3 Feb 2025

Fact Check: The Rest Is Classified: North Korea’s CIA: The Billion Dollar Heist (Ep 2)

by | posted in: Uncategorized | 0

In an age where information is as valuable as currency, the realm of espionage often veils itself in a shroud of myth and speculation. North Korea, a nation notorious for its secretive operations, particularly captures the imagination with tales of audacious financial heists and covert dealings that reportedly reach into the billions. Looking at the latest episode of the podcast series “The Rest Is Classified: North Korea’s CIA: The Billion Dollar Heist (Ep 2),” we embark on a thorough investigation into these compelling narratives. Our goal? To sift through the fog of intrigue and conspiracy, rigorously fact-checking the claims made about North Korea’s covert financial ventures. Join us for an insightful exploration that not only highlights the interplay between intelligence and crime but also seeks to clarify which elements of this saga are grounded in reality and which belong to the realm of fiction. Prepare to uncover the truth behind the headlines as we engage with the intricate story of North Korea’s shadow operations.

Fact Check Analysis

Claim

The attempted heist of a cool $1 billion from the Central Bank of Bangladesh was carried out by the North Korean Security Services.

Veracity Rating: 4 out of 4

Facts

## Evaluation of the Claim: Involvement of North Korean Security Services in the Bangladesh Bank Heist

The claim that the attempted heist of nearly $1 billion from the Central Bank of Bangladesh was carried out by the North Korean Security Services involves several key points that require verification. Here's a detailed analysis based on available evidence:

### Background and Events
– **The Heist**: In February 2016, hackers attempted to steal approximately $951 million from the Bangladesh Bank's account at the Federal Reserve Bank of New York. They successfully transferred about $101 million, with $81 million going to the Philippines and $20 million to Sri Lanka[1].
– **Methodology**: The attackers compromised Bangladesh Bank's computer network and used the SWIFT messaging system to send fraudulent transfer requests. The operation was sophisticated and planned around the bank's weekend closure[1][3].

### Involvement of North Korean Security Services
– **Attribution**: U.S. federal prosecutors and cybersecurity firms like Symantec and BAE Systems have linked the attack to North Korea's Reconnaissance General Bureau (RGB), specifically the Lazarus Group, a state-sponsored hacking collective[1][3].
– **Evidence**: The methods used in the Bangladesh Bank heist showed similarities with other attacks attributed to North Korea, such as the Sony Pictures hack in 2014[1][3]. The U.S. charged a North Korean programmer, Park Jin Hyok, in connection with the Bangladesh Bank hack and other cybercrimes[1].
– **Laundering**: The stolen funds were laundered through casinos in the Philippines and Macau, which aligns with reports of North Korea using cybercrime to finance its activities[4].

### Conclusion
The claim that North Korean Security Services were involved in the Bangladesh Bank heist is supported by substantial evidence from U.S. federal investigations and cybersecurity analyses. The sophisticated nature of the attack and its similarities to other North Korean operations provide strong indicators of state-sponsored involvement.

### Key Points Summary:
– **Attempted Theft**: Nearly $1 billion was targeted, with $101 million successfully transferred.
– **North Korean Involvement**: Linked to the Lazarus Group and Reconnaissance General Bureau.
– **Methodology**: Exploited SWIFT system vulnerabilities and used malware.
– **Laundering**: Funds were laundered through casinos in the Philippines and Macau.

### Sources:
– [1] Wikipedia: Bangladesh Bank Robbery
– [2] Court Document: Case 1:19-cv-00983-LGS
– [3] Incident Analysis: Bangladesh Bank Cyber Heist
– [4] National Security Archive: Tainted Trove

Overall, the evidence supports the claim that North Korean Security Services were involved in the Bangladesh Bank heist, highlighting a significant case of state-sponsored cybercrime.

Citations

Claim

On February 5, 2016, a duty manager named Zubin Huda noticed a printer glitch at the Central Bank of Bangladesh.

