U.S. sanctions target North Korean cybercrime networks funding nuclear weapons

By isabelle // 2025-11-05

Mastodon

Parler

Gab

Copy

U.S. Treasury imposes sanctions on eight individuals and two entities for laundering stolen cryptocurrency to fund North Korea’s nuclear and missile programs.
North Korean IT workers posing as freelancers in China funnel millions into Pyongyang’s weapons development through cybercrime and fraudulent remote work schemes.
More than $3 billion in stolen cryptocurrency, primarily from American victims, has been laundered to evade sanctions and finance North Korea’s military ambitions.
UN sanctions on North Korean shipping remain stalled due to repeated vetoes from China and Russia, allowing illicit exports to continue funding weapons programs.
North Korea’s reliance on cybercrime and sanctions evasion highlights the failure of global institutions to enforce accountability, escalating security threats worldwide.

On November 4, the U.S. Treasury Department announced sweeping new sanctions against eight individuals and two entities accused of laundering millions in stolen cryptocurrency to finance North Korea’s nuclear and missile programs. The move targets a shadowy network of cybercriminals and IT workers who, according to officials, have stolen over $3 billion in recent years, much of it from American victims. The sanctions, imposed by the Office of Foreign Assets Control (OFAC), specifically name two North Korean bankers, Jang Kuk-chol and Ho Jong-son, for managing $5.3 million in cryptocurrency tied to ransomware attacks. Among the sanctioned entities is the Chosun Mangyongdae Computer Technology Company, which allegedly operates IT teams in China to funnel funds back to Pyongyang.

Cybercrime and IT fraud: How North Korea funds its weapons

North Korea’s cyber operations are not just about theft; they’re a lifeline for its weapons programs. Treasury officials described the regime’s hackers as conducting “espionage, destructive cyberattacks, and financial theft on a scale unmatched by any other state.” The stolen funds, often laundered through cryptocurrency, directly support Pyongyang’s nuclear ambitions. One of the most alarming aspects of this scheme is the use of North Korean IT workers posing as freelancers in China. These operatives, employed by companies like Korea Mangyongdae Computer Technology Co., generate revenue that evades sanctions. The U.S. has also sanctioned Ryujong Credit Bank for helping these workers transfer earnings back to North Korea. “By generating revenue for Pyongyang’s weapons development, these actors directly threaten U.S. and global security,” warned Treasury Under Secretary John Hurley. “Treasury will continue to pursue the facilitators and enablers behind these schemes to cut off the DPRK’s illicit revenue streams.”

UN sanctions stalled as U.S. pushes for ship blacklists

The new sanctions come as the U.S. pressures the United Nations Security Council to take action against vessels transporting North Korean exports, primarily coal and iron, to China. These shipments, worth between $200 million and $400 million annually, provide another revenue stream for Pyongyang’s weapons programs. A State Department official emphasized the urgency: “These nominations are not just bureaucratic exercises. They’re about ensuring accountability for UN sanctions violations and stopping exports that directly fund North Korea’s nuclear and ballistic missile programs.” However, UN sanctions remain stalled due to repeated vetoes from China and Russia, both of which have blocked previous attempts to tighten restrictions. The Security Council’s sanctions committee operates by consensus, meaning any opposition from Beijing or Moscow could derail the U.S. proposal.

A growing threat with no consequences?

North Korea’s nuclear ambitions show no signs of slowing. Despite years of UN sanctions, Kim Jong Un has accelerated weapons development, citing the need to defend against perceived U.S. aggression. The regime’s reliance on cybercrime and fraudulent IT work highlights its adaptability in evading economic pressure. The U.S. has long accused Pyongyang of using state-sponsored hackers to fund its military. Over the past three years alone, North Korean cybercriminals have stolen more than $3 billion, primarily in cryptocurrency, using advanced malware and social engineering tactics.

What happens next?

With diplomatic efforts stalled and North Korea’s nuclear program advancing, the U.S. faces limited options. The Treasury’s sanctions aim to disrupt Pyongyang’s financial networks, but without broader international cooperation, particularly from China, these measures may slow the flow of illicit funds but is unlikely to stop them. For now, the Trump administration’s push for UN sanctions on North Korean shipping remains in limbo. If Russia and China continue to block action, the regime’s ability to fund its weapons programs will persist, leaving the U.S. and its allies to confront an increasingly dangerous adversary. The deeper issue here is not just North Korea’s nuclear ambitions but the systemic failure of global institutions to enforce consequences. When sanctions are ignored, when cybercrime goes unpunished, and when rogue regimes like Pyongyang’s are allowed to exploit financial loopholes, the world becomes a more dangerous place. Sources for this article include: TheCradle.co En.YNA.co.kr Newsweek.com Reuters.com