Unprecedented Cryptocurrency Heist: North Korea’s Record-Breaking Year in 2025

In a series of ground-shaking cyber incidents, hacking groups linked to North Korea have managed to capture the global spotlight by setting new records in cryptocurrency theft for the year 2025. According to insights from blockchain analytics leader Elliptic, this year has witnessed an unparalleled surge in these cyber operations, resulting in billions of dollars in digital currencies being illicitly acquired.

North Korea’s Unmatched Crypto Theft in 2025

On October 7, a revealing blog post by Elliptic announced that hackers from North Korea have successfully expropriated over $2 billion in crypto assets in 2025 alone. This staggering figure marks the largest annual total recorded to date, with the year still not over. This significant milestone elevates the cumulative known crypto thefts by the regime to an excess of $6 billion, highlighting the extent to which cybercrime is now a cornerstone of North Korea’s economic strategy.

Advertisement Banner

The previously set theft record of $1.35 billion in 2022 now seems modest compared to the current year’s achievements. The audacity and magnitude of North Korea’s cybercriminal activities have reached new heights. Reports from the United Nations and intelligence agencies indicate that these stolen assets are likely funding North Korea’s nuclear and missile programs, providing vital resources to one of the world’s most sanctioned economies.

However, the actual scope of these thefts might be greater, as Elliptic indicates that not all incidents can be conclusively linked to Pyongyang. Blockchain forensic experts use a mix of advanced analytics, pattern recognition, and intelligence gathering to attribute attacks. Yet, the covert nature of these cyber operations means numerous thefts remain unreported and unattributed. Nonetheless, confirmed cases already point to a worrying increase in both the frequency and sophistication of North Korea’s crypto heists.

This year’s unprecedented total was significantly influenced by the February hack of the Bybit crypto exchange, which alone saw $1.46 billion in assets stolen—the largest single crypto theft of 2025. Other notable victims include LND.fi, WOO X, and Seedify, along with more than thirty other hacks attributed to North Korea by Elliptic.

Human Vulnerability: A New Security Challenge

While major crypto exchanges continue to be prime targets, 2025 has seen a marked increase in attacks on affluent individuals, Elliptic reports. With the cryptocurrency market flourishing and personal digital wallets swelling in value, wealthy individuals present attractive targets. Often, these individuals lack the stringent cybersecurity measures typically employed by exchanges. In some cases, hackers target them due to their connections to crypto firms, which could potentially offer access to larger reserves of funds.

Elliptic’s analysis also highlights a strategic shift in North Korea’s cyber tactics. This year, the majority of thefts were executed using social engineering scams—a method that manipulates individuals rather than exploiting software vulnerabilities. By deceiving victims into revealing private keys, credentials, or recovery phrases, these hackers demonstrate that human error has become the primary weak link in cryptocurrency security.

The Editorial Process

The editorial approach at Bitcoinist is dedicated to providing meticulously researched, accurate, and impartial content. Maintaining strict sourcing standards, every article is rigorously reviewed by our team of leading technology experts and experienced editors. This process guarantees the accuracy, relevance, and worth of our content for our readership.