Veracity Rating: 2 out of 4

Facts

To evaluate the claim that on February 5, 2016, a duty manager named Zubin Huda noticed a printer glitch at the Central Bank of Bangladesh, we need to assess the available information and verify it against reliable sources.

1. **Name and Position**: The claim mentions a "duty manager named Zubin Huda." However, most sources refer to a "director of Bangladesh Bank" named Zubair Bin Huda, not Zubin Huda. This discrepancy suggests a possible error in the name or position[2][4].

2. **Printer Glitch**: It is confirmed that a printer issue played a significant role in the discovery of the heist. Hackers had installed malware to prevent the printer from printing transaction reports, which would have alerted bank staff to the fraudulent transfers. When the printer was checked after a weekend, it was found not to be printing, initially thought to be a technical glitch[2][4].

3. **Date and Incident**: The printer issue was noticed after the weekend, which aligns with February 7, 2016, rather than February 5, 2016. On February 5, the bank was closed for the weekend, and the printer malfunction was discovered when employees returned to work[2][4].

4. **Attribution to North Korea**: While the claim mentions North Korea's involvement, it is widely reported that the attack was sophisticated and involved nation-state hackers, but specific attribution to North Korea is not universally agreed upon in all sources[5].

In conclusion, while the claim about a printer glitch is accurate, the details regarding the name and date may be incorrect. The incident was indeed significant in exposing the heist, but the specifics need clarification based on verified sources.

**Evidence Summary**:
– **Name and Position**: The name "Zubin Huda" does not match the commonly reported "Zubair Bin Huda."
– **Printer Glitch**: Confirmed as a critical factor in discovering the heist.
– **Date**: The printer issue was noticed after the weekend, likely on February 7, not February 5.
– **Attribution**: The involvement of nation-state hackers is acknowledged, but specific attribution to North Korea may vary by source.

Citations

Claim

On February 6, 2016, messages began to spew out of the printer at the Central Bank of Bangladesh, revealing urgent transfer instructions from the Federal Reserve Bank in New York.

Veracity Rating: 2 out of 4

Facts

The claim that on February 6, 2016, messages began to spew out of the printer at the Central Bank of Bangladesh, revealing urgent transfer instructions from the Federal Reserve Bank in New York, appears to be partially inaccurate. The actual event involved a malfunctioning printer that played a role in the discovery of the heist, but it was not about messages spewing out on February 6. Instead, the printer issue occurred on February 5, 2016, when Bangladesh Bank's staff found it wasn't working, which was initially thought to be a common glitch[2][4].

Here's a summary of what actually happened:

– **Malfunctioning Printer**: On February 5, 2016, a printer at Bangladesh Bank malfunctioned, which was initially dismissed as a common technical issue. However, this was part of a larger cyber attack where hackers had compromised the bank's system[2][4].
– **Cyber Attack**: Hackers attempted to steal $951 million from Bangladesh Bank's account at the Federal Reserve Bank of New York using the SWIFT network. They managed to transfer $81 million to the Philippines and $20 million to Sri Lanka[1][3].
– **Discovery and Response**: The bank realized the issue on February 6, 2016, and tried to contact the Federal Reserve Bank of New York to halt the transactions. However, due to the weekend and a holiday in the Philippines, the response was delayed[2][4].
– **Investigation and Attribution**: The attack was attributed to North Korea's Reconnaissance General Bureau, with suspicions of state-sponsored involvement[1][3].

The heist was a sophisticated cybercrime that exploited weaknesses in the bank's systems and timing, taking advantage of holiday schedules to delay detection[1][3].

Citations

Claim

The North Koreans attempted to wire nearly $1 billion out of the Central Bank of Bangladesh through a bank in Manila.

Veracity Rating: 3 out of 4

Facts

## Evaluation of the Claim

The claim that North Koreans attempted to wire nearly $1 billion out of the Central Bank of Bangladesh through a bank in Manila can be evaluated based on available evidence and reliable sources.

