We are vigilant about DPRK activities.

Topics

Testimony

WMD

DPRK & Russian Invasion of Ukraine

Overseas Workers

Missile

Maritime

Cyber

Human Rights Violations

Catch Up on the Latest Highlights

  • Blockchain analytics firms conclude that the DPRK has industrialized crypto theft in 2025—setting record losses through fewer but larger attacks, anchored by the $1.46B Bybit hack and increasingly sophisticated laundering pipelines. Read reports

October 22, 2025

MSMT Releases Second Report Detailing DPRK Cyber and IT Worker Operations

<Summary>

  • DPRK operates a full-spectrum cyber army, rivaling China and Russia, to steal crypto and fuel its illicit WMD and missile programs—all under UN-designated entities such as the Reconnaissance General Bureau (KPe.031)Ministry of National Defense (KPe.054)Ministry of Atomic Energy and Industry (KPe.027)Munitions Industry Department (KPe.028)Office 39 (KPe.030), and the Second Academy of Natural Sciences (KPe.018).

  • Massive crypto heists drive Pyongyang’s revenue engine:
    • $1.19B stolen in 2024
    • $1.65B stolen from Jan–Sep 2025, dominated by the $1.4B Bybit mega-hack.

  • Global laundering pipelines: DPRK actors clean stolen crypto through services operating in China, Russia, Argentina, Cambodia, Vietnam, and UAE, before converting to fiat to support prohibited procurement.

  • Stablecoins as sanctions-evasion tools: DPRK entities—including Korea Mining Development Trading Corporation (KOMID) (KPe.001)—used cryptocurrency in arms transactions and procurement of raw materials such as copper for munitions production.

  • Widespread illicit IT-worker deployments (violating UNSCRs):
    • IT workers found in China, Russia, Laos, Cambodia, Equatorial Guinea, Guinea, Nigeria, Tanzania
    • 1,000–1,500 based in China
    • Plans to dispatch 40,000 laborers to Russia, including IT teams
    • Foreign facilitators supporting them in Japan, Ukraine, UAE, and the United States.

  • China as the operational backbone:
    • DPRK depends on Chinese IT infrastructure, banks, and OTC brokers
    • At least 15 Chinese banks used for laundering IT and cyber-heist proceeds
    • Identities of DPRK and Chinese facilitators were already provided to China in 2024.

  • Cyber espionage surge against defense industries:
    DPRK cyber units steal sensitive intellectual property and defense technology to advance WMD and missile development, using social engineering, malware, and ransomware, and also target critical infrastructure.

  • All these cyber, laundering, and IT-work operations benefit UN-designated entities:
    • Korean Workers’ Party (assets freeze)
    • Reconnaissance General Bureau (KPe.031)
    • Ministry of National Defense (KPe.054)
    • Ministry of Atomic Energy and Industry (KPe.027)
    • Munitions Industry Department (KPe.028)
    • Office 39 (KPe.030)
    • Second Academy of Natural Sciences (KPe.018) 

 
Source: MSMT.

August 17, 2025

Radio Free Asia’s 2023 exposé reveals the brutal exploitation of North Korean workers abroad, exposing blatant violations of UN sanctions in Russia.

<Radio Free Asia> 2023-9-20, 당국 외면 속 죽어가는 해외 북 노동자 (Overseas North Korean Workers Dying Amid Government Neglect).

<Summary>

Internal documents from a North Korean construction company operating in Russia, recently obtained by RFA, reveal that during the COVID-19 pandemic, workers who fell ill were denied proper medical care and, with the borders closed, were effectively abandoned in Russia, unable to return home.

  • Excessive Hours: Workers were forced into grueling construction work, often over 16 hours per day including night shifts.

  • Lack of Medical Access:

    • Many workers with serious illnesses (cancer, emphysema, heart disease) were denied hospital care due to high costs.

    • In extreme cases, workers even pulled out their own teeth because they could not go to hospitals.

  • Financial Exploitation:

    After state deductions, workers kept only $100 a month on average, making it impossible to afford medical bills of $5,000–6,000+.

  • Neglect by Authorities:

    North Korean authorities provided no medical or financial support, especially during the COVID-19 border closures, leaving workers effectively abandoned abroad.

    Read the whole article

One of the internal documents showing examples of North Korean vernacular

Source: DPRK Panel of Experts repot, S/2024/215, p. 431.

August 14, 2025

<BBC> North Koreans Sent to Russia to Work "Like Slaves"

<Summary>

  • Russia is importing tens of thousands of North Korean laborers to cover war-induced labor shortages-over 10,000 in 2024 and potentially over 50,000 in 2025.

  • The BBC interviewed six escapees who described:

    • 18-hour workdays, seven days a week.

    • Hazardous work conditions, often without adequate safety equipment or medical care.

    • Constant surveillance by North Korean security agent, with workers confined to sites.

    • Squalid living quarters, including bug-infested shipping containers and unfinished buildings.

    • Physical abuse when workers fall asleep due to exhaustion.

    • Most wages are collected by the regime; workers get only a small monthly amount after returning home.

  • These practices violate UN sanctions and constitute forced labor, reflecting widespread state exploitation.

