North Korea-Linked Hackers Steal Over $2 Billion in Crypto 2025
North Korean hacking groups have stolen over $2 billion in crypto assets in 2025, the largest annual total recorded according to Elliptic. This highlights North Korea's reliance on cyber theft to fund its weapons programs, including nuclear and ballistic missile development.
- The total known crypto theft attributed to North Korea since their operations began in 2017 is now over $6 billion.
- A significant portion of this year's total comes from a $1.46 billion hack of the Bybit exchange in February 2025.
- Other targets include LND.fi, WOO X, and Seedify, along with more than 30 smaller exchanges and DeFi platforms.
Shift in Attack Strategy
- There is a strategic shift towards targeting individuals, especially high-net-worth crypto holders and executives.
- Hackers employ social engineering tactics such as phishing, fake job offers, and compromised social media accounts.
Evolving Laundering Techniques
- North Korea's laundering operations are becoming more sophisticated with improved blockchain analytics and law enforcement collaboration.
- New methods include cross-chain swaps between cryptocurrencies like Bitcoin, Ethereum, BTTC, and Tron, using obscure protocols and self-issued tokens.
- Laundering involves multiple rounds of mixing and creating new tokens issued by laundering networks.