### Key Points of the Claim

1. **Attempted Theft Amount**: The claim mentions an attempt to wire nearly $1 billion. According to reports, the hackers indeed targeted approximately $1 billion but managed to initiate transfers totaling $951 million from the Bangladesh Bank's account at the Federal Reserve Bank of New York[1][3].

2. **Involvement of North Korea**: The claim implicates North Korea in the heist. Investigations and reports suggest that the hackers were linked to North Korea, specifically the Lazarus Group, a state-sponsored hacking collective[1][3][5].

3. **Use of Manila Bank**: The claim mentions the involvement of a bank in Manila. The stolen funds were indeed transferred to accounts at the Rizal Commercial Banking Corporation (RCBC) in Manila, Philippines[1][3].

4. **Cybercrime and Planning**: The claim highlights the meticulous planning and use of cybercrime. The heist involved a year of planning, exploiting vulnerabilities in the banking system, and using the SWIFT messaging system to execute fraudulent transfers[1][5].

### Evidence and Sources

– **Bangladesh Bank Heist Details**: In February 2016, hackers linked to North Korea attempted to steal approximately $1 billion from the Bangladesh Bank's account at the Federal Reserve Bank of New York. They successfully transferred $81 million to accounts in the Philippines and Sri Lanka[1][3].

– **Involvement of North Korea**: The Lazarus Group, a North Korean state-sponsored hacking collective, is believed to have been behind the attack. This group is known for sophisticated cyberattacks aimed at raising funds for the North Korean regime[2][3].

– **Transfer to Manila**: The stolen funds were laundered through casinos in the Philippines after being transferred to RCBC in Manila. This involved using junket operators and casinos to clean the money[3][4].

– **Planning and Execution**: The heist was meticulously planned, taking advantage of time differences and holidays to evade detection. The hackers exploited vulnerabilities in the SWIFT system and used malware to gain access to the bank's systems[1][5].

### Conclusion

Based on the evidence from reliable sources, the claim that North Koreans attempted to wire nearly $1 billion out of the Central Bank of Bangladesh through a bank in Manila is **substantially true**. The heist involved sophisticated cybercrime techniques, meticulous planning, and the exploitation of vulnerabilities in the global banking system. While the full amount of $1 billion was not successfully transferred, the hackers managed to steal and launder $81 million through banks in the Philippines[1][3][5].

### Additional Information

– **Banking System Vulnerabilities**: The heist exposed significant vulnerabilities in the global banking system, particularly in the use of the SWIFT messaging system and the lack of robust cybersecurity measures at the Bangladesh Bank[3].

– **Wire Transfer Instructions**: The hackers used fraudulent instructions on the SWIFT network to initiate the transfers. This highlighted weaknesses in the verification processes for large transactions[1][3].

– **Role of Park Gen Hook and RGB**: While the claim mentions Park Gen Hook and the Reconnaissance General Bureau (RGB), specific details about their involvement in this heist are not widely documented in available sources. However, the RGB is known for its role in North Korea's cyber operations[1][3].

Overall, the Bangladesh Bank heist demonstrates a blend of state-sponsored espionage and organized crime, showcasing the sophisticated methods used by North Korean hackers to finance their regime's activities.

Citations

Claim

On February 8, 2016, the bank in Manila received the urgent transfer instructions to drain almost a billion dollars from the Central Bank of Bangladesh.

Veracity Rating: 1 out of 4

Facts

To evaluate the claim that on February 8, 2016, the bank in Manila received urgent transfer instructions to drain almost a billion dollars from the Central Bank of Bangladesh, we need to examine the available evidence and timelines related to the Bangladesh Bank heist.

## Claim Evaluation

1. **Timing of the Transfers**: The Bangladesh Bank heist occurred between February 4 and 5, 2016, when hackers sent 35 fraudulent transfer requests via the SWIFT network to the Federal Reserve Bank of New York, aiming to steal approximately $951 million from Bangladesh Bank's account[1][3]. The transfers were initiated before February 8.

