Billions stolen, dozens arrested: is crypto crime peaking or adapting?
North Korea-linked hackers stole a record $2 billion in 2025, while global enforcement recovered $439 million, raising questions about whether crypto crime is peaking or adapting to new defenses.Summary
In 2025, North Korea-linked hackers, primarily the Lazarus Group, stole over $2 billion in cryptocurrency, setting a new record, largely due to the $1.5 billion Bybit breach. This occurred alongside significant multilateral enforcement, where an Interpol-led operation recovered $439 million and led to hundreds of arrests across 40 countries.
The core debate is whether this indicates a ceiling for crypto crime or if attackers are successfully adapting. Attackers have shifted their focus from exchange hot wallets to high-leverage targets like cross-chain bridges and validator operations. Laundering techniques have become more complex, involving routing stolen assets across multiple chains (sometimes ten or more), using obscure decentralized exchanges, and relying on over-the-counter brokers in jurisdictions with lax regulation, moving away from direct exchange cash-outs.
Enforcement actions, including sanctions against mixers like Tornado Cash (after its designation was withdrawn) and increased scrutiny on facilitators, have raised the cost and complexity for launderers. While direct transfers to exchanges have dropped significantly, indicating that compliance measures like KYC and sanctions are effective, these actions push illicit flows toward more fragmented, cross-chain obfuscation. The industry's next test will be whether tighter travel rule implementation and stablecoin freezing powers can create prohibitive friction for sophisticated state actors, or if they will continue to exploit regulatory gaps.
(Source:CryptoSlate)