How North Korea Pulled Off $2 Billion in Crypto Theft in 2025
North Korean hackers stole a record $2.02 billion in crypto in 2025, driven by fewer but much larger incidents like the massive Bybit hack.Summary
According to a Chainalysis report, global cryptocurrency theft reached $3.4 billion in 2025, largely fueled by North Korea-linked hackers who stole a record $2.02 billion, marking a 51% year-over-year increase. This massive haul resulted from significantly fewer known incidents, highlighted by the massive Bybit hack in March 2025. DPRK actors were responsible for 76% of all service compromises that year, pushing the cumulative estimated theft by North Korea to $6.75 billion.
North Korean tactics are evolving, focusing on high-value attacks and infiltrating technical roles within crypto companies to gain privileged access. They are also using recruitment-style phishing and impersonating contacts in fake Zoom meetings. Chainalysis noted that DPRK actors operate under different constraints than typical cybercriminals, relying heavily on Chinese-language money movement services, OTC traders, and specialized platforms like Huione for laundering.
Chainalysis mapped a recurring 45-day laundering playbook where funds are quickly distanced from the source using DeFi and mixing services, then moved through exchanges with limited KYC, before finally being converted. Experts urge a coordinated response from law enforcement and the private sector to disrupt these funds quickly, as North Korea continues to seek new attack vectors to finance state priorities.
(Source:BeInCrypto)