G7 Launches Coordinated Crackdown on North Korea’s Crypto Thefts: ’Zero Tolerance’ Warning Issued

In a historic move, the Group of Seven (G7) nations meeting in Évian have declared a unified 'zero tolerance' policy against North Korean-linked cyber heists, warning that the next attack on decentralized finance (DeFi) protocols will trigger immediate, coordinated sanctions. This crackdown follows a devastating series of crypto thefts in 2026 that have collectively siphoned billions from digital asset platforms, with state-sponsored hackers now seen as the single greatest systemic risk to the $4 trillion crypto market. The G7's joint statement signals a new era of financial warfare, putting North Korea's crypto operations directly in the crosshairs of global regulators.

In brief

• The G7 wants to coordinate the fight against North Korean crypto thefts.
• Drift and Humanity Protocol lost more than 320 million dollars in total.
• Tracing funds and sharing intelligence will be decisive.

Crypto enters the G7 security agenda

G7 leaders have called for coordinated action against crypto thefts and North Korean cybercrime. This position extends discussions already underway around North Korean hacks at the previous summit held in Canada.

The political message hardens. The theft of digital assets is no longer treated as mere computer crimes. They are now linked to sanction evasion, financing the North Korean state, and developing its military programs.

This evolution changes the role of crypto in diplomatic discussions. The sector becomes both a global financial infrastructure and a battleground between states. Protocol flaws can thus have consequences far beyond the directly affected investors.

Drift and Humanity illustrate the new threat

The attack on Drift Protocol marked a turning point. The Solana-based protocol lost about 286 million dollars on April 1st. Elliptic and TRM Labs identified several indicators compatible with operations previously attributed to groups linked to Pyongyang.

The operation was not only based on a technical flaw. The attackers allegedly prepared their offensive for several months, created fake profiles, and established relationships with project members. This patience shows that the North Korean crypto threat now goes beyond classic hacking.

Humanity Protocol then lost nearly 36 million dollars. According to Quantstamp’s investigation, a fake email imitating the Bithumb platform led an employee to install malware. The hackers then gained sensitive access and private keys.

The incident caused a sharp drop in the H token. It reminds that human error remains one of the main entry points for crypto attacks, even when smart contracts have been audited.

A response based on tracing funds

The G7 cannot stop these operations with a simple statement. An effective response requires faster intelligence sharing between governments, blockchain analytics firms, and crypto platforms.

Suspicious addresses must be reported immediately. Exchanges can then block certain deposits or prevent converting stolen funds into traditional currencies. Speed remains essential because hackers often move assets across multiple blockchains within hours.

G7 countries could also increase pressure on jurisdictions hosting uncooperative platforms. Mixing services, offshore intermediaries, and exchanges lacking sufficient controls make fund tracking even more difficult.

However, blockchain offers an advantage to investigators. Transactions remain public and can be traced long after an attack. Hackers use complex techniques to obscure their tracks, but their movements always leave digital traces.

International coordination remains the real challenge

Actors linked to North Korea are said to have stolen more than 6.5 billion dollars in crypto over recent years. Part of these revenues reportedly supports the regime’s military programs, according to several governments and cybersecurity firms.

Pyongyang regularly denies these accusations. The North Korean government denounces narratives fabricated by the United States to justify sanctions. This opposition makes direct cooperation impossible and forces the G7 to act through financial infrastructures.

The success of this strategy will therefore depend on platforms, stablecoin issuers, and cybersecurity companies. Authorities can sanction addresses, but funds will continue to circulate if some intermediaries refuse to cooperate.

The G7 now wants to turn its warnings into an operational mechanism. The challenge will be to hit criminal networks without weakening the entire crypto ecosystem. Faced with the multiplication of North Korean agents, security no longer depends only on code. It also requires human controls, better recruitment monitoring, and consistent international cooperation.

Maximize your Cointribune experience with our "Read to Earn" program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.