Over the last 12 hours, coverage tied North Korea to a broad set of security and economic spillovers—especially cybercrime and its knock-on effects in finance and crypto. Multiple reports focus on DPRK-linked hacking activity: ESET attributes an Android/Windows supply-chain campaign (“BirdCall” malware) to APT37 (ScarCruft), targeting ethnic Koreans in China’s Yanbian region; separate reporting also highlights North Korean hackers targeting gamers via trojanized platforms. In parallel, the crypto beat emphasizes the scale of DPRK-linked theft and fallout, including claims that North Korean hackers account for a very large share of 2026 crypto thefts and that Ethereum’s slowdown is worsening broader market concerns—framed alongside April exploit losses tied to North Korea-linked actors.

A major legal-development thread also emerged in the same window, with U.S. courts sentencing two Americans to 18 months each for facilitating DPRK remote IT worker schemes that generated more than $1.2 million for Pyongyang. The reporting describes “laptop farm” operations where defendants hosted laptops and installed remote access tools so overseas IT workers could appear to be working from the defendants’ residences—an enforcement action that reinforces the theme that DPRK illicit revenue generation is being disrupted through both cyber and fraud cases.

Another notable, near-term development is the intensifying DeFi dispute around the April 18 LayerZero-linked exploit and the resulting migration plans. While the most detailed evidence in the provided material centers on KelpDAO’s position (that the breach stemmed from LayerZero’s infrastructure rather than Kelp’s configuration) and its stated plan to migrate rsETH to Chainlink CCIP, the coverage also shows the conflict is escalating into public accusations between DeFi projects. This matters for North Korea Business Times because the exploit is repeatedly framed as DPRK-linked in the surrounding reporting, and the dispute is occurring in the same ecosystem where DPRK-linked theft is a recurring concern.

Looking slightly further back for continuity, the reporting shows North Korea’s cyber posture continuing to be treated as a persistent strategic revenue stream—alongside broader institutional and geopolitical shifts. In the 12–24 hour range, North Korea is also described as changing its constitutional stance by dropping reunification references with South Korea, signaling a more hardened posture toward Seoul. Together with the cyber enforcement and malware targeting described above, the coverage suggests a dual track: tighter political messaging domestically/regionally while sustaining cyber operations that reach into global digital finance and cross-border fraud.

Note: The provided evidence in the last 12 hours is dense on cyber and crypto, but relatively sparse on direct “business” developments inside North Korea itself (beyond the constitutional change appearing in older material). The summary therefore emphasizes security-linked economic impacts (sanctions, fraud, crypto theft, and DeFi infrastructure disputes) rather than internal industrial or trade updates.