Home - DeFi News - US Treasury Report: North Korea and Scammers Using DeFi to Launder Dirty Money

James Carter

April 7, 2023

US Treasury Report: North Korea and Scammers Using DeFi to Launder Dirty Money

The United States Treasury Department has disclosed that North Korean hackers and scammers make use of vulnerabilities in the decentralized finance (DeFi) area in order to conceal illegal activity and launder money.

The federal agency said in a study that was released on Thursday that North Korean hackers and other groups engaged in illegal activity have benefited from the non-compliance of select DeFi platforms with specific Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) requirements. This was stated in relation to the platforms’ failure to comply with AML and CFT regulations.

The report went on to state that the thievery of funds was caused by inadequate or non-existent AML/CFT controls for DeFi services in other jurisdictions, as well as inadequate cybersecurity measures implemented by DeFi services themselves.

“The assessment finds that illegal actors, such as ransomware cybercriminals, thieves, con artists, and cyber actors from the Democratic People’s Republic of Korea (DPRK), use DeFi services to move and clean their illegal money.” [Cyber] actors from the Democratic People’s Republic of Korea [DPRK].

In addition, the report, which was forty pages long, stated that “DeFi services at present often do not implement AML/CFT controls or other processes to identify customers, allowing layering of proceeds to take place instantaneously and pseudonymously.”

According to the findings of the paper, certain DeFi projects’ AML/CFT controls are omitted on purpose so that they can achieve their decentralization objectives.

However, according to the Treasury, “the majority of money laundering, terrorist financing, and proliferation financing by volume and value of transactions” take place in fiat currency or outside the ecosystem of digital assets.

Also Read:  US Lawmaker thinks DeFi is Dangerous

The officials advocate filling in any regulatory gaps that may exist and improving regulatory oversight of AML/CFT for decentralized finance systems.

The most recent report is in accordance with the executive order on digital assets that was signed by Vice President Joe Biden in March of last year. The directive’s ultimate goal was to encourage the growth of digital assets in a manner that is responsible.

Brian Nelson, who works for the Treasury, pointed out that decentralized finance can make it difficult to determine who is behind certain economic activities. However, he emphasized that the Bank Secrecy Act applies to both centralized and decentralized financial services.

He also brought up the possibility that some activities using decentralized finance may be more similar to traditional finance than was originally thought. He explained it by saying, “In some ways, they’re really decentralized in name only.”

North Korean Hackers Continue to Find New Ways

North Korean hacker groups, which are responsible for a significant amount of illegal actions conducted online, have been persistently inventing and developing new ways to steal cryptocurrency assets and launder the proceeds of their thefts.

In a study that was published not too long ago by the cybersecurity firm Mandiant, which is owned by Google, it was mentioned that the hacking organization APT43, also known as Kimuski, based in Pyongyang, buys cloud mining services using the stolen monies that it obtains in order to produce clean cryptocurrency that does not have blockchain-based linkages that law enforcement can trace.

According to the allegations made in the study, “APT43 steals and launders sufficient cryptocurrency to buy operational infrastructure in a manner aligned with North Korea’s juche state ideology of self-reliance.”

Also Read:  Solana's Solend Raises $26M in IDO

The White House stated earlier this year that North Korean hackers had stolen over one billion dollars worth of cryptocurrency over the course of the previous two years and that Pyongyang had used the proceeds to assist its missile programme. The statement was made earlier this year.

The government of the United States has asserted that the North Korean hacking group known as Lazarus was involved in the attack on the Ronin blockchain of Axie Infinity, which resulted in the theft of around $625 million worth of Ethereum and USDC by the perpetrators.

However, North Korea has consistently denied that it aims to hack cryptocurrency and has opposed charges surrounding the Lazarus group. The Lazarus organization was previously accused of masterminding the hack of Sony Pictures in 2014 and the Wannacry ransomware attacks in 2017. North Korea has also refuted accusations surrounding the Lazarus group.