London Daily

Focus on the big picture.
Friday, Aug 22, 2025

The Incredible Rise of North Korea’s Hacking Army

The Incredible Rise of North Korea’s Hacking Army

Shimomura was a member of the Yamaguchi-gumi, the largest yakuza crime family in Japan. When one of his superiors asked him if he wanted to make a pile of fast money, he naturally said yes.
It was May 14, 2016, and Shimomura was living in the city of Nagoya. Thirty-two years old and skinny, with expressive eyes, he took pride in his appearance, often wearing a suit and mirror-shined loafers. But he was a minor figure in the organization: a collector of debts, a performer of odd jobs.

The superior assured him that the scheme was low risk, and instructed him to attend a meeting that evening at a bar in Nagoya. (Shimomura, who has since left the Yamaguchi-gumi, asked to be referred to only by his surname.) When Shimomura showed up, he found three other gangsters, none of whom he knew. Like many yakuza, he is of Korean descent, and two of the others were also Korean-Japanese; for a while, they spoke in Korean. The superior finally arrived, and the five men moved into a private room. Each volunteer was given a plain white credit card. There was no chip on the card, no numbers, no name—just a magnetic strip.

The superior read instructions from a thin manual: early the next morning, a Sunday, they should go to any 7-Eleven and use their white card at the store’s A.T.M. They could not use a regular bank A.T.M., or one in another convenience store. The gangsters should each withdraw a hundred thousand yen at a time (about nine hundred dollars) but make no more than nineteen transactions per machine. If anybody made twenty withdrawals from a single A.T.M., his card would be blocked. Withdrawals could start at 5 a.m. and continue until 8 a.m. The volunteers were told to choose the Japanese language when prompted—an indication, Shimomura realized, that the cards were foreign. After making nineteen withdrawals, they should wait an hour before visiting another 7-Eleven. They could keep ten per cent of the cash. The rest would go to the bosses. Finally, each volunteer was told to memorize a pin.

On Sunday morning, Shimomura rose early, and dressed in jeans, sunglasses, a baseball cap, and an old T-shirt. He walked to a 7-Eleven, where he bought a rice ball and a Coke, to settle himself. He inserted the card into the A.T.M. When the screen asked him which language he preferred, he felt a tremor of nerves while selecting “Japanese.” He withdrew a hundred thousand yen, then another, and then another. There was nobody else in the store apart from the guy at the register, who didn’t seem interested in him.

After making the first withdrawal, Shimomura printed a receipt. He saw a foreign name on the paper—he couldn’t tell what nationality the name was, but he knew it wasn’t Japanese—then stuffed the receipt in his pocket. Around 8 a.m., having completed a total of thirty-eight withdrawals at several A.T.M.s in the area, he headed home, waddling because of his bulging pockets: 3.8 million yen is a lot of cash. Shimomura took his ten per cent—about thirty-five hundred dollars—and stashed it in a drawer in his apartment. At 3 p.m., he met his superior to deliver the remaining money. (Later, he discovered that one of the other gangsters had absconded with the money and the card.)

The superior told Shimomura that he would retain five per cent of what his volunteers brought in and send the rest of the cash to his bosses. When Shimomura handed over his money, he sensed that the superior had enlisted many others. He was right. As the newspapers soon reported, more than sixteen million dollars was withdrawn from roughly seventeen hundred 7-Eleven A.T.M.s across Japan that morning, using data stolen from South Africa’s Standard Bank. The newspapers surmised that 7-Elevens had been targeted because they were the only convenience stores in Japan whose cash terminals all accepted foreign cards. Soon after the raids, the withdrawal limit for many A.T.M.s in the country was reduced to fifty thousand yen.

Shimomura deduced that he had been at the bottom of the food chain in the scam. The real money-makers were much higher up. What he did not know, until an interview with this magazine last year, was the identity of the villains at the top of the chain. Shortly after the A.T.M. thefts, according to Japanese police, the ringleader of the 7-Eleven operation crossed from China into North Korea. Shimomura had unwittingly been collecting money for the Korean People’s Army, as part of a racket that became known as FASTCash.

In satellite images of East Asia at night, lights blare almost everywhere, except in one inky patch between the Yellow Sea and the Sea of Japan, and between the thirty-eighth and the forty-third parallels: North Korea. Only Pyongyang, the capital, emits a recognizably modern glow. The dark country is one of the last nominally Communist nations in the world—a Stalinist personality cult centered on Kim Jong Un, the peevish, ruthless scion of the dynasty that has ruled North Korea since 1948, after the peninsula was divided. The D.P.R.K. purports to be a socialist autarky founded on the principle of juche, or self-reliance. Its borders are closed and its people sequestered. Foreigners find it profoundly difficult to understand what is happening inside North Korea, but it is even harder for ordinary North Korean citizens to learn about the outside world. A tiny fraction of one per cent of North Koreans has access to the Internet.

Yet, paradoxically, the North Korean government has produced some of the world’s most proficient hackers. At first glance, the situation is perverse, even comical—like Jamaica winning an Olympic gold in bobsledding—but the cyber threat from North Korea is real and growing. Like many countries, including the United States, North Korea has equipped its military with offensive and intelligence-gathering cyber weapons. In 2016, for instance, military coders from Pyongyang stole more than two hundred gigabytes of South Korean Army data, which included documents known as Operational Plan 5015—a detailed analysis of how a war with the country’s northern neighbor might proceed, and, notably, a plot to “decapitate” North Korea by assassinating Kim Jong Un. The breach was so egregious that Kim Tae-woo, a former president of the Korea Institute for National Unification, a think tank in Seoul, told the Financial Times, “Part of my mind hopes the South Korean military intentionally leaked the classified documents to the North with the intention of having a second strategy.”

