North Korea Launders Billions in Stolen Crypto(coindesk.com)
coindesk.com
North Korea Launders Billions in Stolen Crypto
https://www.coindesk.com/policy/2025/03/07/here-s-how-north-korea-launders-billions-of-stolen-crypto
70 comments
How long until they get their hands on the US “strategic bitcoin reserve”?
You have it backwards. The purpose of the reserve is to turn their crypto into money.
They don't have to. The creation of such a direct government subsidy to bitcoin holders will drive the price up anyway.
Until the NSA or Google uses a sufficiently powerful quantum computer: https://www.coinbase.com/learn/crypto-basics/is-quantum-comp... Then you can take anyone's crypto that you'd like.
I believe, for bitcoin, that only works to spend coins from addresses that have already been used to spend coins, which, is therefore discouraged as a way to hold bitcoins? Instead, best practices are to, when sending from an address, to send all the unspent coins to addresses that have not been sent from yet. This does make things marginally harder for providing an address for people to send to though, because one has to change the address they are to send to at least every time one wants to spend what one has received.
For chains where one uses one persistent address, in order to allow other important features, then it could be more of an issue.
Still, I think solutions will probably be put in place before it becomes a real issue.
… hm, come to think of it, the use of public/private key pairs in cryptocurrencies, is, I think, pretty much exclusively used for signing, not for encrypting, right? In that case, it seems like an option based on hashes and ZKSNARKs should be able to play much the same role? So, even if all the purportedly quantum-safe alternatives to RSA and ECC end up vulnerable for the same reasons, I think probably something that only does the signing part should be possible? Or, hm, at least in the interactive setting…
For chains where one uses one persistent address, in order to allow other important features, then it could be more of an issue.
Still, I think solutions will probably be put in place before it becomes a real issue.
… hm, come to think of it, the use of public/private key pairs in cryptocurrencies, is, I think, pretty much exclusively used for signing, not for encrypting, right? In that case, it seems like an option based on hashes and ZKSNARKs should be able to play much the same role? So, even if all the purportedly quantum-safe alternatives to RSA and ECC end up vulnerable for the same reasons, I think probably something that only does the signing part should be possible? Or, hm, at least in the interactive setting…
If there's a strong enough consensus, everyone can just agree to migrate to some new technology and let the original go to zero.
DAO and Etherium?
Kind of like that, yeah. It may cause some people to re-evaluate what they even value about the whole thing and why anyone should honor the existing allocation (which is a good question). But it seems like a pretty obvious solution in face of such a complete breakdown.
Hopefully historians do not miss the immense irony of a situation where the only 2 countries to debase their own monetary system for a pseudo-currency, both orginally used the US Dollar.
Maybe the strategic reserve constitution will be a way to actually give money to them in exchange for crypto.
These days it feels anything is possible.
These days it feels anything is possible.
[deleted]
learn about Bitcoin Multisig security and then you tell me how long it will take
No present security will be suficient once IBM or others breaksthrough with Quantum. This will happen for sure. https://www.youtube.com/watch?v=I20KgRZCZEI
There's no guarantees that breakthrough is coming anytime soon. Scaling up the number of qubits in a processor is very hard and it's why progress has been pretty slow over the last decade.
Crypto is your guarantee that a quantum breakthrough has not already occurred
Not 100% sure what you mean but it depends on who makes it. A government would have better things to do with an encryption destroying quantum computer than crashing blockchains. Personally I wouldn't crash crypto coins immediately, I'd make some money off them first then wipe it out.
Also I was talking about the future. It may be impractical for centuries to make a quantum computer large enough to factor large current cryptographic keys. Last I read the difficulty of maintaining coherence has a non linear relation to the number of qubits involved.
Also I was talking about the future. It may be impractical for centuries to make a quantum computer large enough to factor large current cryptographic keys. Last I read the difficulty of maintaining coherence has a non linear relation to the number of qubits involved.
Unclear this will "happen for sure", but even if it did there are quantum-proof encryption techniques
Maybe the reserve will buy wBtc that is on a L2 chain.
They say crypto doesn't have a killer app. They're clearly wrong. It has several: easy scams, rug pulls, money laundering.
do we really think that an entire nation state is unable to set up the apparatus to cheat a few measly KYC checks?
coin to coin exchanges do not require KYC, so hypothetically if they can beat KYC (which surely they can) they wouldn't even need to be depositing the actual coins they stole.
coin to coin exchanges do not require KYC, so hypothetically if they can beat KYC (which surely they can) they wouldn't even need to be depositing the actual coins they stole.
