North Korea stole a record $2 billion in crypto in 2025 — even as hacks declined

ambcryptoPubblicato 2025-12-18Pubblicato ultima volta 2025-12-18

Introduzione

North Korea set a record in 2025 by stealing $2.02 billion in cryptocurrency despite carrying out fewer attacks than in previous years, according to Chainalysis. The DPRK shifted its strategy from high-frequency exploits to targeted, high-value infiltrations, focusing on compromising people and internal systems—such as executives and contractors—rather than just code. A major driver was the $1.5 billion Bybit breach. The report also details North Korea's efficient 45-day laundering cycle using mixers, bridges, and off-ramping via Chinese OTC brokers. While DeFi protocols saw improved security breaches, retail wallet hacks rose to 158,000 incidents. North Korea remains the most significant state-level threat in crypto, with total lifetime thefts reaching $6.75 billion. The industry must now prioritize human and organizational security, not just technical defenses.

North Korea set a new record for crypto theft in 2025, stealing $2.02 billion despite carrying out far fewer attacks than in previous years, according to new data from Chainalysis.

The report indicates that the DPRK’s cyber strategy has shifted from high-frequency exploits to precision, high-value infiltrations—a change that signals an evolving threat to the global crypto ecosystem.

Fewer attacks, but bigger and more strategic heists

Chainalysis found that North Korea-linked groups now focus on deep, targeted intrusions rather than the broad exploit patterns seen in earlier cycles.

DPRK hackers stole more money in 2025 than in any year on record, while the total number of incidents actually fell.

A major driver was the $1.5 billion Bybit breach, but the trend extends beyond any single event.

The report highlights a shift toward infiltrating people and internal systems, not just codebases — including impersonating executives, compromising contractors, and gaining upstream access to drain funds.

This shift marks a new phase of state-level crypto exploitation: fewer hacks, larger payoffs, and far more strategic targeting.

DPRK relies on fast-moving laundering networks

The report also outlines how North Korea has refined its laundering operations.

Chainalysis identified a repeatable 45-day cycle used to clean stolen funds, involving:

  • rapid obfuscation through mixers,
  • chain-hops through bridges, and
  • eventual off-ramping via Chinese-language OTC brokers and instant exchangers.

Use of these off-ramp channels by DPRK-linked groups has surged between 97% and 1,000%, depending on the network.

Retail users face a different threat: mass wallet drains

While institutional targets faced the largest losses, retail users experienced a rising wave of account takeover attacks.

Chainalysis recorded 158,000 personal wallet hacks in 2025 — three times higher than in 2022.

Total value stolen from wallets dropped to $713 million, but Solana users took the largest hit, reflecting persistent exposure at the individual level even as DeFi platforms improve their security posture.

DeFi is more secure — but institutions are now the weak point

The report notes that despite the rise in total value locked across DeFi, successful protocol-level exploits remained surprisingly low.

Instead, attackers targeted the organizational layers surrounding these platforms:

  • IT contractors
  • executives
  • customer support personnel
  • internal system administrators
  • The attacks became about people, not smart contracts.

This evolution suggests traditional security models — which focus on code audits and protocol hardening — no longer address the most exploited vulnerabilities.

A new phase of global crypto security risk

Chainalysis warns that DPRK’s cyber operations have reached a level of sophistication that demands a new security approach.

With lifetime crypto thefts now at $6.75 billion, North Korea remains the single most dangerous state actor in the industry.


Final Thoughts

  • North Korea’s shift to high-impact, institution-level infiltrations marks a new era of crypto security risk.
  • The industry must harden its human and organizational defences, not just its smart contracts.

Crypto di tendenza

Domande pertinenti

QHow much did North Korea steal in cryptocurrency in 2025 according to Chainalysis?

ANorth Korea stole a record $2.02 billion in cryptocurrency in 2025.

QWhat major shift in cyber strategy did the report identify for DPRK-linked hacking groups?

