Expert-Reviewed Editorial Content

Our editorial team, comprising top industry specialists and veteran editors, ensures that our content is both reliable and informative. We maintain transparency through ad disclosures.

Significant Cryptocurrency Security Breach at Japanese Firm

In a major security incident, SBI Crypto, a prominent Japanese corporation, experienced a substantial loss of approximately $21 million from its company-associated wallets on September 24, 2025. This breach has raised alarms across the cryptocurrency community.

Advertisement Banner

Uncovering the Breach

The unauthorized transfer of assets was swiftly identified by blockchain investigators. Analysis of on-chain data revealed the movement of funds from wallet addresses beginning with “0x40d7” and “bc1qx0a2k.” The stolen assets comprised a mix of Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash. Unfortunately, the funds have not been reclaimed as of this report.

Potential Lazarus Group Involvement

Blockchain experts have traced the stolen cryptocurrencies following a distinct pattern. The assets were funneled through five instant exchanges, eventually ending up in Tornado Cash, a crypto mixer that faced sanctions from US authorities in 2022. The tactics observed—such as wallet signatures, timing, and transaction routes—bear a striking resemblance to previous activities associated with the notorious Lazarus Group, a cybercrime entity linked to North Korea.

Earlier this year, a US court’s ruling lifted certain restrictions on mixers, sparking renewed concerns about their potential misuse to obscure significant thefts.

Social Engineering and Infiltration Tactics

Investigations have revealed that the threat landscape extends beyond technical hacking. Operatives have been found creating numerous fictitious personas, acquiring social security numbers, and masquerading as blockchain developers on professional platforms like Upwork and LinkedIn. A notable incident on August 13 connected a fraudulent developer account to a $680,000 exploit of the Favrr project in June 2025.

The attackers have employed various methods, including phishing, fake job propositions, bribery, and infiltration of contractor networks, enabling them to compromise projects internally.

Escalating Incidents of Crypto Theft

Forensic data indicates that groups linked to North Korea were responsible for stealing over $1.3 billion through 47 incidents in 2024. The scenario worsened in 2025, with projected thefts reaching approximately $2.2 billion in the first half of the year alone.

Malware campaigns have also played a significant role. In June, Cisco Talos documented “PylangGhost,” a campaign that delivered malware through fake coding tests and interview platforms. This malware targeted more than 80 browser extensions and popular cryptocurrency wallets like MetaMask and Phantom.

Law enforcement agencies have taken action: US authorities seized $7.7 million linked to clandestine networks, and the FBI dismantled front companies such as Blocknovas LLC and Softglide LLC. The $21 million breach highlights the vulnerabilities even major firms face against state-sponsored hacking endeavors. It serves as a stark reminder: the Japanese crypto company SBI has lost $21 million in a suspected North Korean cyberattack.

Our Commitment to Quality Content

At bitcoinist, our editorial process is dedicated to producing content that is meticulously researched, accurate, and impartial. We adhere to strict sourcing protocols, and each article undergoes thorough evaluation by our team of leading technology experts and seasoned editors. This rigorous process guarantees the integrity, relevance, and worth of our content for our readers.

“`