Chainalysis summarizes MSMT findings that DPRK cyber operations now combine large-scale cryptocurrency theft, laundering, IT-worker fraud, and espionage in support of North Korea’s strategic objectives. The excerpt cites an estimated $2.8 billion in DPRK cryptocurrency theft from January 2024 to September 2025, including the $1.5 billion Bybit heist attributed in the text to RGB’s TraderTraitor group. Laundering routes include bridges, mixers, privacy protocols such as Tornado Cash, OTC brokers, Hong Kong intermediaries, Huione Pay, UnionPay cards, and Russian and Cambodian money-laundering networks. The report also notes a shift toward coordinated supply-chain attacks against asset providers and custodians, while DPRK IT workers use multiple false identities to target AI, blockchain, defense, and European firms. The activity matters because the excerpt ties stolen funds and technical espionage to weapons procurement and sensitive industries including semiconductors, uranium processing, and missile technology.