Bitcoin News

How the North Korean Hacker Group ‘APT43’ Uses Crypto Services to Fund Espionage Operations

Bitcoin and blockchain have many uses. A new espionage funding method was unfortunate. Espionage is spying for political, military, or commercial advantage. 

Bitcoins offer privacy and decentralization that traditional fundraising cannot. These factors make it hard for governments to trace espionage funding. Hackers have laundered stolen money using crypto services. Hackers hide their stolen assets via exchanges, wallets, and mixing services.

Anonymity: Bitcoin and Ethereum are decentralized. They check transactions without central authority. They are valuable for supporting espionage because governments cannot track their funds. Pseudonyms and encrypted messaging make it hard to track transactions.

Decentralization: Banks process traditional finance transactions. Cryptocurrencies are decentralized. Two parties can transfer and receive funds without third-party verification. Decentralization makes it hard for governments to restrict espionage funds.

Cryptocurrencies are unregulated in several nations. Spy operations can fund themselves more easily. So, there are no limits on money transfers, recipients, or amounts.

Difficulty Tracking: Blockchains record cryptocurrency transactions. Parties are unknown. This makes it hard for law enforcement to trace espionage funding. Cryptocurrency Mixers: Users can mix their coins with other users’ coins to hide their source. Criminals and spies use these services for anonymity.

Absence of Paper Trail: Bitcoin transactions leave no paper record, making it hard for law enforcement to track funds. Checks and wire transfers leave a paper trail. Tracing cryptocurrency transactions is harder. Speed and Efficiency: Bitcoin transactions take minutes. Spys may transfer payments fast and discreetly with this speed and efficiency.

North Korean hackers have been crypto-hacking for years. North Korea is a major cybercriminal state. Its hackers attacked cryptocurrency exchanges, wallets, and protocols. The Lazarus Group is one.

APT43 was the subject of Mandiant’s newest report. This cryptocurrency-funded group targets technology, healthcare, and aerospace. Mandiant found that APT43 likely supported the North Korean authorities and itself through eavesdropping on South Korea. They’ve succeeded:

“APT43 steals and launders enough cryptocurrency to buy operational infrastructure in accordance with North Korea’s juche state philosophy of self-reliance, alleviating fiscal load on the central government.”

APT43—known as Kimuski—used PayPal, American Express cards, and “Bitcoin undoubtedly derived from earlier activities” to fund the infrastructure.Several bitcoin miners employ cloud mining and hash rental.  Hackers can use these services to launder stolen cryptocurrency.

The hacker initially steals a lot of cryptocurrency from a victim. They buy hashing power from a hash rental or cloud mining provider with the stolen bitcoin. Hackers mine more cryptocurrency with higher hashing power.

The hacker can sell the newly generated bitcoin for clean cryptocurrency after mining. This manner, the hacker can hide stolen funds from law authorities utilizing hash rental and cloud mining services.

Hash renting and cloud mining are lawful, however they can be utilized for nefarious activity. Nonetheless, individuals and organizations must protect their bitcoin wallets from hacking. Exchanges and other cryptocurrency businesses should also detect and prevent money laundering.

Global governments are becoming aware of cryptocurrency-funded crime. Industry regulation is underway. So, spying with cryptocurrencies is growing harder.


Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.