Australia Sanctions North Korean Lazarus Group Over $1.9B Crypto Heists

TLDR

• Australia has imposed sanctions on North Korean hacker groups involved in $1.9 billion crypto thefts.
• The sanctions target Lazarus Group, Kimsuky, Andariel, Chosun Expo, and one associated individual.
• Penny Wong confirmed that Australia acted to protect global financial and cyber systems.
• The restrictions include financial bans and travel limitations on sanctioned entities and individuals.
• Allied intelligence agencies revealed that North Korean hackers used phishing and supply-chain attacks.

Australia has imposed sanctions on North Korean hacker groups after global cryptocurrency thefts worth $1.9 billion targeted fintech and blockchain firms. The government said the measures aim to disrupt networks responsible for large-scale digital asset theft and laundering.

Australia Targets State-Linked Cyber Groups

Australia sanctioned Lazarus Group, Kimsuky, Andariel, Chosun Expo, and one individual tied to North Korea’s cyber operations. Officials said these groups used sophisticated hacking techniques to steal crypto assets from international exchanges.

Foreign Affairs Minister Penny Wong said, “Australia is acting decisively to protect financial systems from malicious cyber actors.” She emphasized coordination with allies to strengthen collective defense.

The sanctions include financial restrictions and travel bans on involved entities and individuals. Australia confirmed that the move aligns with actions taken by the United States and South Korea.

Authorities said the decision reinforces Australia’s commitment to counter cyber threats undermining economic stability. The government stated the sanctions target operations funding North Korea’s weapons programs.

Lazarus Group’s Global Cyber Operations

Lazarus Group has carried out complex attacks on exchanges, DeFi platforms, and blockchain providers across multiple continents. Investigations revealed that the group laundered stolen funds using layered crypto transactions and mixer services.

Australia’s cybersecurity agencies reported increased phishing, supply-chain, and social engineering campaigns by North Korean hackers. They said the operations rely on IT workers using fake identities to infiltrate global tech networks.

Reports from allied intelligence confirmed that combined crypto thefts between January and September 2025 exceeded previous yearly totals. Analysts found that stolen assets were often converted to stablecoins before being moved offshore.

Experts said blockchain forensics played a key role in tracing wallet activity linked to the Lazarus network. Investigators used on-chain data to identify wallets and freeze compromised funds.

Australia Strengthens Cyber Defense Framework

Australia said its sanctions will help prevent the misuse of digital technologies by state-linked actors. The action also reinforces international pressure on North Korea to cease malicious cyber activity.

Government agencies have urged crypto platforms to enhance wallet screening and transaction monitoring. They said compliance with global standards remains essential to safeguard investors and exchanges.

Penny Wong said Australia continues to coordinate with the United States, South Korea, and partners on cybersecurity enforcement. She stated that cooperation ensures accountability and supports lawful use of blockchain systems.

The government confirmed that the restrictions took immediate effect under Australia’s autonomous sanctions framework. Officials said the measures will remain until the entities cease hostile cyber operations.

The post Australia Sanctions North Korean Lazarus Group Over $1.9B Crypto Heists appeared first on CoinCentral.