Straitstimes.com header logo

North Korea stole $2.57b of crypto in 2025, report says

Sign up now: Get insights on Asia's fast-moving developments

A sharp jump from 2024 underscores North Korea’s growing ability to pull off massive heists.

A sharp jump from 2024 underscores North Korea’s growing ability to pull off massive heists.

PHOTO ILLUSTRATION: LIANHE ZAOBAO

Follow topic:
  • North Korean hackers stole a record US$2 billion in crypto in 2025, a 50% increase from 2024, funding weapons programmes.
  • A US$1.5 billion heist from Bybit in February accounted for a large part of the total, using embedded IT workers.
  • North Korea employs sophisticated laundering techniques to process stolen crypto, structuring payments to avoid detection.

AI generated

North Korean hackers stole a record US$2 billion (S$2.57 billion) of crypto in 2025, researchers said, a sharp jump from 2024 that underscores the country’s growing ability to pull off massive heists.

Much of the total comes from the

largest digital heist in the history of cryptocurrency in February

, when North Korean hackers took US$1.5 billion from the Bybit crypto exchange, according to a report from blockchain analytics company Chainalysis. That incident helped boost the country’s estimated crypto spoils to at least US$6.75 billion since the records began, the research group said.

North Korea “continues to pose the most significant nation-state threat to cryptocurrency security”, the report said. Its haul from crypto theft rose more than 50 per cent from 2024, the research showed, accounting for the lion’s share of the estimated US$3.4 billion in theft the cryptocurrency industry witnessed from January through early December.

Though there were fewer known heists by North Korea in 2025, the country’s practice of embedding IT workers inside crypto services to gain privileged access helped Pyongyang gain high-impact compromises, researchers said.

“Stealing crypto has become a lucrative mechanism to fund North Korea,” Andrew Fierman, the head of national security intelligence for Chainalysis, told Bloomberg News in an email. “As a result, the proceeds from these hacks bolster the regime and their weapons of mass destruction program.”

Chainalysis said the massive influx of stolen funds in early 2025 gave researchers an unprecedented view into how North Korean hackers launder big sums of crypto. They use sophisticated techniques, including structuring “on-chain payments in smaller tranches,” meaning they are less likely to be flagged as suspicious.

In November, South Korea’s leading crypto exchange Upbit said it was hit by thieves who transferred about US$30 million worth of digital assets just a day after the company unveiled a takeover by Naver. Korean media reported that North Korean hacking group Lazarus was suspected to be behind the heist. BLOOMBERG

More on this topic
North Korea using crypto, IT workers to dodge UN sanctions: Report
Why are North Korean hackers such good crypto thieves?
See more on

E-paper

Newsletters

Podcasts

RSS Feed

About Us

Terms & Conditions

Privacy Policy

Need help? Reach us here.

Advertise with us

Download the app

Get unlimited access to exclusive stories and incisive insights from the ST newsroom
Subscribe Placeholder
MDDI (P) 046/10/2025. Published by SPH Media Limited, Co. Regn. No.202120748H. Copyright © 2025 SPH Media Limited. All rights reserved.