North Korean Hackers Dominating U.S. Tech Industry: New Report Reveals Shocking Stats
A new cybersecurity report from CrowdStrike highlights North Korean hackers' significant role in tech industry breaches, with nearly half of documented intrusions linked to state-backed operatives.
Admin User

A new cybersecurity report from CrowdStrike has revealed a concerning trend: North Korean hackers are responsible for nearly half of all documented 'hands-on-keyboard' intrusions at U.S. tech companies over the past year. The company's latest annual report on the cybersecurity landscape brings to light the growing threat posed by these skilled cyber operatives, who have become a major source of cyber attacks targeting the tech sector.
According to CrowdStrike, during the period from April 2025 to May 2026, the North Korean hacking group known as 'Famous Chollima' accounted for 47% of all state-backed activity aimed at compromising U.S. tech companies. These intrusions are particularly alarming because they typically involve real human hackers conducting sophisticated and evasive cyber activities, rather than automated malware that can be easily detected by traditional security tools.
How They Operate
The hackers associated with the Kim Jong Un regime have developed elaborate schemes to infiltrate tech companies. They often pose as remote IT workers or online recruiters, using artificial intelligence (AI) to create realistic deepfake images and fraudulent identity documents. By doing so, they can convincingly apply for jobs at U.S., European, and Asian tech firms under false pretenses.
Once inside the company, these hackers work tirelessly to maintain persistent access over time. They typically start by stealing passwords or credentials, then use legitimate tools already present in the target's systems to carry out their attacks. This allows them to blend in more effectively and avoid detection for longer periods.
The Impact of Their Attacks
The consequences of these cyber intrusions can be severe. The hackers not only steal valuable intellectual property and sensitive corporate information but also earn salaries from the companies they infiltrate, which are then funneled back to North Korea's regime. In some cases, when caught, the operatives threaten to expose what they've taken unless the company pays a ransom.
Moreover, these hackers specifically target blockchain developers with the intention of stealing large amounts of cryptocurrency. The Kim regime uses this stolen crypto to circumvent its inability to use Western banking systems for transactions. Over the years, North Korea has netted billions of dollars in stolen crypto, including a staggering $2 billion during 2025 alone.