2. **Impact of the Lunar New Year**: The claim mentions the Lunar New Year, which is relevant because it coincided with the Chinese New Year celebrations in the Philippines. On February 8, 2016, during the Chinese New Year holiday, Bangladesh Bank sent a SWIFT message to Rizal Commercial Banking Corporation (RCBC) in the Philippines to stop and refund the fraudulent transfers. However, due to the holiday, RCBC received the message a day later, by which time some of the funds had already been withdrawn[1].

3. **Bank in Manila**: The claim likely refers to RCBC, which received the fraudulent transfers. However, the urgent instructions to drain the funds were not received by RCBC on February 8 but were part of the initial fraudulent transfers sent on February 4-5, 2016[1].

## Conclusion

The claim that on February 8, 2016, the bank in Manila received urgent transfer instructions to drain almost a billion dollars from the Central Bank of Bangladesh is **inaccurate**. The fraudulent transfer requests were sent on February 4-5, 2016, and the message to stop these transfers was sent by Bangladesh Bank on February 8, but it was received by RCBC a day later due to the Chinese New Year holiday[1].

The significance of the timing lies in the strategic use of holidays and system vulnerabilities by the hackers, which allowed them to evade detection initially. The Lunar New Year celebrations played a role in delaying the response to the fraudulent transfers, but it was not the day when the initial instructions were received by the bank in Manila.

Citations

Claim

$101 million successfully crossed the hurdle from the heist, with five transactions getting through.

Veracity Rating: 4 out of 4

Facts

## Evaluation of the Claim

The claim states that $101 million successfully crossed the hurdle from the Bangladesh Bank heist, with five transactions getting through. This claim can be verified through financial transaction logs and existing reports on the incident.

### Evidence and Verification

1. **Amount Successfully Transferred**: According to reliable sources, including Wikipedia and academic analyses, the Bangladesh Bank heist involved the successful transfer of $101 million out of an attempted $951 million. This amount was distributed as follows: $81 million to the Philippines and $20 million to Sri Lanka[1][3].

2. **Number of Successful Transactions**: The heist involved 35 fraudulent instructions, but only five of these were successful. The remaining transactions were blocked due to suspicions raised by a misspelled instruction[1].

3. **Verification through Financial Logs**: While the claim does not provide direct access to financial transaction logs, the figures and details are consistent with reports from reputable sources. These sources confirm that the successful transfers were primarily to the Philippines and Sri Lanka, with the majority of the funds laundered through casinos[1][3].

### Conclusion

Based on the evidence from reliable sources, the claim that $101 million successfully crossed the hurdle from the heist, with five transactions getting through, is **valid**. The details align with documented accounts of the Bangladesh Bank cyber heist, which involved a sophisticated attack exploiting weaknesses in the bank's systems and the SWIFT network[1][3].

### Additional Context

– **North Korean Involvement**: There are suspicions and allegations linking the heist to North Korea's Reconnaissance General Bureau, with some evidence suggesting similarities in tactics used in other cyberattacks attributed to North Korean actors[1].
– **Recovery Efforts**: As of the latest reports, only a portion of the stolen funds has been recovered, with ongoing legal and diplomatic efforts to retrieve the remainder[1].

Citations

Claim

The North Korean hackers exploited holidays and time zone differences to execute the heist.

