**North Korean Hackers Steal Record $2 Billion in Crypto in 2025**
The North Korean hacking syndicate has reached a new height of infamy by stealing an unprecedented $2.02 billion worth of cryptocurrency in 2025, accounting for nearly 60% of the total reported crypto thefts this year, valued at $3.4 billion.
According to Chainalysis, the rogue state's hackers have made off with a staggering $6.75 billion in cryptocurrency since records began – and that's just the known value. The largest heist of 2025 was the whopping $1.5 billion ByBit hack, which was masterminded by actors from the Democratic People's Republic of Korea (DPRK), responsible for almost three-quarters of the country's total crypto loot.
Experts point out that North Korea is using these hacking operations to fund its regime, particularly as it continues to reel from international sanctions. The DPRK's tactics are becoming increasingly sophisticated, with operatives posing as IT professionals and infiltrating their targets' organizations. Once embedded, they gain privileged access and scan for vulnerabilities, making the attack even more devastating.
One of the most insidious techniques employed by North Korean hackers is to post fake crypto job ads that require applicants to unknowingly install malware on their systems. This allows the attackers to exfiltrate sensitive data, including credentials, source code, and SSO access from the target's current employer. They also target senior executives with phony buyout offers, using their supposed due diligence actions to scan for security weaknesses and system information to compromise their wallets.
Despite a decline in decentralized finance (DeFi) protocol losses due to hacks compared to the total value stored on the blockchain, Chainalysis notes that this is likely due to platforms implementing more robust security measures. Attackers are instead opting for softer targets like exchanges, custodians, and even personal wallets.
However, the sophistication of North Korean hackers means that even though they're executing fewer attacks, these can be far more damaging, resulting in larger losses. This trend was evident in 2025, where their hackers stole 51% more despite having 74% fewer known attacks. As a result, institutions must remain vigilant, as the DPRK appears to be targeting bigger fish in the coming year.
As the North Korean hacking syndicate continues to wreak havoc on the cryptocurrency landscape, it's essential for organizations and individuals alike to stay informed and proactive in their security measures. By understanding the tactics employed by these sophisticated hackers, we can better protect ourselves against these types of attacks and prevent further financial losses.
**About the Author**
Jowi Morales is a tech enthusiast with years of experience working in the industry. He's been writing for several tech publications since 2021, where he's developed a passion for tech hardware and consumer electronics. Follow Tom's Hardware on Google News or add us as a preferred source to get our latest news, analysis, and reviews delivered straight to your feeds.