North Korea hit crypto for $500M+ this month — and the $6.75 billion threat is not over yet

North Korea's cyber operatives have stolen over $500 million from cryptocurrency DeFi platforms in under three weeks, significantly escalating their state-sponsored campaign to fund weapons programs. Notable exploits targeting Drift Protocol and KelpDAO, resulting in losses of approximately $286 million and $290 million respectively, have pushed North Korea's illicit crypto haul for the year past $700 million. These attacks demonstrate a shift in tactics, with hackers increasingly exploiting complex supply-chain vulnerabilities and human infiltration rather than directly attacking core smart contracts. The KelpDAO exploit, for instance, involved compromising downstream RPC infrastructure. Beyond technical exploits, North Korea is also infiltrating the global crypto workforce, embedding approximately 100 operatives within blockchain companies under fabricated identities to gain access to sensitive information and execute attacks. Industry estimates suggest these operations generate multiple seven-figure sums monthly, creating a dual revenue stream. North Korea-linked hackers stole a record $2 billion in 2025 alone, accounting for 60% of global crypto thefts. Their laundering methods heavily rely on Chinese-language guarantee services, OTC broker networks, and cross-chain mixing services. Security experts emphasize that preventing these attacks requires addressing fundamental weaknesses in access controls, single points of failure, and improving the speed of coordination between entities after a breach.

(Source：CryptoSlate)