North Korean hackers may be laundering cryptocurrency through cloud mining services.

A hacker group known as APT43 is stealing and laundering enough cryptocurrency to buy operational infrastructure in line with North Korea’s Juche state ideology.

Juche is North Korea’s state ideology and the official ideology of the Korean Workers’ Party, attributed to founder Kim Il-sung.

Mandiant added that APT43, also known as Kimuski- is likely using hash rental and cloud mining services to “launder” stolen cryptocurrency.

Cloud mining services allow users to rent a computer system belonging to someone else and use that computer’s hash power to mine cryptocurrencies. This eliminates the need for miners to purchase and set up their own local mining installations.

Although APT43 profits from crypto infrastructure, APT43 targets cryptocurrency and related services.

It is a moderately sophisticated group of hackers working to support the North Korean regime by “gathering strategic intelligence”.

North Korean hackers have long been active in the cryptosphere – hacking protocols, stealing digital assets or using special applications to hide criminal trails. They have stolen at least $1.2 billion over the past five years, some of it posing as venture capital firms and investors backing cryptocurrency startups.

Last year, the US Treasury Department imposed sanctions on the Tornado Cash “coin-mixing” app because North Korean hackers were using it to launder funds.

The state-sponsored Lazarus Group used Tornado Cash to launder more than $96 million after hacking the Harmony Bridge blockchain protocol.