North Korean hackers have stolen more than $2 billion in cryptocurrency so far in 2025. According to data published on October 7 by the blockchain analytics firm Elliptic, this figure is the highest recorded in a single year, with three months still remaining. For comparison, the total in 2022 was $1.35 billion.
Based on Elliptic’s calculations, the total amount of crypto assets seized by the North Korean regime since 2017 is $6 billion. According to the United Nations (UN), the Kim Jong Un regime uses these stolen funds to finance its nuclear weapons program, bypassing international sanctions.
Experts report significant changes in the hackers’ strategy. While previous attacks mainly exploited technical vulnerabilities in blockchain platforms, the majority of thefts in 2025 were carried out through social engineering attacks. This means that cybercriminals are increasingly targeting organizational staff to gain access to cryptocurrency, demonstrating once again that the weakest link in crypto security is not the technology itself, but human factors.
A major role in this year’s record theft was played by the mass heist at the Bybit crypto exchange. Attributed to North Korea by several authorities, including the Federal Bureau of Investigation (FBI), this attack resulted in the seizure of more than $1.4 billion.