The point of KYC isn't to make fraud impossible, but to make it expensive.
Isn’t “expensive” only a problem if your cost basis is >$0 ?
North Korea's cost basis is >$0. They have limited numbers of hacks per year that they can perform, and every road block in between the hack and unrestricted dollars will drain a couple percent of the profit, add a couple percent chance that they get caught or scammed while trying to launder the money. All or these have costs and reduce the take-home profit for Russia.
even if you conscion the frankly risible assumption that they don't already have systems in place to do this, are you seriously trying to suggest that setting up a system to beat some KYC checks is going to put any kind of a dent into billions of dollars?
I feel like you're struggling to grasp that I'm not saying "muh KYC is useless", I'm saying that this article doesn't seem to understand that it's useless in the face of a nation state for whom hacking is a major industry
I feel like you're struggling to grasp that I'm not saying "muh KYC is useless", I'm saying that this article doesn't seem to understand that it's useless in the face of a nation state for whom hacking is a major industry
Notably, North Korea only made hacking an industry after it's "SuperDollar" USD counterfeiting industry became too expensive and difficult to run because the USD had a design update that introduced significant security upgrades.
You would think "just manufacture cash" would also offset billions and yet it didn't really. End result, there are way fewer counterfeit USD in circulation now.
You would think "just manufacture cash" would also offset billions and yet it didn't really. End result, there are way fewer counterfeit USD in circulation now.
I suppose the difference is that counterfeiting currency requires very rare information, some very specialised machines and [something similar to] whatever the hell dollars are made out of. you could put a few motivated and intelligent teenagers in a room with a laptop for a few days and they could probably find multiple ways to crack KYC. the same is not true for counterfeiting currency.
still requires upfront cost. If that’s priced out of reach for most people, it’s still a deterrent.
right but N Korea is not most people. hacking is one of their primary industries. they almost certainly already have systems in place for this
Systems are expensive. That's the point.
yes, but they're not expensive if you already have them in place and you're a nation state with essentially free labour.
once again, we're not talking about some random clowns who've accidentally stolen a usb stick with these coins on it, we're talking about this article assuming that North Korea cannot circumvent KYC
once again, we're not talking about some random clowns who've accidentally stolen a usb stick with these coins on it, we're talking about this article assuming that North Korea cannot circumvent KYC
KYC is easy to beat on most platforms. look into stealer logs, as in the cybersecurity terms— you get the victim's cookies and passwords and often can bypass 2FA. Often, they have enough information to beat KYC.
Depends on the scale. Withdrawing millions of dollars to a bank account will require more than the median user's cookies, passwords, & 2FA.
you're just repeating a stock phrase you've heard here without any actual regard for the discussion being had
> do we really think that an entire nation state is unable to set up the apparatus to cheat a few measly KYC checks?
To withdraw a few thousand dollars? Easily. To withdraw 5 billion dollars of fiat? You'll face much more than "a few measly KYC checks."
To withdraw a few thousand dollars? Easily. To withdraw 5 billion dollars of fiat? You'll face much more than "a few measly KYC checks."
first of all it's 1.5bn, second of all they're obviously not going to withdraw it all in one account, they're going to find the absolute limit you withdraw from one account without hitting serious KYC, and then do that however many times they need to to withdraw the money
Of course not. But it's still more work than passing the KYC checks on US Federal Reserve notes (there are none at all), or just printing fake US Federal Reserve notes that are so good it forces the Bureau of Printing and Engraving has to do expensive redesigns. Of course, America's own CIA has been long suspected of doing the exact same thing.
https://en.m.wikipedia.org/wiki/Superdollar if you want to learn more.
https://en.m.wikipedia.org/wiki/Superdollar if you want to learn more.
The problem with counterfeiting dollars is that it only works until the design is changed and it's hard to transfer your capabilities. On the other hand hacking is convenient since it can be use for political leverage, espionage and similar.
The problem with hacking is that it's far easier to patch a vulnerability than it is to redesign a currency note and reissue new batches of them across an entire printing press while removing the old ones (some real, some fake) from circulation very slowly.
