The year isn’t even over, but North Korean hackers have already stolen an estimated $2 billion+ in cryptocurrency in 2025, a record-breaking haul.
This is the most North Korean hackers have ever looted in a single year, according to blockchain tracking firm Elliptic. “This brings the cumulative known value of cryptoassets stolen by the [North Korean] regime to more than $6 billion,” it says.
This year in particular, North Korean hackers made a killing by stealing over $1.4 billion from the Bybit exchange in February, what’s become the largest crypto heist in history. To do so, hackers first infiltrated a digit wallet provider, which paved a way for them to compromise an offline “cold wallet” at the Bybit exchange that held 400,000 Ethereum coins.
(Credit: Elliptic)
Although the suspected North Koreans managed to loot the cryptocurrency, Bybit reported in April that about 68% of the funds remained traceable, suggesting the North Koreans were only able to cash out part of their earnings.
Elliptic adds: “Other thefts publicly attributed to North Korea in 2025 include those suffered by LND.fi, WOO X and Seedify. Elliptic has attributed more than thirty additional hacks to North Korea so far this year.” Chainalysis, another blockchain tracking firm, has also pegged the losses to the North Koreans hackers at $2.17 billion for this year so far.
The ongoing heists show the North Korean government continues to exploit cryptocurrrency to generate funds for the regime, despite strict sanctions against the country. Back in 2019, a confidential United Nations report also estimated North Korean state-sponsored hackers had already stolen $2 billion to help fund the country’s nuclear weapons program.
Recommended by Our Editors
Both Elliptic and Chainalysis supply blockchain tracking to help law enforcement crack down on illegal cryptocurrency transactions. Still, the companies warn that North Korean hackers have also been targeting “high-net-worth individuals” rather than merely preying on cryptocurrency exchanges and blockchain-related firms.
hackers are using social engineering schemes, such as phishing attacks to impersonate companies and trick users into installing malware. “Personal wallet compromises now represent a growing share of total ecosystem theft, with attackers increasingly targeting individual users, making up 23.35% of all stolen fund activity YTD in 2025,” Chainalysis added.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
About Our Expert
Michael Kan
Senior Reporter
Experience
I’ve been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I’m currently based in San Francisco, but previously spent over five years in China, covering the country’s technology sector.
Since 2020, I’ve covered the launch and explosive growth of SpaceX’s Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I’ve combed through FCC filings for the latest news and driven to remote corners of California to test Starlink’s cellular service.
I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. Earlier this year, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.
I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I’m now following how President Trump’s tariffs will affect the industry. I’m always eager to learn more, so please jump in the comments with feedback and send me tips.
Read Full Bio
