North Korean hackers work with organized crime in Southeast Asia's money-laundering networks

North Korean hackers work with organized crime in Southeast Asia's money-laundering networks

A recent report from the United Nations Office of Drugs and Crime (UNODC) has revealed that North Korean hackers are actively collaborating with fraudsters, drug traffickers, and organized crime networks in Southeast Asia, particularly in the Mekong region, which includes Myanmar, Thailand, Laos, and Cambodia.

The UNODC identified instances of this collaboration involving the notorious North Korea-linked hacking group Lazarus, through an analysis of case information and blockchain data.

The Lazarus Group, believed to be controlled by North Korea's intelligence bureau, has gained infamy over the years for its involvement in large-scale cyber heists and ransomware attacks. The funds stolen by the threat actor are believed to play a crucial role in financing Kim’s regime and its weapons programs.

According to the UNODC report, Southeast Asia's casinos and junkets, catering to high-wealth players, along with unregulated cryptocurrency exchanges, have become integral components of the region's organized crime banking architecture. The report states that casinos have demonstrated efficiency in moving and laundering significant volumes of both cryptocurrency and traditional cash without detection, establishing channels for seamlessly integrating billions in criminal proceeds into the formal financial system.

The junket sector, which facilitates gambling activities for high-rollers, has reportedly been infiltrated by organized crime for large-scale money laundering and underground banking operations. The UNODC's findings highlight the sector's connections to drug trafficking and cyber fraud. The report cites licensed casinos and junket operators in the Philippines that assisted in laundering approximately $81 million stolen in a 2016 cyber-attack on Bangladesh's Central Bank, an incident attributed to the Lazarus Group.


Back to the list

Latest Posts

Russian hackers target Microsoft accounts with ‘Device code’ phishing attacks

Russian hackers target Microsoft accounts with ‘Device code’ phishing attacks

The Russian threat actors leveraged social engineering techniques to impersonate individuals from prominent institutions.
17 February 2025
Cyber Security Week in Review: February 14, 2025

Cyber Security Week in Review: February 14, 2025

In brief: Microsoft patches actively exploited zero-days, Chinese hackers Salt Typhoon exploit Cisco flaws, the US and partners sanction Zservers, and more.
14 February 2025
Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

The 'BadPilot' campaign involves a series of targeted cyberattacks leveraging bugs in widely used IT infrastructure software.
13 February 2025