Also, Bitcoin has never had the counterfeiting problem of currency notes, largely because there's no such capacity for bad actors to create or issue counterfeit Bitcoin, as Bitcoin backed by mathematical work that must be performed to in order to mine/"mint" new Bitcoin, unlike US Federal Reserve Notes, which are backed by nothing more than an Intaglio printing press, some engraving plates with publicly-available designs, and 3D security ribbons, ribbons featuring ink that is visible under a blacklight (you can find which chemicals exhibit this property on Wikipedia), some paper, and some linen. Oh, and every single one of those ingredients are are produced by a third party (NOT the US Bureau of Printing and Engraving), who all solemnly pinky promise they don't secretly keep and distribute any extras :)
Also, Bitcoin has never had the counterfeiting problem of currency notes, largely because there's no such capacity for bad actors to create or issue counterfeit Bitcoin, as Bitcoin backed by mathematical work that must be performed to in order to mine/"mint" new Bitcoin, unlike US Federal Reserve Notes, which are backed by nothing more than an Intaglio printing press, some engraving plates with publicly-available designs, and 3D security ribbons, ribbons featuring ink that is visible under a blacklight (you can find which chemicals exhibit this property on Wikipedia), some paper, and some linen. Oh, and every single one of those ingredients are are produced by a third party (NOT the US Bureau of Printing and Engraving), who all solemnly pinky promise they don't secretly keep and distribute any extras :)
America doesn't rescind or invalidate old money from circulation when a new design comes out though. No one is going to bat an eye at a 10 year old $100 bill coming through.
Well then I guess it's settled - the US Federal Reserve notes are truly inferior to Bitcoin in terms of counterfeit resistance!
Humor aside, "When currency is deposited with a Federal Reserve Bank, the quality of each note is evaluated by sophisticated processing equipment. Notes that meet our strict quality criteria--that is, that are still in good condition--continue to circulate, while those that do not are taken out of circulation and destroyed. This process determines the lifespan of a Federal Reserve note."
Not only does the Federal Reserve routinely remove counterfeit notes from circulation, they even routinely remove non-counterfeit notes that are older or have physical damage from circulation!
You'll also find on the source link below, typical lifespans of circulation for various notes, as follows:
Denomination - Estimated Lifespan
$1 - 6.6 years
$5 - 4.7 years
$10 - 5.3 years
$20 - 7.8 years
$50 - 12.2 years
$100 - 22.9 years
So no, nobody is going to bat an eye at a 10-year-old 100-dollar federal reserve note, but by 25 years old, it would be likely to have already been removed from circulation. The 10-year timeframe you mention is more appropriate for $20 and below, but those notes tend to be counterfeited less than larger notes.
Source: https://www.federalreserve.gov/faqs/how-long-is-the-life-spa...
Humor aside, "When currency is deposited with a Federal Reserve Bank, the quality of each note is evaluated by sophisticated processing equipment. Notes that meet our strict quality criteria--that is, that are still in good condition--continue to circulate, while those that do not are taken out of circulation and destroyed. This process determines the lifespan of a Federal Reserve note."
Not only does the Federal Reserve routinely remove counterfeit notes from circulation, they even routinely remove non-counterfeit notes that are older or have physical damage from circulation!
You'll also find on the source link below, typical lifespans of circulation for various notes, as follows:
Denomination - Estimated Lifespan
$1 - 6.6 years
$5 - 4.7 years
$10 - 5.3 years
$20 - 7.8 years
$50 - 12.2 years
$100 - 22.9 years
So no, nobody is going to bat an eye at a 10-year-old 100-dollar federal reserve note, but by 25 years old, it would be likely to have already been removed from circulation. The 10-year timeframe you mention is more appropriate for $20 and below, but those notes tend to be counterfeited less than larger notes.
Source: https://www.federalreserve.gov/faqs/how-long-is-the-life-spa...
okay, so? spending money is not the same as depositing it at the fed.
> No one is going to bat an eye at a 10 year old $100 bill coming through.
Within the US mostly. Although sometimes you can have trouble with a $2.
Outside the states you might.
Within the US mostly. Although sometimes you can have trouble with a $2.
Outside the states you might.
Also I’m not expert but washing a significant amount of cash seems extremely more difficult than the Hacking enterprises?
So, they are banking with HSBC?
