.png){kind=logo}
North Korea-linked hackers increased their attacks on the crypto sector in 2025, with losses reportedly reaching $2.02 billion. CrowdStrike said the figure marked a 51% rise from 2024 as threat groups focused on fewer but larger attacks.
The report also linked the rise to advanced social engineering, malware, and insider-style access. Meanwhile, prediction market data shows a 70% YES probability that total crypto hack losses in 2026 will exceed $1.2 billion.
CrowdStrike reported that North Korean threat actors remained one of the most active threats facing financial services. The firm said the groups focused heavily on crypto because stolen assets can move quickly across wallets, bridges, and exchanges.
The report said North Korea-linked groups stole $2.02 billion in crypto in 2025. That figure showed a 51% increase from 2024. However, the rise came from larger thefts rather than a sharp rise in attack numbers.
CertiK also reported a rise in North Korea-linked crypto activity. The security firm estimated that such activity increased by around 60% in 2025. These findings suggest that North Korean groups continued to focus on larger targets with higher rewards.
CrowdStrike said North Korean hackers used malware and advanced social engineering to reach their targets. These methods often involve fake job offers, trusted online profiles or direct contact with employees at crypto firms.
The attackers also appeared to focus on access points inside companies. Reports linked some major thefts to insider-style access and poor internal security controls. This approach can help hackers bypass normal defenses and move funds faster.
The report said these groups can carry out theft and convert stolen crypto at scale. That ability keeps the crypto sector exposed, especially when firms manage large user funds or run cross-chain services.
CrowdStrike said stolen crypto helps North Korea raise money while the country remains under international sanctions. The firm added that cyber-enabled revenue activity may continue in 2026 due to North Korea’s funding needs.
The UN Sanctions Monitoring Team has also linked stolen crypto funds to North Korea’s weapons programs. These findings place crypto theft within a wider sanctions and security concern, beyond normal financial crime.
CrowdStrike warned that these operations ‘will likely continue to intensify in 2026.’ This reflects concern from security researchers, although future losses remain uncertain.
The ‘Total Crypto Hack Value in 2026’ market currently shows a 70% YES chance for losses exceeding $1.2 billion. The pricing has stayed mostly stable in recent days, while higher-threshold markets have moved more sharply.
Market pricing suggests traders expect another costly year for crypto security. However, the figure does not confirm future losses. It only reflects current market expectations based on known risks and recent attack patterns.
Analysts and investors are watching updates from CrowdStrike, Chainalysis, CertiK, and other security firms. They are also tracking exchange controls, wallet security changes, and new rules aimed at reducing crypto laundering.
Furthermore, Crypto mixers remain a key area of concern because hackers often use them to hide stolen funds. However, regulation remains disputed because many of these tools operate without direct custody of user assets.
Also Read: Bitcoin Holds $80K as CLARITY Act Advances in Senate
