This year, hackers with North Korean support have taken over $2 billion worth of cryptocurrency, according to blockchain analytics company Elliptic.
The amount, according to a report released on the company’s website on Tuesday, was the consequence of over 30 breaches and was “the largest annual total on record, with three months still to go.”
This year’s record haul was fueled by the North’s state-sponsored Lazarus Group stealing around $1.5 billion in virtual assets from cryptocurrency exchange Bybit, which has been called the largest robbery in history.
In 2025, North Korea has also been openly blamed for other hacks, including as the July $14 million theft of nine users’ tokens from the cryptocurrency exchange WOO X and the September $1.2 million theft of tokens from the blockchain fundraising site Seedify.
In recent years, North Korea has increasingly used hacking and cybertheft to finance its missile and nuclear programs, despite still being subject to strict international sanctions.
In an annual report last year, the now-dissolved Panel of Experts of the U.N. Security Council estimated that Pyongyang finances 40 percent of its weapons programs through “illicit cybermeans.”
North Korea has stolen about $6 billion worth of cryptoassets since 2017, according to Elliptic, however the real amount may be more.
The report stated, “We are aware of numerous other thefts that share some of the characteristics of North Korea-linked activity, but lack sufficient evidence to be definitively attributed.” There are probably more thefts that go unreported and undiscovered.
Elliptic pointed out that North Korean hackers are changing their strategies. While previous assaults concentrated on taking advantage of weaknesses in crypto infrastructure, most hacks in 2025 have been carried out by “social engineering”—the practice of tricking or manipulating people into giving up their digital assets.
According to the research, this trend demonstrates that the weak spot in cryptocurrency security is becoming more human than technological.
