North Korea Uses Banned AI Hardware to Boost Crypto Theft and Sanctions Evasion

The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.

North Korea has used banned NVIDIA GPUs to develop AI systems that enhance crypto theft, sanctions evasion, and cyber operations. These AI tools enable sophisticated phishing, deepfake generation, and identity forgery, contributing to $172.5 million in crypto theft in November 2025. The activity violates export controls and international sanctions.[AI generated]

Why's our monitor labelling this an incident or hazard?

The article explicitly mentions the use of AI-enabled GPUs to conduct cryptocurrency theft and generate fake identities via AI, which are direct harms involving violations of law and harm to communities through illicit financial activities. The AI system's use in hacking and deepfake generation is a direct contributing factor to these harms. Therefore, this event qualifies as an AI Incident due to realized harm caused by AI-enabled activities linked to North Korea's cyber operations.[AI generated]

AI principles

AccountabilitySafetyPrivacy & data governance

Industries

Digital securityFinancial and insurance services

Affected stakeholders

Consumers

Harm types

Economic/Property

Severity

AI incident

AI system task:

Content generation

Articles about this incident or hazard

Banned GPUs Help North Korea Expand Crypto Heists - U.Today

2025-11-30

u.today

Why's our monitor labelling this an incident or hazard?

Banned NVIDIA GPUs power North Korea's AI crypto threat

2025-11-30

crypto.news

Why's our monitor labelling this an incident or hazard?

The article explicitly mentions AI systems being developed and used by North Korea for cyber theft and surveillance, with direct links to substantial crypto theft losses ($172.5 million in November 2025). The use of banned hardware for AI research and the application of AI to enhance attack efficiency and precision demonstrate AI system involvement in causing harm. The harms include financial losses (harm to property) and potential violations of security and privacy through surveillance and social engineering. Therefore, this qualifies as an AI Incident due to realized harm directly linked to AI system use.

North Korea weaponizes banned Nvidia GPUs in push to steal more crypto | Headlines | News | CoinMarketCap

2025-12-01

CoinMarketCap

Why's our monitor labelling this an incident or hazard?

The involvement of AI systems is explicit, as the GPUs power AI research for tasks like pattern recognition and data optimization, which are typical AI applications. The use of these AI systems directly contributes to crypto theft, a form of harm to property. Therefore, this event qualifies as an AI Incident due to the realized harm caused by AI-enabled malicious use.

North Korea Uses Banned Nvidia GPUs to Build AI for Crypto Theft and Sanctions Evasion - Crypto Economy

2025-12-01

Crypto Economy ESP

Why's our monitor labelling this an incident or hazard?

The article explicitly mentions AI systems being developed and used by North Korean cyber units to carry out crypto theft and sanctions evasion, which are forms of harm to property and violations of legal frameworks. The AI's role is pivotal in enabling sophisticated phishing, identity forgery, and laundering operations. The direct link between AI use and realized harm (theft and sanctions evasion) meets the criteria for an AI Incident rather than a hazard or complementary information. The presence of banned GPUs indicates development and use despite restrictions, reinforcing the incident classification.