When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works .
(Image credit: Getty Images ) Share Share by: Copy link Facebook X Whatsapp Reddit Flipboard Share this article Join the conversation Follow us Add us as a preferred source on Google North Korean hackers have hit an infernal milestone of stealing $2.02 billion of crypto in 2025, which is nearly 60% of the total $3.4 billion reported crypto thefts this year. According to Chainalysis , the rogue state has stolen a total of $6.75 billion in cryptocurrency since records began — at least in known value. The biggest loss of the year was the $1.5 billion ByBit hack , with the FBI saying that it was executed by actors from the Democratic People’s Republic of Korea (DPRK), accounting for almost 75% of the amount stolen by the country.
The DPRK is using operations like this to fund its coffers, especially as it still reels from international sanctions. One of North Korea’s techniques for breaking into crypto systems is to have its operatives pose as IT professionals and embed them among the employees of its potential targets. Aside from making money for the regime, like the infiltrator who was caught by Amazon because of the latency of their keystrokes , they also prepare the way for the attack, gaining privileged access and looking for vulnerabilities.
The DPRK has also started posting fake crypto jobs that require applicants to unknowingly install malware on their systems that exfiltrates data from the target, including credentials, source code, and SSO access, among others, from their current employer. Alongside this, DPRK hackers are also targeting senior executives with purported buyout offers. They then use their supposed due diligence actions to scan for security weaknesses and system information to compromise their wallets.
North Korean state-sponsored hackers slip unremovable malware inside blockchain to steal cryptocurrency
South Korean crypto exchange Upbit reports $30 million theft
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cryptocurrency/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cryptocurrency/north-korean-hackers-steal-a-record-usd2-billion-in-crypto-in-2025-including-single-heist-worth-usd1-5-billion-report-claims-rogue-state-accounts-for-60-percent-of-all-reported-crypto-thefts-this-year-usd6-75-billion-total-since-records-began#main
- https://www.tomshardware.com
- Devastated PC builder orders DDR5 RAM from Amazon, receives DDR2 and some weights — counterfeit 32GB kit a worrying sign of rising return and sales fraud
- Rapidus explores panel-level packaging on glass substrates for next-generation processors — aggressive plan would help it leapfrog rivals
- NVIDIA Acquires Open-Source Workload Management Provider SchedMD
- NVIDIA Awards up to $60,000 Research Fellowships to PhD Students
- Intel installs industry's first commercial High-NA EUV lithography tool — ASML Twinscan EXE:5200B sets the stage for 14A
Informational only. No financial advice. Do your own research.