Veracity Rating: 4 out of 4

Facts

The claim that North Korean hackers exploited holidays and time zone differences to execute the Bangladesh Bank heist is supported by detailed investigations into the incident. Here's how these factors played a crucial role:

## Exploitation of Holidays and Time Zones

– **Timing and Planning**: The hackers, linked to North Korea's Lazarus Group, meticulously planned the heist to coincide with a weekend in Bangladesh and the start of the Lunar New Year in East and Southeast Asia. This timing allowed them a five-day window to execute the heist without immediate detection[1][2].
– **Time Zone Differences**: The heist occurred between February 4-7, 2016, exploiting the time difference between Dhaka, New York, and Manila. By the time the hack was discovered in Dhaka, it was already the weekend in New York City, and offices were closed, delaying response times[1][5].
– **Holiday Impact**: The Lunar New Year celebrations in the Philippines further complicated the response, as it was a major national holiday, ensuring that financial institutions were closed or operating on reduced hours[1][2].

## Impact on Banking Operations

– **SWIFT System Manipulation**: The hackers used the SWIFT messaging system to initiate fraudulent transactions, aiming to transfer $951 million from Bangladesh Bank's account at the Federal Reserve Bank of New York to accounts in the Philippines and Sri Lanka[1][2].
– **Detection Delay**: The initial detection of the hack was delayed due to a malfunctioning printer at Bangladesh Bank, which was later found to be a sign of the compromised system[1][5].
– **Money Laundering**: The stolen funds were laundered through casinos in the Philippines and Macau, making it difficult to trace the money[1][2].

## Additional Information

Researching how holidays and time zone differences impact banking operations can provide insights into vulnerabilities that hackers exploit. This includes understanding how hackers use these factors to their advantage, such as planning attacks during periods when response times are slower due to holidays or weekends. Additionally, it highlights the need for robust security measures that can detect and respond to threats even during periods of reduced operational capacity.

Citations

Claim

The bank manager in Manila established accounts with fake information to facilitate the laundering of money.

Veracity Rating: 4 out of 4

Facts

## Claim Evaluation: Bank Manager in Manila Established Accounts with Fake Information

The claim that a bank manager in Manila established accounts with fake information to facilitate the laundering of money is supported by reliable sources. This incident is linked to the Bangladesh Bank heist, where hackers attempted to steal nearly $1 billion from the Central Bank of Bangladesh, with approximately $81 million successfully laundered through the Philippines.

### Evidence Supporting the Claim

1. **Fictitious Accounts at RCBC**: The Rizal Commercial Banking Corporation (RCBC) in the Philippines was involved in the money laundering process. Five U.S. dollar accounts were opened under fictitious names, including Michael Francisco Cruz, Jessie Christopher M. Lagrosas, Alfred Santos Vergara, Enrico Teodoro Vasquez, and Ralph Campo Picache. These accounts were created on May 15, 2015, and remained dormant until February 5, 2016, when the stolen funds were transferred into them[1][2].

2. **Involvement of RCBC Employees**: Maia Santos Deguito, a former manager at RCBC's Jupiter Street branch in Makati City, was convicted of money laundering in connection with the Bangladesh Bank heist. She was found to have facilitated the transactions without hesitation, and her actions were deemed criminally liable[4][5].

3. **Use of Fake Documents**: The fictitious account holders used fake driver's licenses, and the signatures on the account opening forms did not match those on the licenses. Additionally, the contact information provided for these account holders was false, with form letters sent to them being returned as undeliverable[2].

4. **Lack of Verification**: RCBC admitted to not conducting employment verification reviews for the fictitious account holders, who all had similar employment backgrounds. Despite these red flags, the accounts were approved by RCBC employees, including Deguito and others[2].

### Investigating Hiring Practices and Account Setups

Investigating the hiring practices and account setups at RCBC could indeed provide valuable insights into the money laundering processes. This includes examining how employees were trained to detect suspicious transactions and whether there were systemic failures in the bank's compliance procedures.

– **Internal Controls**: The fact that RCBC employees were able to open and manage fictitious accounts without adequate verification suggests weaknesses in the bank's internal controls and anti-money laundering protocols[2][3].

– **Regulatory Oversight**: The Bangko Sentral ng Pilipinas (BSP) imposed a record fine of ₱1 billion on RCBC for its failure to comply with banking laws and regulations related to the heist[1][4].

