News

North Korea suspected of stealing $285 million worth of cryptocurrency

Author:: Veronika Dovhaniuk
Date:: 8:43 PM EEST, April 15, 2026

North Korean cybercriminals are suspected of involvement in the theft of $285 million in cryptocurrency that occurred on April 1.

This was reported by The Wall Street Journal, citing leading blockchain analytics platforms TRM Labs and Elliptic and a statement from the decentralized exchange Drift.

On April 1, Drift wrote that it was observing unusual activity and began an investigation. After that, a message appeared that the exchange was under attack.

According to blockchain analysts, North Korea employed intermediaries who created fake profiles over a period of months. Before that, North Korean hackers likely created a fake CarbonVote token.

The hackers then bought and sold the token themselves to create a sales history that would make Drift believe CarbonVote was real. Once it was listed on the exchange, regular users began buying the token.

In the end, the cybercriminals increased the withdrawal limit to a very high level. In a few minutes, they carried out 31 transactions and withdrew hundreds of millions of dollars.

Within a few hours, most of the stolen funds were transferred from the Solana blockchain to another platform, making them untraceable. After the robbery, the fake traders left the Telegram chat where they were communicating with Drift.

In 2021, one of the most senior defectors from North Korea revealed how Kim Jong-unʼs regime makes money: the country actively trades in weapons and drugs, has its own army of hackers, and an extensive network of spies in other countries, especially in South Korea.
In February 2022, the UN released a report stating that North Korea is funding its missile program and nuclear tests with stolen cryptocurrency. From 2020 to 2021, hackers from the DPRK stole millions of dollars in cryptocurrency by attacking exchanges in North America, Europe, and Asia.
In March 2025, the British newspaper The Times reported that North Korea holds the third largest Bitcoin reserves in the world —a feat achieved by hackers stealing the cryptocurrency in large-scale cyberattacks.

For more news and in-depth stories from Ukraine, please follow us on X.