SushiSwap Head Alex McCurry: North Korean Attacks Threaten DeFi Future
SushiSwap head Alex McCurry publicly urged U.S. President Donald Trump to pressure North Korea to stop its state-level attacks on DeFi, stating that related hacking activities are systematically stealing crypto assets and pose a threat to the industry's development.
His remarks point to several recent attacks attributed to North Korean hacker groups. According to security reports from Chainalysis and TRM Labs, North Korean-related organizations have long been stealing crypto assets through cross-chain bridge vulnerabilities, private key attacks, and social engineering, with a cumulative scale reaching billions of dollars, believed to be related to state funding sources.
The U.S. Treasury and the United Nations have repeatedly released reports linking such attacks to sanctions evasion and fundraising, while crypto industry security firms like FireEye and Elliptic continue to track related on-chain fund flows, reinforcing this attribution framework.
Source: Public Information
ABAB AI Insight
This statement essentially elevates the security issues of DeFi to a geopolitical level. In the past, hacker attacks were more often viewed as technical risks or individual crimes, but when the attackers are clearly identified as state actors, the nature shifts to "asymmetric financial warfare," where the goals are not just profit but also to undermine the opponent's financial infrastructure and market confidence.
North Korea's heavy reliance on crypto attacks is directly related to its isolation from the traditional financial system. Sanctions have limited its access to foreign exchange, while on-chain assets provide an alternative path to bypass the banking system. This inadvertently makes the crypto industry a "pressure relief valve" in the global sanctions system, while also becoming a target for attacks.
Structurally, the openness and composability of DeFi, while fostering innovation, also expand the attack surface. The high interconnectivity between protocols means that once a vulnerability appears in one link, funds can be transferred across chains and obfuscated in a very short time, making traditional regulatory and tracking mechanisms lag behind. This "high liquidity + weak identity" system is particularly advantageous for state-level attackers.
The deeper impact lies in the change of regulatory logic. When national security begins to be directly linked to DeFi, regulation is no longer just about protecting investors but also serves anti-money laundering, counter-terrorism financing, and geopolitical objectives. This will push the crypto industry to face stronger compliance pressures in the future, including identity verification, transaction monitoring, and protocol liability definition, thereby altering its original decentralization narrative.