PYONGYANG, October 25, 2025 — North Korea has circumvented UN sanctions by leveraging cryptocurrency and sending IT workers abroad, according to a report from the Multilateral Sanctions Monitoring Team (MSMT).

---

Cybercrime and Cryptocurrency Operations

Under Kim Jong Un, Pyongyang has intensified its cyber operations, turning hacking into a major revenue source. The MSMT reported that North Korea stole at least $1.65 billion in 2025, including $1.4 billion from crypto exchange Bybit in February alone.

In 2024, the country gained another $1.2 billion via illicit cryptocurrency activity, which the regime funneled into its weapons of mass destruction (WMD) and ballistic missile programs.

The report noted the use of stablecoins for transactions involving military equipment and raw materials such as copper, crucial for munitions production.

---

Exploiting IT Workers Abroad

North Korea also sidestepped sanctions by deploying IT workers to at least eight countries, including China, Russia, Laos, Cambodia, Equatorial Guinea, Guinea, Nigeria, and Tanzania. Plans were cited to send 40,000 laborers, including IT specialists, to Russia. Under UN sanctions, such labor earnings abroad are prohibited.

Some workers secured animation and IT contracts with companies connected to Amazon and HBO Max, although these firms clarified the workers were subcontractors, not direct employees.

---

Broader Context

The MSMT, comprising Australia, Canada, France, Germany, Italy, Japan, the Netherlands, New Zealand, South Korea, the UK, and the US, operates independently of the UN and monitors violations of Security Council sanctions.

The report highlighted additional North Korean tactics, including posing as recruiters on LinkedIn to access sensitive technology information from South Korean defense workers.