In 2025, North Korean hackers stole cryptocurrency assets worth over $2 billion, marking a record annual figure in history. According to the analytics company Elliptic, this amount is nearly three times higher than the level in 2024, when total losses were less than $700 million, and the previous peak in 2022 was $1.35 billion.
This is reported by Business • Media
Changing Attack Tactics: Social Engineering Takes Center Stage
Experts emphasize that in 2025, hacker groups from North Korea increasingly targeted private investors, using social engineering to gain access to cryptocurrency wallets. Instead of complex technical exploits, the attackers focus on psychological deception methods.
“This indicates that the weakest link in the security infrastructure is the human element, not the software code,” the experts noted.
Complex Money Laundering Schemes and Growing Scale of Attacks
Overall, Elliptic recorded over 30 incidents related to North Korean hackers in 2025. Among the largest victims are major cryptocurrency exchanges and platforms such as Bybit, LND.fi, WOO X, and Seedify. The total amount of funds stolen by North Korean attackers has already exceeded $6 billion.
In light of the increasing effectiveness of analytical tools for tracking asset movements on the blockchain, hackers are continuously improving their money laundering methods. In particular, they employ multi-stage asset mixing, transactions between different blockchains, as well as lesser-known networks with low analytical capabilities, which significantly complicates the tracking of stolen cryptocurrencies.
- multi-stage asset mixing;
- transactions between different blockchains;
- lesser-known networks with low analytical capabilities;
- and other methods of covering their tracks.
It is worth noting that in September 2025 alone, crypto projects lost over $127 million due to hacker attacks, further highlighting the growing threat to the digital asset industry.