G7 Elevates North Korea Crypto Theft to Nuclear-Level Risk

A week before the G7 meeting, Humanity Protocol, a smaller decentralised project, lost over $35 million. Security firm Quantstamp said a phishing email disguised as a token lockup update from South Korean exchange Bithumb tricked an employee into installing malware that granted full remote access to a company laptop. Quantstamp also linked the activity to DPRK.

North Korea has denied any involvement. A Foreign Ministry spokesperson in May dismissed similar accusations as Washington spreading "incorrect" narratives about what it called a "non-existent" cyber threat, per state media.

The G7 statement promises closer cooperation to counter abuse of digital financial networks. Practically, that means standardised attribution-sharing among intelligence services and faster freezing of flagged wallets across exchanges. The UN Security Council has already documented North Korea's sanctions-evasion methods in detail. The G7 can build on that paper trail rather than start from scratch.

The Drift hack illustrates a pattern that intelligence agencies have flagged in private briefings. Attackers embed themselves in the industry, attend events, build trust, then strike. The Humanity hack shows a parallel approach: targeted phishing designed to look like routine communication from a trusted exchange.

For exchanges and DeFi protocols, the G7's ranking means enforcement resources will likely shift. OFAC already sanctions North Korean-linked addresses. EU member states are expected to adopt similar measures, and wallet screening requirements will tighten on major platforms.

The two hacks alone cost $285 million. The UN Security Council's documentation on sanctions evasion gives the G7 a ready-made roadmap.