facing global policymakers: while there is increasing consensus that crypto theft is being used as a funding mechanism for sanctioned states, aligning enforcement strategies across jurisdictions remains complex. North Korea has consistently denied involvement in cybercrime operations. In a recent response cited by international media, a Foreign Ministry spokesperson described the accusations as "absurd slander" and claimed that the United States and its allies were spreading false information for political purposes.

Despite these denials, governments and cybersecurity firms continue to attribute large-scale crypto thefts to DPRK-linked groups, including the well-known Lazarus network and related clusters. Security firms such as CrowdStrike have previously described these actors as highly organized, often using deceptive recruitment tactics, fake identities, and long-term infiltration strategies to gain access to systems and wallets. These methods often blur the line between technical hacking and social engineering, making detection and prevention more difficult for both centralized exchanges and decentralized protocols.

Closuing Thoughts

The latest G7 statement reflects a growing shift in how digital asset crime is viewed at the international level. What was once treated primarily as a financial cybersecurity issue is increasingly being discussed alongside sanctions enforcement, nuclear policy, and geopolitical stability. However, the absence of concrete enforcement steps suggests that while concern is high, policy coordination is still evolving. For now, the G7 message keeps North Korea's crypto-linked cyber activity on the diplomatic agenda without introducing immediate operational changes. That leaves a gap between intelligence reports highlighting billions in stolen assets and the global policy response still catching up. As blockchain adoption continues to expand, and as decentralized financial systems grow more complex, the challenge for governments will likely center on coordination, attribution, and enforcement consistency across borders. The latest warning signals that crypto is now firmly part of that broader security conversation.

READ MORE: EU Targets Crypto in New Russia Sanctions Package, Proposes Ban on 11 Digital Asset Platforms

Related Topics

#G7#Global Security Threat#Crypto Hack#North Korea

About the Project

Crypto News

About the Author

Dhananjay Singh

Dhananjay Singh

Dhananjay Singh is a DeFi reporter at CotiNews covering the evolving decentralized finance landscape. His work focuses on developments within the Ethereum ecosystem and the growing COTI network. He holds a Bachelor’s degree in Political Science from the University of Delhi.

View all articles

Disclaimer

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official stance of CotiNews or the COTI ecosystem. All content published on CotiNews is for informational and educational purposes only and should not be construed as financial, investment, legal, or technological advice. CotiNews is an independent publication and is not affiliated with coti.io, coti.foundation or its team. While we strive for accuracy, we do not guarantee the completeness or reliability of the information presented. Readers are strongly encouraged to do their own research (DYOR) before making any decisions based on the content provided. For corrections, feedback, or content takedown requests, please reach out to us at

contact@coti.news

Stay Ahead of the Chain

Subscribe to the CotiNews newsletter for weekly updates on COTI V2, ecosystem developments, builder insights, and deep dives into privacy tech and industry.
No spam. Just the alpha straight to your inbox.

We care about the protection of your data. Read our Privacy Policy.