DPRK hackers stole $1,6 billion worth of cryptocurrencies in 2025
The total amount of losses in the reporting period amounted to a record $2,1 billion
27.06.2025 - 16:15
573
3 min
0
What’s new? Crypto investors lost more than $2,1 billion due to hacks and exploits of trading platforms in the first half of the year, the worst result in the industry’s history. In terms of total damage, the 75 reported incidents exceeded the previous high of the first half of 2022 by 10% and nearly equaled the total for the entire year 2024, according to the TRM Labs report.
What else is known? Researchers say North Korea-linked hacker groups are responsible for $1,6 billion in cryptocurrency theft, accounting for 70% of the total loss since the beginning of the year.
The largest incident not only this year, but also in the entire history of the crypto industry was the February hack of the centralized crypto exchange Bybit by Beng Zhou for $1,5 billion, which is attributed to hackers from North Korea.
Hackers from the DPRK laundered $1,5 billion in a year
The funds were stolen from centralized crypto exchanges
However, crypto projects are threatened not only by the DPRK authorities. On June 18, the pro-Israeli group Gonjeshke Darande stole $90 million from Iranian exchange Nobitex, presumably in retaliation for the platform’s help in evading sanctions.
The stolen funds were sent to addresses with no opportunity to spend the funds, effectively burning them, which speaks in favor of a political motive rather than a desire to make a profit.
US Justice Department has filed a lawsuit to seize the proceeds of blockchain developers from the DPRK
In question is the amount of $7,74 million frozen as a result of the 2023 investigation
The report’s authors also write that more than 80% of the stolen funds came from infrastructure-level breaches, including private key theft and interface hacks.
These attacks, which often involve social engineering or insider access, are proving to be ten times more lucrative than traditional smart contract exploits.
The share of damage from DeFi protocol exploits, including instant loans and re-entry attacks that were prevalent between 2021 and 2022, accounted for only 12% of the total.
Useful material?
Telegram 
Twitter Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Cryptocurrency rates
-
Bitcoin
$59 900
BTC
-0.37%
-
Ethereum
$1 578.11
ETH
+0.39%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.05
XRP
+0.09%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.073023
DOGE
-1.43%
-
Zcash
$380.87
ZEC
-4.03%
-
Stellar XLM
$0.172791
XLM
-0.13%
-
Cardano
$0.144671
ADA
-0.21%
-
Polkadot
$3.32
DOT
+5.27%