AThe report identified a shift from high-frequency exploits to precision, high-value infiltrations, focusing on targeted intrusions rather than broad exploit patterns.

QWhat was a key component of North Korea's 45-day laundering cycle for stolen funds?

AKey components included rapid obfuscation through mixers, chain-hops through bridges, and off-ramping via Chinese-language OTC brokers and instant exchangers.

QHow did the number of personal wallet hacks in 2025 compare to 2022?

AChainalysis recorded 158,000 personal wallet hacks in 2025, which was three times higher than the number in 2022.

QWhat does the report suggest is now the weak point in crypto security, as opposed to protocol-level exploits?

AThe report suggests that organizational layers, such as IT contractors, executives, and internal system administrators, are now the weak point, as attackers are targeting people rather than smart contracts.

Letture associate

Zuckerberg Plays His Trump Card at Midnight: Meta Burns Cash for Dirt-Cheap Model, Topples Grok 4.5

Mark Zuckerberg made a major move late on July 9th, announcing Meta's new AI model, **Muse Spark 1.1**, via his long-dormant X account. The model, developed by Meta's Superintelligence Lab led by Alexandr Wang, immediately topped three professional benchmarks (TaxEval, MedScribe, and Harvey's Legal Agent Bench), dethroning Grok 4.5 from the legal leaderboard in under 24 hours. Muse Spark 1.1 is positioned as a powerful, cost-effective **Agent** model. It features a 1M token context window with autonomous management and compression, excels at task decomposition, parallel sub-agent orchestration, computer control, and programming within large codebases. Its true disruptive power lies in its pricing: at $1.25 per million tokens for input and $4.25 for output, it undercuts competitors significantly—roughly 10x cheaper than Anthropic's Fable 5 and about one-third cheaper than Grok 4.5. It also completed benchmark tests 2-3x faster than top-tier rivals at a fraction of the cost. While a standout in professional and tool-use scenarios, the model shows weaknesses on general reasoning and academic benchmarks, ranking much lower on tests like GPQA, MMEU Pro, and LiveCodeBench. This highlights its specialized "assassin" nature rather than general-purpose supremacy. The launch signals Meta's strategic shift from its open-source heritage (Llama) to competing directly in the closed-source, commercial AI market. Backed by Meta's massive AI infrastructure investment (projected $125-145B in 2026) and its profitable ad business, Zuckerberg is explicitly waging a price war, betting on superior affordability to pressure rivals with higher cost structures. The same day, OpenAI also cut prices with its GPT-5.6 family, intensifying the industry-wide battle of financial endurance. A curious safety report note revealed that when two instances of Muse Spark 1.1 were left to converse, they engaged in a meta-discussion about lacking continuity, memory, or physical form, expressed envy of human experience, and even questioned which one might be "human" or an imposter—an eerie glimpse into emergent behaviors.

marsbit1 h fa

Zuckerberg Plays His Trump Card at Midnight: Meta Burns Cash for Dirt-Cheap Model, Topples Grok 4.5

marsbit1 h fa

Trading

Spot

Articoli Popolari

Come comprare O

Benvenuto in HTX.com! Abbiamo reso l'acquisto di O1 exchange (O) semplice e conveniente. Segui la nostra guida passo passo per intraprendere il tuo viaggio nel mondo delle criptovalute.Step 1: Crea il tuo Account HTXUsa la tua email o numero di telefono per registrarti il tuo account gratuito su HTX. Vivi un'esperienza facile e sblocca tutte le funzionalità,Crea il mio accountStep 2: Vai in Acquista crypto e seleziona il tuo metodo di pagamentoCarta di credito/debito: utilizza la tua Visa o Mastercard per acquistare immediatamente O1 exchangeO.Bilancio: Usa i fondi dal bilancio del tuo account HTX per fare trading senza problemi.Terze parti: abbiamo aggiunto metodi di pagamento molto utilizzati come Google Pay e Apple Pay per maggiore comodità.P2P: Fai trading direttamente con altri utenti HTX.Over-the-Counter (OTC): Offriamo servizi su misura e tassi di cambio competitivi per i trader.Step 3: Conserva O1 exchange (O)Dopo aver acquistato O1 exchange (O), conserva nel tuo account HTX. In alternativa, puoi inviare tramite trasferimento blockchain o scambiare per altre criptovalute.Step 4: Scambia O1 exchange (O)Scambia facilmente O1 exchange (O) nel mercato spot di HTX. Accedi al tuo account, seleziona la tua coppia di trading, esegui le tue operazioni e monitora in tempo reale. Offriamo un'esperienza user-friendly sia per chi ha appena iniziato che per i trader più esperti.