If the Kim family suddenly decided to take the money and run to Dubai (or where-ever crypto scammers retire to), I wonder if anything in North Korea would even change.
Riding a tiger is dangerous, climbing down is even more so.
If he took all the money and ran? Yeah, there would be a nuclear power vacuum and a massive migration crisis towards the south that requires the US, China and Russia to be cooperative on to deal with. It would be the most hilarious way to start WW3.
Well there was the time someone wanted to stop for a sandwich...
What is this reference?
It's considered how World War 1 started. ;)
I got the details muddled, I thought Franz Ferdinand stopped for a sandwich, but it was the person who shot him kicking off a chain of events that started the first World War who stopped for a sandwich, and on his way out spotted Franz Ferdinand and literally too his shot.
https://medium.com/weird-history/a-sandwich-sparked-a-war-th...
I got the details muddled, I thought Franz Ferdinand stopped for a sandwich, but it was the person who shot him kicking off a chain of events that started the first World War who stopped for a sandwich, and on his way out spotted Franz Ferdinand and literally too his shot.
https://medium.com/weird-history/a-sandwich-sparked-a-war-th...
Ah yes, the killer was planning his kill for some time and when he decided to do it, Franz Ferdinand changed his usual path. The killer was disappointed, went to get something to eat and met him by chance (well, for him at least) while he was eating.
After asking my question I was wondering of you were not referring to the attempt to flee the country by Louis XVI (who was stopped at Varennes because he was recognized after chatting around instead of sitting still in the cart)
After asking my question I was wondering of you were not referring to the attempt to flee the country by Louis XVI (who was stopped at Varennes because he was recognized after chatting around instead of sitting still in the cart)
Dubai is indeed where crypto scammers retire to.
They actually have an escape plan, with a base in Switzerland. Look it up, it's not even a secret.
EDIT: OK, turns it it's not that easy to find. I saw it in a documentary from a pretty serious source [1]. Unfortunately for you, it's in French (there should be a German version too).
[1] https://youtu.be/LdH7WYVYF8s
EDIT: OK, turns it it's not that easy to find. I saw it in a documentary from a pretty serious source [1]. Unfortunately for you, it's in French (there should be a German version too).
[1] https://youtu.be/LdH7WYVYF8s
Do you have a timestamp? Searching through the transcript doesn't produce any hits for "Suisse" at all.
Found it! I linked the wrong video. The correct one is https://youtu.be/1CsRF3XLRLg, and you can find the info around the 14th minute.
that's a really interesting question!
My only $0.02 is that there isn't a coherent political apparatus to transition political power - as I imagine that the power dynamics among the secondary rank is adversarial.
In short: the power vacuum would result in a bloodbath.
Unless the international community jumps on it in a multilateral fashion(a la Balkans)
Might as well ask for a magical unicorn to swoop in and save the day. The international community doesn't want to touch North Korea with a 10 meter pole. There is a definite sense of whomever tries to intervene will inherit responsibility for the largest ongoing humanitarian crisis in modern history.
If you swoop in there and size power how are you going to lift the people out of poverty and not create the largest refugee crisis in history?
If you swoop in there and size power how are you going to lift the people out of poverty and not create the largest refugee crisis in history?
I would bet you're probably right. You are touching on the heart of the fact that regime transition is really a intl. Relations problem.
There may be an awkward power vacuum as always with dictators setting up deliberately unclear lines of secession but chances are someone else with the most claim to 'legitimacy' would grab power. Just like how the royal bloodline dying out alone didn't mean there were no more kings.
What's the merit of doing this?
crypto?
Emperor Rocket Boy, has everything needed to go full ICBM NUKE, on a thumb drive, the crypto thing is just a side hobby, that shares time on whatever small mountain of GPU's that are used for all the rocket and submarine, nuke engineering that is going on in NK, which is his main hobby.
They could sell it at market price (or slightly below) to the US strategic bitcoin reserve. I'm sure no one in the Trump administration would have any moral conundrums about this.
Without a shred or actual evidence, I'd be ready to bet that many terrorist groups are buying their equipment/weapons in crypto. Arms, drugs, laundering, etc, it's just so convenient.. And in time it will become worse.
That being said, I also understand that crypto is unavoidable - eg the concept of the blockchain would have been discovered sooner or later and now it can't be stopped.