Share this article

North Korea Hackers Likely Exploit Cloud Mining to Launder Stolen Crypto, Research Shows

The APT43 group steals crypto to fund operations and launders it through cloud mining services.

Updated Mar 29, 2023, 5:00 p.m. Published Mar 28, 2023, 3:00 p.m.

North Korean hacker group APT43 probably uses cloud mining services to launder stolen crypto, according to research by Google-owned cybersecurity firm Mandiant.

Cloud mining services own and operate infrastructure and rent out hashrate to users. Hashrate is a measure of the total amount of computer processing power to secure a cryptocurrency. APT43 uses stolen cryptocurrency to pay for these services and receives crypto not associated with the crime to wallets of its choice, according to the report released on Tuesday.

STORY CONTINUES BELOW

Don't miss another story.Subscribe to the The Protocol Newsletter today. See all newsletters

By signing up, you will receive emails about CoinDesk products and you agree to our terms & conditions and privacy policy.

The group is "moderately sophisticated" and supports the strategic and nuclear objectives of the North Korean regime, according to Mandiant. It uses the proceeds from cybercrime to fund its operations, which target South Korean and U.S. government organizations, academics and think tanks focused on the geopolitics of the Korean peninsula, the report said.

To acquire the crypto, APT43 steals credentials, often by phishing attacks. That is, it creates legitimate-looking websites – for example, a site masquerading as a crypto exchange – and persuades unsuspecting users to reveal personal information.

North Korean hackers have been increasingly including crypto in their operations, often in high-profile digital heists like the $100 million Horizon Bridge theft, according to the FBI. Authorities around the world, particularly in the U.S. and South Korea, are trying to combat the threat.

Mandiant was acquired by Google and integrated into its cloud service in September 2022.

Hacker North Korea South Korea Bitcoin Mining Mining Centers Cloud

More For You

Accelerating Convergence Between Traditional and On-Chain Finance in 2026?

By CoinDesk

Jan 30, 2026

Commissioned bySociete Generale-FORGE

Read full story

More For You

AI-powered agents dominate the EasyA x Consensus Hong Kong hackathon

By Olivier Acuna|Edited by Nikhilesh De

13 hours ago

(Photo: Olivier Acuna/Modified by Coindesk)

Winning projects like FoundrAI demonstrate how generative AI is allowing developers to build market-ready products in just 48 hours.

What to know:

At the EasyA x Consensus Hong Kong 2026 hackathon, nearly 1,000 developers shifted focus from back-end infrastructure to user-facing applications, underscoring what organizers called the "Year of the Application Layer."
Winning projects emphasized automation, security and risk management, with tools like FoundrAI's autonomous "startup in a box," SentinelFi's real-time scam detection and PumpStop's non-custodial, risk-focused trading layer.
The hackathon's growing prominence on the main show floor and the emphasis on seamless UX, including passkey logins, reflect a broader industry push to attract the next wave of retail users despite a weak macro environment.

Read full story

Latest Crypto News

U.S. Commodity Futures Trading Commission Chairman Mike Selig (Jesse Hamilton/CoinDesk)

Crypto execs Armstrong, Garlinghouse among many named to U.S. CFTC advisory group

2 hours ago

Coinbase misses Q4 estimates as transaction revenue falls below $1 billion

3 hours ago

Bitcoin erased most earlier gains on Monday as it headed back towards the $65,000 mark. (CoinDesk)

Bitcoin tumbles back near last week's lows as AI fears crush tech and precious metals plunge

3 hours ago

Representative Al Green, a Texas Democrat (Andrew Harnik/Getty Images)

Crypto PAC Fairshake seeks to force resistant Texas Democrat Al Green from U.S. House

5 hours ago

Sharplink CEO Joseph Chalom and Consensys CEO Joe Lubin speaking at Consensus Hong Kong 2026 (CoinDesk)

Sharplink's Lubin and Chalom make their case for ether DATs as prices plunge

5 hours ago

Photo of Stani Kulechov in 2019 (CoinDesk archive)

Aave labs proposes ‘Aave Will Win’ plan to send 100% of product revenue to DAO

5 hours ago

Key Senate Democrat wants U.S. crypto bill to move, and SEC chief reveals danger of defeat

6 hours ago

Ark Invest CEO Cathie Wood in a conversation with Procap Financial CEO Anthony Pompliano at the Bitcoin Investor Week in New York. (CoinDesk)

Ark Invest's Cathie Wood says bitcoin will thrive amid ‘deflationary chaos’ created by AI and innovation

7 hours ago

AI trading screens. (TheDigitalArtist/Pixabay)

Standard Chartered sees bitcoin sliding to $50,000, ether to $1,400 before recovery

9 hours ago

Wide shot of a packed show floor during Consensus Hong Kong 2026

Recapping day 2 of Consensus Hong Kong

11 hours ago

Transform Ventures CEO Michael Terpin at Consensus Hong Kong 2026 (CoinDesk)

Forget $80k: Michael Terpin warns bitcoin could revisit the $40,000s before a real recovery

12 hours ago