North Korean Hackers Pulled Off $2 Billion Crypto Heist in 2025, Raising Total Stolen to $6.75 Billion
In 2025, North Korea–linked hackers stole $2.02 billion in cryptocurrency, a 51 % jump from 2024, marking the largest single-year surge on record, as highlighted by Coin Bureau.
Although the number of attacks fell in 2025, North Korea‑linked hackers targeted a few high‑value breaches, including a Bybit exploit that alone cost $1.5 billion. Their success pushed the total stolen to around $6.75 billion, making them the single most prolific actor in global crypto theft history
Strategic Shift in Tactics
In 2025, North Korean hackers didn’t just steal bigger sums, they got smarter. Using advanced tactics such as embedding IT insiders in crypto firms, leveraging social engineering for privileged access, and targeting centralized platforms, they maximized each breach’s payoff.
Instead of scattering efforts across numerous minor attacks, DPRK‑linked groups focused on high-impact service compromises, responsible for roughly 76 % of all service-level crypto thefts last year.
Their approach reflects a clear evolution: fewer but far more lucrative attacks, paired with sophisticated laundering across mixers and cross-chain bridges to obscure the flow of stolen funds over time.
Global Impact and Industry Response
The $2 billion in crypto stolen by North Korea–linked actors in 2025 highlights the persistent threat nation‑state hackers pose to the industry. With centralized exchanges and custodial services particularly vulnerable, the scale of these thefts exposes systemic weaknesses in the crypto ecosystem.
In response, regulators, exchanges, and analytics firms are strengthening defenses through enhanced on‑chain monitoring, stricter compliance, and closer cooperation with law enforcement.
Yet the DPRK’s operations, fueled by the regime’s need to bypass sanctions, underscore the ongoing challenge of protecting a borderless financial system from well-resourced, politically motivated adversaries.
Conclusion
In 2025, North Korean hackers stole $2 billion in crypto, highlighting the rising sophistication of nation‑state cybercrime. Fewer but high‑value attacks exposed critical weaknesses in exchanges and custodial platforms, showing that just a handful of breaches can yield billions.
The surge in threats underscores an urgent need for stronger security, global cooperation, and proactive risk management to safeguard the rapidly growing crypto ecosystem from well-funded, politically motivated adversaries.
