North Korean hackers have reportedly stolen more than $2 billion in crypto assets so far in 2025 — the largest annual total ever recorded, according to a new report by blockchain analytics firm Elliptic.
The report notes that this year’s amount is nearly triple the figure from 2024, when losses totaled less than $700 million. In total, funds linked to DPRK-affiliated cyber groups have now surpassed $6 billion stolen since they began targeting the crypto industry.
According to Elliptic, North Korean groups were responsible for over 30 major incidents in 2025 alone, including attacks on Bybit, LND.fi, WOO X, and Seedify. The previous record, set in 2022, stood at $1.35 billion.
Social Engineering Replaces Technical Exploits
A growing share of attacks now targets individual investors through social engineering tactics rather than complex code exploits. Hackers are increasingly tricking victims into giving away wallet access or sensitive credentials.
Experts say this shift shows that the human factor is becoming the weakest link in crypto security — not the software itself.
Advanced Laundering Methods
As blockchain tracing tools become more sophisticated, North Korean hackers are also refining their money-laundering techniques. Elliptic reports that they use:
- Multi-layered asset mixing processes
- Cross-chain transactions
- Less-known blockchain networks with limited analytics coverage
These evolving methods make it harder for investigators to track and recover stolen funds.
In September 2025 alone, the crypto sector lost over $127 million to various hacks — a reminder that cyber threats remain one of the most serious challenges for the digital asset ecosystem.