### Conclusion

The claim that a bank manager in Manila established accounts with fake information to facilitate money laundering is supported by evidence from the Bangladesh Bank heist. The involvement of RCBC employees, the use of fictitious accounts, and the lack of proper verification highlight significant lapses in banking practices and regulatory oversight. Investigating these aspects further could help prevent similar incidents in the future.

Citations

Claim

The North Koreans laundered money through casinos in the Philippines to hide its origin.

Veracity Rating: 4 out of 4

Facts

## Evaluation of the Claim: North Koreans Laundered Money Through Casinos in the Philippines

The claim that North Koreans laundered money through casinos in the Philippines is supported by several reliable sources. Here's a detailed analysis of the evidence:

### Background and Context

In 2016, North Korean hackers, linked to the Lazarus Group, attempted to steal approximately $1 billion from the Central Bank of Bangladesh. Although they were unsuccessful in obtaining the full amount, about $81 million was transferred to the Philippines and laundered through casinos and junket operators[1][3][5].

### Evidence Supporting the Claim

1. **UN Reports and Investigations**: The United Nations Office on Drugs and Crime (UNODC) has reported that North Korean state-sponsored hacking groups, including the Lazarus Group, have collaborated with organized crime networks in Southeast Asia to launder stolen funds. This includes the use of casinos and junkets in the Philippines to conceal the origin of the money[1][3].

2. **Philippine Investigations**: The Philippine Senate and regulatory bodies like the Philippine Amusement and Gaming Corporation (PAGCOR) and the Anti-Money Laundering Council (AMLC) have investigated money laundering cases involving casinos. These investigations were prompted by allegations that stolen funds from overseas were laundered through local casinos[2][4].

3. **Specific Cases**: The 2016 Bangladesh Central Bank heist is a notable example where stolen funds were laundered through Philippine casinos. The money was transferred to bank accounts linked to casino junket operators, highlighting the role of casinos in facilitating money laundering[3][5].

### Regulatory Environment

The regulatory environment in the Philippines has been criticized for not adequately covering casinos under anti-money laundering laws until recent reforms. This gap has historically made casinos vulnerable to exploitation by criminal actors seeking to launder illicit funds[2][4].

### Conclusion

Based on the evidence from reputable sources, including UN reports and investigations by Philippine authorities, it is confirmed that North Koreans have used casinos in the Philippines as part of their money laundering operations. The use of casinos for this purpose is facilitated by both the under-regulation of the sector and the involvement of organized crime networks.

**Sources Cited:**

– [1] SC Media: UN report on North Korean hackers and money laundering networks.
– [2] Gambling Insider: Philippines Senate investigation into a $100m money laundering case.
– [3] The Record: UN report on Southeast Asian casino industry and cyber fraud.
– [4] RUSI: North Korean activity in the casino and gaming sector.
– [5] RUSI PDF: Detailed analysis of North Korean exploitation of casinos for money laundering.

Citations

Claim

In 2019, North Korea spent around $4 billion on defense, making the attempted theft a quarter of that budget.

Veracity Rating: 3 out of 4

Facts

## Evaluation of the Claim: North Korea's Defense Spending and the Attempted Theft

The claim suggests that in 2019, North Korea spent around $4 billion on defense, and an attempted theft of $951 million would represent a quarter of that budget. To evaluate this claim, we need to verify North Korea's defense spending for 2019 and assess whether the attempted theft amount aligns with being a quarter of that budget.

### Defense Spending in North Korea

– **Reported Defense Spending**: In 2019, North Korea's defense spending was estimated to be around $4 billion, which would have been approximately 26% of its GDP, according to the U.S. State Department's "World Military Expenditures and Arms Transfers" report[1]. Another source also estimates North Korea's defense spending to be around $4 billion in 2019[5].

– **Percentage of GDP**: Estimates vary, but North Korea is known to allocate a significant portion of its GDP to defense. Reports suggest that between 2007 and 2017, North Korea spent between 22% and 24% of its GDP on defense[3].