    Source: BBC (Edited by DPRK Monitor).

    DPRK Monitor exposes more cases of North Korean worker exploitation in Russia (See above article by Radio Free Asia in 2023).

Source: BBC.

Useful link on DPRK human rights violations

August 8, 2025

Old Game, New Name: Sobaeksu and DPRK’s WMD Legacy

The US government has recently designated the Korea Sobaeksu Trading Company (Sobaeksu) for asset freezing, citing its involvement in foreign currency-generating activities conducted by DPRK IT workers.

However, by examining past DPRK Panel reports, it becomes clear that Sobaeksu is in fact connected to companies previously involved in WMD development—namely, NAMCHONGANG TRADING CORPORATION (NCG) and KOREA MINING DEVELOPMENT TRADING CORPORATION (KOMID).

More about the contents

Diagram of Links Between Kim Se Un, Sobaeksu, and DPRK WMD programme

Source: Maltego Graph Visualization by DPRK Monitor.

July 24, 2025

U.S. Treasury Sanctions North Korean Front Company and Individuals for Sanctions Evasion and Revenue Generation

<Summary>

  • The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned the Korea Sobaeksu Trading Company (also known as Sobaeksu United Corporation) and three North Korean individuals—Kim Se Un, Jo Kyong Hun, and Myong Chol Min—for their roles in evading U.S. and UN sanctions and clandestinely generating revenue for the DPRK government.

    Key points:

    • Sobaeksu acts as a front company for the DPRK’s Munitions Industry Department, involved in nuclear and missile development. It sends IT workers overseas (e.g., to Vietnam) and conducts nuclear procurement.

    • Kim Se Un is a key operator using foreign-based companies to hire North Korean IT workers abroad. A reward of up to $3 million is offered for information leading to his arrest/conviction.

    • Jo Kyong Hun, based in North Korea, leads Sobaeksu’s IT team and collaborates with Kim on cryptocurrency and financial schemes to support IT operations.

    • Myong Chol Min, a trade representative, helps facilitate business deals to evade sanctions and import goods (like tobacco) into North Korea. He is also subject to a $3 million reward offer.

Source: The US Department of the Treasury (Edited by DPRK Monitor).
More about Kim Se Un & Sobaeksu (朝鲜小白水联合会社)

July 20, 2025

Source: The MSMT.

MSMT Unveils Evidence of Sanctions‑Violating DPRK–Russia Military Ties at UN Briefing

<Summary>

Source: The MSMT, the US Department of State, Korea JoongAng Daily.

July 2, 2025

<CNN> 2025-7-2, North Korea sending up to 30k more troops to fight for Russia.

North Korea to send as many as 30,000 troops to bolster Russia’s forces, Ukrainian officials say.

<Summary>

  • North Korea is reportedly preparing to send 25,000 to 30,000 additional troops to Russia, according to Ukrainian intelligence and corroborated by Western sources.

  • Around 11,000 North Korean soldiers were secretly deployed to Russia in late 2024. About 4,000 of them were killed or injured in combat, particularly during the defense of Russia’s Kursk region.

  • Ukrainian assessment states the Russian Ministry of Defense will supply equipment and arms, with the goal of integrating North Korean troops into Russian combat units, including potential involvement in large-scale offensive operations.

  • Satellite imagery shows troop transport ships and IL-76 cargo planes at Russian and North Korean ports and airports, suggesting preparations for further deployments.

  • Ukrainian officials and analysts suggest Pyongyang aims to deepen its "blood debt" with Moscow to gain long-term leverage, despite high short-term losses.

    (Edited by DPRK Monitor)

June 26, 2025

<MBC> 2025-06-26, 국회 정보위원회 백브리핑 (Background briefing by the National Assembly Intelligence Committee of the ROK).

ROK National Intelligence Service (NIS) Assessment of DPRK-Russia Military Cooperation

  • Russia may launch a major offensive in July or August.

  • In October 2023, North Korea deployed 11,000 personnel to Russia, followed by an additional 4,000 troops.

  • Russia recently announced the deployment of 6,000 military engineers and construction units for reconstruction in Kursk.

  • NIS believes further deployments could occur as early as July or August, citing past patterns and ongoing recruitment efforts in North Korea.

  • Russia is believed to have provided economic aid, air defense systems, and electronic warfare equipment, along with technical support for space launch engines, drones, and missile guidance systems.

    (Edited by DPRK Monitor)

    View full Korean script with English translation

June 17, 2025

<Комсомольская Правда> 2025-06-17, Шойгу сообщил, что КНДР направит 5000 строителей на восстановление Курской области

Shoigu stated that the DPRK will send 5,000 construction workers to help with the reconstruction of the Kursk region.

May 20, 2025

Source: UN Web TV

“The DPRK’s unlawful nuclear weapons and ballistic missiles programs is inextricably linked to the regime’s human rights abuses as the programs are financed through the forced labor of North Korean citizens, at home and abroad.”

Source: Riley Barnes, Senior Bureau Official, the Bureau of Democracy, Human Rights, and Labor, US Department of State, UN General Assembly, May 20, 2025