Chainalysis Highlights DPRK’s $2.8B Crypto Theft in MSMT Report
The MSMT report, supported by Chainalysis, reveals that DPRK-linked groups have stolen over $2.8B in cryptocurrency between January 2024 and September 2025. The report outlines laundering through Russian and Cambodian networks and increasing IT worker fraud schemes.
CORTEX Protocol Intelligence Assessment
Business Impact: Financial institutions and crypto exchanges remain top targets for DPRK-linked operations. Technical Context: The groups leverage cross-chain mixing, OTC brokers, and synthetic identities to obfuscate laundering trails, complicating recovery efforts.
Strategic Intelligence Guidance
- Deploy blockchain analytics for tracing stolen funds
- Enhance AML monitoring on crypto transactions
- Conduct background screening for remote IT contractors
- Share IOCs with financial intelligence units (FIUs)
Threats
Targets
Impact
Financial:$2.8B
Intelligence Source: Takeaways from MSMT’s Report on DPRK Cyber Operations | Oct 28, 2025