Why North Korea Is Winning Crypto Crime and How to Fight Back | Ari Redbord, TRM Labs
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “Why North Korea Is Winning Crypto Crime and How to Fight Back | Ari Redbord, TRM Labs” inside PodZeus.
In this pivotal episode of Bankless, host Ryan Sean Adams sits down with Ari Redbord, global head of policy at TRM Labs, to dissect how North Korea has emerged as a dominant force in global crypto crime. Redbord reveals that North Korea’s Lazarus Group has evolved from targeting banks and tech firms to conducting highly sophisticated, long-term social engineering campaigns—such as infiltrating DeFi teams through conferences and fake partnerships—culminating in massive hacks like the $285 million Drift protocol breach. Over the past five years, North Korea has stolen an estimated $6 billion in crypto, using it to fund weapons proliferation and destabilize global security. The episode explores the mechanics of their laundering strategies, including rapid movement to Bitcoin via Thorchain, use of mixers like Tornado Cash, and reliance on Chinese-based OTC brokers and criminal networks. Redbord argues that while crypto enables unprecedented transparency for law enforcement, it also presents new challenges in privacy and jurisdiction. He advocates for a multi-pronged defense: hardening cyber defenses, creating a global 'Beacon Network' to block illicit funds in real time, and even pursuing offensive cyber operations—akin to historical 'letters of marque'—to reclaim stolen assets. The conversation also touches on Iran’s growing use of crypto for sanctions evasion, the ethical tension between privacy and security, and the urgent need for victim restitution funds and industry-wide best practices. Despite the risks, Redbord remains optimistic that with coordinated public-private action, the crypto ecosystem can defend itself and even turn the tables on state-sponsored cybercriminals.
North Korea’s Lazarus Group uses long-term social engineering—meeting developers at conferences and posing as investors—to infiltrate DeFi protocols, leading to massive, targeted hacks like the $285M Drift breach.
Over the past five years, North Korea has stolen an estimated $6 billion in crypto, primarily using Bitcoin and services like Thorchain to launder funds rapidly through Chinese criminal networks.
The U.S. government is shifting from prosecution to asset seizure and forfeiture—using tools like the Beacon Network to block illicit funds in real time across 85% of centralized exchanges.
Redbord advocates for 'cyber letters of marque'—empowering private actors with legal authority to pursue and recover stolen crypto—similar to historical privateers.
A major ethical challenge remains: balancing user privacy (e.g., Tornado Cash, Zcash) with the need to stop nation-state actors from using privacy tools for money laundering.
…and 2 more takeaways available in PodZeus
The Rise of North Korea as a Cyber Superpower
“This is a country with absolutely no economy whatsoever. And yet they're competing on the global stage because they've professionalized cyber crime, essentially.”
The Drift Hack: A Masterclass in Social Engineering
“They met protocol employees at conferences... North Korean proxy sitting across a table from protocol employees over a period of months. That is, to my knowledge, unprecedented.”
North Korea’s Cyber Army and the Evolution of Hacking
Redbord explains how North Korea recruits and trains child hackers from a young age, creating a state-run cyber army. Unlike private hackers, these are state actors with a singular mission: fund weapons programs through cybercrime.
Laundering $6 Billion: The North Korean Playbook
After stealing funds, North Korea moves them rapidly to Bitcoin via Thorchain, uses mixers like Tornado Cash, and off-ramps through Chinese OTC brokers and triad networks—prioritizing speed over stealth.
The Beacon Network: A Global Defense Perimeter
“When they get that Beacon alert, they're required as part of their membership to block and ultimately work with law enforcement to seize those funds back.”
“They met protocol employees at conferences... North Korean proxy sitting across a table from protocol employees over a period of months. That is, to my knowledge, unprecedented.”
“Let us with the tools and the training and the expertise go after those guys where they live.”
“This is a country with absolutely no economy whatsoever. And yet they're competing on the global stage because they've professionalized cyber crime, essentially.”
Hosts
Guest
North Korea
place
TRM Labs
organization
Ari Redbord
person
Iran
place
Lazarus Group
organization
Beacon Network
organization
Drift Protocol
organization
DOJ
organization
Tornado Cash
organization
FBI
organization
ROLLUP: Google’s Quantum Warning | Trump’s Iran Speech | Ethereum Economic Zones | Drift Hack
Bankless • 1h 4m • 4/3/2026
Bitcoin Has 3 Years to Survive | Nic Carter on Bitcoin’s Quantum Vulnerability
Bankless • 1h 13m • 4/6/2026
The Largest Securities Exchange in the World is Coming Onchain | Michael Blaugrund of NYSE and Carlos Domingo of Securitize
Bankless • 1h 4m • 4/7/2026
Will The Ethereum Economic Zone (EEZ) Rebuild $ETH Dominance? | Gnosis Martin Koppelman & Friederike Ernst
Bankless • 58m • 4/9/2026
ROLLUP: Iran Ceasefire Rally | Anthropic’s “Mythos” Model | Q-Day Divide | Stablecoin Yield Debate
Bankless • 1h 6m • 4/10/2026
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “Why North Korea Is Winning Crypto Crime and How to Fight Back | Ari Redbord, TRM Labs” inside PodZeus.
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime