Internet security company Hauri tracked North Korean activities from April 2013, when the inter-Korean Kaesong Industrial Complex was suspended, until 2015. The industrial park was a major source of hard currency for the North until it was finally shut down completely in 2016.

The virtual currency guarantees users' anonymity and is extremely difficult to track, raising concerns that it can be used to buy all manner of dangerous contraband on the Dark Web.

Choi Sang-myoung at Hauri told RFA that in 2013 "North Korea stole $35,000 worth of bitcoins from South Korea in just two weeks and hundreds of millions of won a month later." He added it was probably doing the same thing in other countries.

One individual who hacked into online shopping mall Interpark last May demanded W3 billion worth of bitcoins to stop him exposing the personal details of more than 10 million customers, and South Korean cyber police concluded the perpetrator worked for North Korea's intelligence agency (US$1=W1,131).

FRA also quoted James Lewis of the U.S. Center for Strategic and International Studies as saying that the North's primary interest in cyber attacks is to acquire foreign currency, targeting especially banks in small countries.

