Ripple Joins Cyber Watch, North Korea Pushes Back Hard Against Accusations

Add TechGaged as your preferred source on Google

See more TechGaged stories across Google News and Discover.

Add

While major companies, the latest of which is Ripple, are teaming up to fight the growing and highly sophisticated threat coming from North Korean hackers, the isolated country denies all involvement in cyber incidents, calling it slander by the US media.

Ripple shares ‘never-before-seen’ data

Ripple and Crypto ISAC have announced that the major tech company has started contributing DPRK intelligence to the information sharing and analysis center.  “The strongest security posture in crypto is a shared one,” Ripple said in its Twitter post.

According to the press release, the information Ripple will share hasn’t been shared externally amongst members yet. It’s exclusive threat intelligence, “developed via sophisticated AI-enhanced detection workflows.”

It includes domains and wallets known to be associated with fraud and Indicators of Compromise (IOCs) from active DPRK hack campaigns. It also includes details like a DPRK IT worker’s name, a LinkedIn profile, an email address, a location, a contact number, and “the correlated signals that connect that individual to a broader campaign.”

This context, the organization claims, is what transforms just a standard data point into real-time info that security teams across companies can act on.

Per Chainalysis, by the end of 2025, North Korean hackers, often linked to the Lazarus Group, stole over $6.75 billion in crypto.  Of this, 2025 was the record year, with $2.02 billion taken (a 51% increase over 2024), largely the result of the $1.5 billion Bybit heist.

Moreover, TRM Labs found that North Korean hackers stole $577 million in 2026 so far, which is 76% of all crypto hack losses through April.

North Korea pushes back against the ‘reptile media’

Despite the available evidence to the contrary, North Korea denies its involvement in any cyber incidents. It describes the claims as “absurd slander” by the US specifically, for its own political purposes.

The DPRK Foreign Ministry spokesperson states that:

“Recently, the U.S. government organs, reptile media organs and plot-breeding organizations are trying to spread incorrect understanding of the DPRK to the international community, talking about the non-existent “cyber threat” from the DPRK.”

The accusations, it continues, are unfounded and serve to alienate the DPRK within the international community. At the same time, it says, the US, despite its vast tech capabilities and cyber-attacks on other countries, portrays itself as a victim.

The May 3 press release concludes with the statement that North Korea works “to protect cyber space, the common wealth of mankind, from all sorts of malicious acts.” It rejects “any sinister attempt to use the cyber issue as a political tool for violating sovereignty and interfering in internal affairs of others.”