.png){kind=logo}
Pyongyang regime-backed hackers have broken heist records. These individuals have struck international cryptocurrency platforms with unprecedented accuracy and magnitude.
The current amount lost to theft overshadows last year’s crypto heist numbers. The latest attack underscores the emerging threat of state-sponsored cybercrime.
State-sponsored North Korean hackers have now taken more than $2 billion in cryptocurrency to date in 2025, almost three times last year’s amount, as per blockchain analytics company Elliptic.
The major headline attack targeted cryptocurrency exchange Bybit in February. Hackers took advantage of vulnerabilities within Bybit’s wallet system and a supplier’s software to drain 401,000 Ethereum tokens, valued at $1.46 billion, the biggest crypto heist ever.
The Bybit crypto theft was merely the tip of the iceberg. Elliptic connects North Korea to over 30 crypto hacks alone this year. Among high-profile victims are LND.fi, WOO X, and Seedify.
In July, hackers withdrew $14 million from nine WOO X accounts, while Seedify lost $1.2 million. North Korea has stolen more than $6 billion in cryptocurrency since 2017, pointing to the regime’s increasingly heavy dependence on cybercrime to generate hard currency.
Attackers have changed focus this year from software vulnerabilities to human vulnerabilities. Elliptic reports that the weak link in crypto security is human, no longer technological.
Advanced social engineering, phishing attacks, scams about job opportunities, and hijacked social media profiles are being used. Hackers are utilizing these techniques to attack high-net-worth individuals and business executives who do not have institutional safeguards.
The United States intelligence services tie these cybercrimes to North Korea’s nuclear and missile programs. The thieves use different methods to move the scammed money around the world. This includes sorting coins through blockchains and even creating their own tokens to cover their tracks.
Some of the funds have been traced through blockchain tracking and bounty campaigns. Bybit’s initiative alone was able to recover and give $40 million in stolen assets and over $4 million in informant’s reward money.
Also Read: $44M CoinDCX Hack Traced to North Korea’s Lazarus Group, Same Date as WazirX Breach
The massive crypto heist is a clear indication of the major cybersecurity issues the worldwide crypto market is being exposed to. Experts have recommended a step-by-step approach for the operating platforms. This will enhance the security of the users’ devices and make them more resistant to social engineering attacks through training.
The rising cyber power of North Korea is a sign that the role of cryptocurrency is not limited to an investment vehicle or an instrument for trading anymore. It has already become a part of the global cyber warfare picture. If the technology supports weapons programs, it might become a huge threat to the global financial system’s security.