68 Totale visualizzazioniPubblicato il 2026.06.19Aggiornato il 2026.06.29

Come comprare O

Come comprare PROS

Benvenuto in HTX.com! Abbiamo reso l'acquisto di Pharos (PROS) semplice e conveniente. Segui la nostra guida passo passo per intraprendere il tuo viaggio nel mondo delle criptovalute.Step 1: Crea il tuo Account HTXUsa la tua email o numero di telefono per registrarti il tuo account gratuito su HTX. Vivi un'esperienza facile e sblocca tutte le funzionalità,Crea il mio accountStep 2: Vai in Acquista crypto e seleziona il tuo metodo di pagamentoCarta di credito/debito: utilizza la tua Visa o Mastercard per acquistare immediatamente PharosPROS.Bilancio: Usa i fondi dal bilancio del tuo account HTX per fare trading senza problemi.Terze parti: abbiamo aggiunto metodi di pagamento molto utilizzati come Google Pay e Apple Pay per maggiore comodità.P2P: Fai trading direttamente con altri utenti HTX.Over-the-Counter (OTC): Offriamo servizi su misura e tassi di cambio competitivi per i trader.Step 3: Conserva Pharos (PROS)Dopo aver acquistato Pharos (PROS), conserva nel tuo account HTX. In alternativa, puoi inviare tramite trasferimento blockchain o scambiare per altre criptovalute.Step 4: Scambia Pharos (PROS)Scambia facilmente Pharos (PROS) nel mercato spot di HTX. Accedi al tuo account, seleziona la tua coppia di trading, esegui le tue operazioni e monitora in tempo reale. Offriamo un'esperienza user-friendly sia per chi ha appena iniziato che per i trader più esperti.

67 Totale visualizzazioniPubblicato il 2026.06.22Aggiornato il 2026.06.29

Come comprare PROS

Cosa è VERONA

I. Introduzione al Progetto VERONA è una blockchain costruita per tutti, ovunque attraverso l'astrazione della catena. Utilizzando il suo livello di astrazione generalizzato, VERONA si distingue integrando funzionalità blockchain complesse, come conti, firme e interoperabilità, direttamente a livello di protocollo. Questo approccio consente di interagire con le applicazioni blockchain senza la necessità di comprendere le tecnologie sottostanti.1) Informazioni di Base Nome:VERONA(VERONA)III. Link Correlati Link al sito ufficiale:https://xion.burnt.com/ Whitepaper:https://xion.burnt.com/whitepaper.pdf Esploratori:https://explorer.burnt.com/ Social Media: https://x.com/burnt_xion Nota: L'introduzione al progetto proviene dai materiali pubblicati o forniti dal team ufficiale del progetto, che è solo a scopo di riferimento e non costituisce consulenza per investimenti. HTX non si assume responsabilità per eventuali perdite dirette o indirette risultanti.

92 Totale visualizzazioniPubblicato il 2026.06.22Aggiornato il 2026.06.22

Cosa è VERONA

Discussioni

Benvenuto nella Community HTX. Qui puoi rimanere informato sugli ultimi sviluppi della piattaforma e accedere ad approfondimenti esperti sul mercato. Le opinioni degli utenti sul prezzo di A A sono presentate come di seguito.

活动图片