Australia targets North Korean hackers and crypto networks funding WMD program

Australia has on one individual and four entities linked to North Korea’s cyber operations, accusing them of assisting finance the country’s weapons of mass destruction (WMD) programme.

According to Foreign Minister Penny Wong, target individuals and groups responsible for “malicious cyber-enabled activities” that generate revenue for Pyongyang’s missile and nuclear development. The designations—made under the Autonomous Sanctions Regulations 2011—include Park Jin Hyok, Kimsuky, Lazarus Group, Andariel, and Chosun Expo.

The measures freeze any assets held in and ban travel for those listed. Wong said the decision aligns with Australia’s ongoing efforts to counter threats from state-sponsored cybercrime and enforce United Nations Security Council reanswers against North Korea.

Australia’s Department of Foreign Affairs and Trade (DFAT) noted that the sanctioned entities form part of a broader cybercrime network used by Pyongyang to steal funds through cryptocurrency hacks, online scams, and illicit IT work. These activities reportedly generated billions of dollars for North Korea’s weapons programme.

Public Warning and Cyber Vigilance

In line with the sanctions announcement, the government issued a clear warning to the public:

“We encourage all Australians to be vigilant about their cyber security, and be aware that payments to entities and individuals listed under Australia’s autonomous sanctions framework could result in action by law enforcement agencies.”

Data cited by the government show that in 2024 alone, North Korean hackers stole at least US $1.9 billion in cryptocurrency from global firms. Stolen funds were then laundered through networks of foreign intermediaries to purchase materials—including metals such as copper—used in munitions production.

Wong emphasised that Australia’s move supports international efforts to disrupt these financial pipelines and reinforces “accountability for malicious cyber activity.” DFAT added that anyone dealing with sanctioned individuals or entities without authorisation could face legal penalties.

The listings demonstrate Australia’s growing resolve to confront cyber-enabled threats and prevent digital crime from fuelling global security risks.

Australia Tightens Rules on Digital Assets and Crypto ATMs

More broadly, Australia’s financial regulator, Australian Securities and Investments Commission (ASIC), has by updating its guidance and broadening the definition of “crypto-assets” to “digital assets.” The new version of Information Sheet 225 now includes 18 worked examples covering staking, yield-bearing tokens, DeFi protocols and asset-referenced stablecoins.

Likewise, Australia’s parliament is proposing stricter , specifically crypto ATMs, under the supervision of AUSTRAC. The draft legislation would require ATM operators to register, conduct user identity checks, submit transaction reports and install real-time monitoring systems—part of a broader effort to bring land-based crypto access points under anti-money-laundering regulation.