North Korea, moreover, is the only nation in the world whose government is known to conduct nakedly criminal hacking for monetary gain. Units of its military-intelligence division, the Reconnaissance General Bureau, are trained specifically for this purpose. In 2013, Kim Jong Un described the men who worked in the “brave R.G.B.” as his “warriors . . . for the construction of a strong and prosperous nation.”

North Korea’s cybercrime program is hydra-headed, with tactics ranging from bank heists to the deployment of ransomware and the theft of cryptocurrency from online exchanges. It is difficult to quantify how successful Pyongyang’s hackers have been. Unlike terrorist groups, North Korea’s cybercriminals do not claim responsibility when they strike, and the government issues reflexive denials. As a result, even seasoned observers sometimes disagree when attributing individual attacks to North Korea. Nevertheless, in 2019, a United Nations panel of experts on sanctions against North Korea issued a report estimating that the country had raised two billion dollars through cybercrime. Since the report was written, there has been bountiful evidence to indicate that the pace and the ingenuity of North Korea’s online threat have accelerated.

According to the U.N., many of the funds stolen by North Korean hackers are spent on the Korean People’s Army’s weapons program, including its development of nuclear missiles. The cybercrime spree has also been a cheap and effective way of circumventing the harsh sanctions that have long been imposed on the country. In February, John C. Demers, the Assistant Attorney General for the National Security Division of the Justice Department, declared that North Korea, “using keyboards rather than guns,” had become a “criminal syndicate with a flag.”
Newsletter

Related Articles

0:00
0:00
Close
After 200,000 Orders in 2 Minutes: Xiaomi Accelerates Marketing in Europe
Ukraine Declares De Facto War on Hungary and Slovakia with Terror Drone Strikes on Their Gas Lifeline
Animated K-pop Musical ‘KPop Demon Hunters’ Becomes Netflix’s Most-Watched Original Animated Film
New York Appeals Court Voids Nearly $500 Million Civil Fraud Penalty Against Trump While Upholding Fraud Liability
Elon Musk tweeted, “Europe is dying”
Far-Right Activist Convicted of Incitement Changes Gender and Demands: "Send Me to a Women’s Prison" | The Storm in Germany
Hungary Criticizes Ukraine: "Violating Our Sovereignty"
Will this be the first country to return to negative interest rates?
Child-free hotels spark controversy
North Korea is where this 95-year-old wants to die. South Korea won’t let him go. Is this our ally or a human rights enemy?
Hong Kong Launches Regulatory Regime and Trials for HKD-Backed Stablecoins
China rehearses September 3 Victory Day parade as imagery points to ‘loyal wingman’ FH-97 family presence
Trump Called Viktor Orbán: "Why Are You Using the Veto"
Horror in the Skies: Plane Engine Exploded, Passengers Sent Farewell Messages
MSNBC Rebrands as MS NOW Amid Comcast’s Cable Spin-Off
AI in Policing: Draft One Helps Speed Up Reports but Raises Legal and Ethical Concerns
Shame in Norway: Crown Princess’s Son Accused of Four Rapes
Apple Begins Simultaneous iPhone 17 Production in India and China
A Robot to Give Birth: The Chinese Announcement That Shakes the World
Finnish MP Dies by Suicide in Parliament Building
Outrage in the Tennis World After Jannik Sinner’s Withdrawal Storm
William and Kate Are Moving House – and the New Neighbors Were Evicted
Class Action Lawsuit Against Volkswagen: Steering Wheel Switches Cause Accidents
Taylor Swift on the Way to the Super Bowl? All the Clues Stirring Up Fans
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Apple Expands Social Media Presence in China With RedNote Account Ahead of iPhone 17 Launch
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Cambridge Dictionary Adds 'Skibidi,' 'Delulu,' and 'Tradwife' Amid Surge of Online Slang
Bill Barr Testifies No Evidence Implicated Trump in Epstein Case; DOJ Set to Release Records
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
The CEO Who Replaced 80% of Employees for the AI Revolution: "I Would Do It Again"
Emails Worth Billions: How Airlines Generate Huge Profits
Character.ai Bets on Future of AI Companionship
China Ramps Up Tax Crackdown on Overseas Investments
Japanese Office Furniture Maker Expands into Bomb Shelter Market
Intel Shares Surge on Possible U.S. Government Investment
Hurricane Erin Threatens U.S. East Coast with Dangerous Surf
EU Blocks Trade Statement Over Digital Rule Dispute
EU Sends Record Aid as Spain Battles Wildfires
JPMorgan Plans New Canary Wharf Tower
Zelenskyy and his allies say they will press Trump on security guarantees
Beijing is moving into gold and other assets, diversifying away from the dollar
Escalating Clashes in Serbia as Anti-Government Protests Spread Nationwide
The Drought in Britain and the Strange Request from the Government to Delete Old Emails
Category 5 Hurricane in the Caribbean: 'Catastrophic Storm' with Winds of 255 km/h
"No, Thanks": The Mathematical Genius Who Turned Down 1.5 Billion Dollars from Zuckerberg
The surprising hero, the ugly incident, and the criticism despite victory: "Liverpool’s defense exposed in full"
Digital Humans Move Beyond Sci-Fi: From Virtual DJs to AI Customer Agents
YouTube will start using AI to guess your age. If it’s wrong, you’ll have to prove it
×