Categories: Payment system news

North Korean Hackers Have Stolen Over $2 Billion This Year: Elliptic

North Korea-linked hacking groups have stolen more than $2 billion worth of crypto assets so far this year, according to a new analysis from blockchain forensics firm Elliptic, the largest annual total ever recorded, and with three months of 2025 still to go.

The new data underscores Pyongyang’s growing dependence on cyber-enabled theft to fund its weapons programs. According to the United Nations and multiple intelligence agencies, proceeds from these hacks are used to finance North Korea’s nuclear and ballistic missile development.

“The scale of crypto theft attributed to North Korea this year is unprecedented — and a clear indication of how deeply the regime depends on cybercrime,” Elliptic said in its report shared with CoinDesk.

Elliptic’s findings bring the total known crypto theft attributed to North Korea to more than $6 billion since the regime’s hacking operations began targeting the crypto sector around 2017.

Bybit Hack Drives Record Year

The 2025 figure is dominated by February’s $1.46 billion hack of the Bybit exchange, one of the largest crypto thefts on record.

Elliptic has also attributed attacks against LND.fi, WOO X, and Seedify to North Korea this year, along with more than 30 additional incidents involving smaller exchanges and DeFi platforms.

The $2 billion total nearly triples last year’s tally and surpasses the previous record of $1.35 billion set in 2022, when North Korea-linked actors were behind major breaches of Ronin Network and Harmony Bridge.

Shift Towards Social Engineering

While centralized exchanges remain a prime target, Elliptic noted a strategic shift toward attacks on individuals, particularly high-net-worth crypto holders and company executives.

With crypto prices rebounding in 2025, such targets have become increasingly lucrative, often lacking the robust security infrastructure of institutional platforms.

“The weak point in cryptocurrency security is now human, not technological,” Elliptic said.

This shift has seen hackers rely more on deception than code exploits, using tactics like phishing, fake job offers, and compromised social media accounts to gain access to wallets and private keys.

A Crypto-Laundering Arms Race

As blockchain analytics and law enforcement collaboration have improved, North Korea’s laundering operations have become more complex, Elliptic found.

Following the Bybit breach, investigators traced multiple rounds of cross-chain swaps between Bitcoin, Ethereum, BTTC and Tron — often using obscure protocols and self-issued tokens to disguise origins.

New laundering methods include multiple rounds of mixing, using obscure blockchains and creating new tokens issued directly by laundering networks.

superadmin

Recent Posts

BingX Expands Its TradFi Offerings With a $1 Million USDT Earnings Season Campaign

PANAMA CITY, July 9, 2026 – BingX, a leading cryptocurrency exchange and Web3-AI company, today…

5 hours ago

This Guy Turned $316 Into $2M on Robinhood Chain – Will He Sell it Off or Ride Higher?

Despite the ongoing bear market, a few insane success stories can be witnessed here and…

5 hours ago

BlackRock Back to Buying Bitcoin as it Loads Up on $250 Million in the Last 48 Hours

BlackRock, the world’s largest asset manager, has resumed buying Bitcoin through its iShares Bitcoin Trust…

5 hours ago

Trump Highlights Bitcoin’s Growing Influence: “People Don’t Realize How Powerful It Is”

President Trump has once again reaffirmed his support for Bitcoin, describing BTC as a powerful…

23 hours ago

XRP Bulls Make Risky Bet as Spot Demand Rises

Altcoins are gaining traction with traders already pitching high third-quarter projections. XRP is at the…

23 hours ago

Ethereum’s New Proposal Sparks Cardano Feud as Hoskinson Claims “We Built It First”

Cardano founder Charles Hoskinson has criticized Ethereum's latest research proposal, arguing that it revives concepts…

24 hours ago