Kim Jong-un is feared to have unleashed a global wave of cybercrime in a bid to avert a coronavirus financial meltdown in North Korea.
It is claimed he has instructed North Korean hacker group, Lazarus, to use phishing scams to steal cryptocurrencies like Bitcoin.
The secretive syndicate rose to notoriety in 2014 after hacking Sony Pictures in revenge for the planned-release of The Interview - a comedy about assassinating Kim Jong-un.
Along with two other hacking groups, it stole $571m (£463m) of cryptocurrency from five Asian exchanges between January 2017 and September 2018, a US government report revealed.
The hackers targeted Sony Pictures after it made comedy film The Interview (Image: Sony Pictures)
Now with North Korea's economy rocked by the coronavirus pandemic and international sanctions, Lazarus has embarked on a new spate of APT (advanced persistent threat) attacks.
"The APT group Lazarus, which is allegedly sponsored by a certain government, is increasingly engaging in cybercrime activities in and out of South Korea," said Seoul-based EST Security.
"The government-sponsored Lazarus organization is conducting major APT attacks not only in Korea, but also in the international community including the United States."
Kim Jong-un reportedly instructed hackers to steal cryptocurrency (Image: Getty Images/Cultura RF)
One malicious document sent by Lazarus dealt with the pandemic response in a major city, the security firm said.
Another dodgy file masqueraded as paperwork for the hiring of a US aerospace company. But the attacks primarily target people who trade cryptocurrencies, with malicious files typically disguised as blockchain software development contracts.