BTC$78,205 1.16%ETH$2,180 1.83%SOL$86.70 2.90%BNB$656.67 2.53%XRP$1.42 1.38%ADA$0.2554 2.15%DOT$1.27 3.00%LINK$9.76 2.89%BTC$78,205 1.16%ETH$2,180 1.83%SOL$86.70 2.90%BNB$656.67 2.53%XRP$1.42 1.38%ADA$0.2554 2.15%DOT$1.27 3.00%LINK$9.76 2.89%
FinCNews
Crypto·2 min read··3d ago

North Korea Linked to $2.06B in Crypto Thefts During 2025

CertiK's Skynet report reveals North Korea-linked hackers stole approximately $2.06 billion of the $3.4 billion lost in crypto hacks during 2025, representing 60% of total losses. The stolen funds reportedly support the regime's nuclear and ballistic missile programs.

FC

FinCNews Editorial

View source
Share:TelegramX
North Korea Linked to $2.06B in Crypto Thefts During 2025

North Korea-linked hackers orchestrated a sophisticated campaign that netted approximately $2.06 billion in cryptocurrency during 2025, accounting for roughly 60% of the $3.4 billion total lost to crypto security breaches that year, according to CertiK's latest Skynet report released on May 12, 2026.

The analysis documented 79 incidents attributed to Democratic People's Republic of Korea (DPRK)-linked actors out of 656 total crypto hacking incidents tracked throughout 2025. CertiK's findings indicate the country has industrialized its approach to cryptocurrency theft, escalating tactics from traditional phishing methods to physical infiltration of target organizations.

The stolen proceeds serve as a critical revenue stream for the North Korean regime, funding its nuclear weapons development and ballistic missile programs. This growing reliance on digital asset theft underscores how cryptocurrency has become integral to DPRK's strategy for circumventing international sanctions and generating hard currency.

CertiK's broader analysis spanning 2016 through early 2026 attributes an estimated $6.75 billion in total cryptocurrency theft to DPRK-linked threat actors over this decade-long period. The escalation in both volume and sophistication of attacks suggests North Korea views crypto theft as a state-sponsored enterprise rather than isolated criminal activity.

The shift from phishing to physical infiltration represents a concerning evolution in attack methodology. Rather than relying solely on social engineering and digital exploits, North Korean operatives are increasingly targeting cryptocurrency exchange employees and infrastructure directly, reducing dependency on purely technical vulnerabilities.

This activity presents significant systemic risks to the cryptocurrency ecosystem, forcing exchanges and custodians to continuously upgrade security protocols and employee vetting procedures. The scale of losses—representing over one-third of all documented 2025 crypto hack losses—demonstrates North Korea's capacity to operate sophisticated, well-resourced hacking operations on a sustained basis.

Industry security professionals should prioritize physical security measures alongside digital defenses, implement advanced employee security training focused on infiltration tactics, and maintain enhanced monitoring for suspicious fund movements that could indicate DPRK-linked laundering activity.

This is not financial advice.

Topics:#North Korea#crypto hacks#cybersecurity#money laundering

Share this story

Share:TelegramX

Disclaimer: This article is AI-assisted and for informational purposes only. Nothing published on FinCNews constitutes financial advice, investment recommendation or solicitation. Cryptocurrency markets are highly volatile. Always conduct your own research and consult a qualified financial advisor before making investment decisions. About our editorial standards →