### Calculation of a Quarter of the Budget

If North Korea indeed spent around $4 billion on defense in 2019, a quarter of that budget would be approximately $1 billion. The claim mentions an attempted theft of $951 million, which is close to but does not exactly match a quarter of the estimated $4 billion defense budget.

### Conclusion

The claim that the attempted theft of $951 million represents a quarter of North Korea's defense budget is not entirely accurate. While North Korea did spend around $4 billion on defense in 2019, a quarter of that amount would be $1 billion, not $951 million. However, the attempted theft is close to this figure and highlights the significant financial scale of such cybercrime operations in relation to North Korea's defense budget.

### Evidence and References

– **Defense Spending Estimates**: The U.S. State Department and other sources estimate North Korea's defense spending to be around $4 billion in 2019[1][5].
– **Percentage of GDP**: North Korea allocates a significant portion of its GDP to defense, estimated between 22% and 24%[3].
– **Calculation**: A quarter of a $4 billion budget is $1 billion, not $951 million.

Citations

Claim

North Korea began targeting cryptocurrency exchanges for heists after the Bangladesh heist.

Veracity Rating: 3 out of 4

Facts

## Evaluation of the Claim: North Korea Began Targeting Cryptocurrency Exchanges for Heists After the Bangladesh Heist

The claim that North Korea began targeting cryptocurrency exchanges for heists after the Bangladesh heist requires a thorough examination of available evidence and timelines.

### Background: The Bangladesh Heist
In 2016, North Korea's Reconnaissance General Bureau (RGB) was involved in an attempted theft of $951 million from the Central Bank of Bangladesh. The operation was sophisticated, exploiting system vulnerabilities and holiday schedules to manipulate the SWIFT messaging system. Although the heist was partially successful, with around $81 million transferred and laundered, it did not involve cryptocurrency directly[2].

### North Korea's Involvement in Cryptocurrency Heists
North Korea's involvement in cryptocurrency heists is well-documented, with significant activities reported from 2017 onwards. A UN report linked North Korea to nearly $3.6 billion in cryptocurrency heists between 2017 and 2024[5]. This period saw North Korea increasingly target cryptocurrency exchanges as part of its state-sponsored cybercrime efforts to circumvent sanctions and fund its nuclear programs.

### Evidence of Cryptocurrency Heists Post-Bangladesh Heist
– **2017-2024:** North Korea was linked to substantial cryptocurrency thefts during this period, with estimates suggesting nearly $3.6 billion stolen[5].
– **2019:** South Korean investigators confirmed North Korea's role in a 2019 Ethereum cryptocurrency theft valued at approximately $41.5 million[5].
– **2024:** North Korean hackers stole over $659 million in cryptocurrency heists, including a $235 million hack of WazirX and a $308 million theft from DMM Bitcoin[1][4].

### Conclusion
While the Bangladesh heist in 2016 did not directly involve cryptocurrency, it marked a significant moment in North Korea's use of cybercrime for financial gain. The shift towards targeting cryptocurrency exchanges began after this period, with substantial activities reported from 2017 onwards. Therefore, the claim that North Korea began targeting cryptocurrency exchanges for heists after the Bangladesh heist is generally supported by the timeline of events and the evolution of North Korea's cybercrime strategies.

### Key Points:
– **Pre-2017:** The Bangladesh heist was a major cybercrime event but did not involve cryptocurrency.
– **Post-2017:** North Korea increasingly targeted cryptocurrency exchanges, aligning with a broader strategy to exploit digital assets for financial gain.
– **Evidence:** Reports from UN agencies, South Korean investigations, and cybersecurity firms confirm North Korea's involvement in significant cryptocurrency heists from 2017 onwards[1][5].

Citations

We believe in transparency and accuracy. That’s why this blog post was verified with CheckForFacts.
Start your fact-checking journey today and make the world a more informed place!