Particle.news
Download on the App Store
16 ARTICLES
·
yesterday

North Korea-Linked Hacks Drove Record $2.02 Billion in Crypto Theft in 2025

Investigators say state-backed crews pivoted to insider-enabled breaches and a consistent 45-day laundering cycle through Chinese-language networks.

North Korea stole a record $2 billion in crypto in 2025 — even as hacks declined
Kim Jong Un, the Supreme Leader of North Korea.
A North Korean flag flies over its embassy in Moscow, Russia, on Oct. 31, 2024.
Image

Overview

  • DPRK-linked actors stole about $2.02 billion, roughly 59–60% of the $3.4 billion in global crypto theft tallied this year, Chainalysis reported.
  • The single biggest hit was Bybit’s roughly $1.5 billion breach in February, which U.S. authorities attributed to North Korean hackers.
  • Attack patterns shifted to fewer but larger strikes on centralized services, with DPRK-linked groups responsible for a record 76% of service-level compromises.
  • Operations increasingly relied on embedded IT workers and recruiter ruses; the Justice Department secured a 15-month sentence for a Maryland man who enabled such hiring schemes.
  • Laundering typically unfolded over about 45 days using cross-chain bridges, mixers, and Chinese-language OTC and guarantee services, while personal wallet compromises surged to 158,000 incidents even as losses to individuals fell to $713 million.