North Korean hackers have stolen over $2 billion in cryptocurrency this year, shattering all previous records with three months still remaining, according to blockchain monitoring firm Elliptic. The figure represents a 48% jump from 2022's previous record of $1.35 billion, highlighting the regime's escalating cyber warfare capabilities and growing reliance on stolen crypto to fund its nuclear weapons program.
North Korean state-sponsored hackers just rewrote the playbook for cryptocurrency theft, and the numbers are staggering. Elliptic, the blockchain analysis firm tracking these digital heists, dropped a bombshell Tuesday - the Democratic People's Republic of Korea has already stolen over $2 billion in crypto this year, crushing their previous 2022 record of $1.35 billion with a full quarter left on the clock.
The scale is unprecedented, even by North Korean standards. Elliptic's researchers identified more than 30 separate attacks throughout 2025, painting a picture of an operation that's become both more aggressive and more sophisticated. "The actual figure may be even higher," the firm warned in its latest report. "Attributing cyber thefts to North Korea is not an exact science."
What's driving this surge? The single biggest factor was February's devastating attack on cryptocurrency exchange Bybit, which lost over $1.4 billion in what the FBI later confirmed was a North Korean operation. That one hack alone accounts for roughly 70% of this year's total, demonstrating how a single successful attack can reshape the entire landscape.
But there's something more troubling buried in Elliptic's data - North Korean hackers are changing their methods. Gone are the days when they primarily exploited technical vulnerabilities in blockchain infrastructure. "The majority of the hacks in 2025 have been perpetrated through social engineering attacks," Elliptic noted, "where hackers deceive or manipulate individuals in order to gain access to cryptocurrency."
This tactical shift represents a fundamental change in how these state-sponsored groups operate. Instead of hunting for code vulnerabilities, they're targeting the human element - the employees, executives, and high-net-worth individuals who control access to massive crypto reserves. It's a strategy that's proving devastatingly effective.
The broader context makes these numbers even more alarming. Since 2017, North Korean hackers have stolen at least $6 billion in cryptocurrency, according to Elliptic's tracking. The United Nations Security Council estimated $3 billion in thefts between 2017 and 2023, while governments of Japan, South Korea, and the United States pegged 2024's total at over $659 million.
