North Korean hackers had their biggest year yet for stealing cryptocurrencies in 2025.
Rogue regime-sponsored cyber attackers have taken more than $2.02 billion in crypto since January, according to the latest findings from blockchain analytics firm Chainalysis.
As of early December, Chainalysis’ report shows North Korean-backed thieves have stolen more than 50% more in crypto this year than in 2024, bringing their total identified haul from crypto theft since 2016 to $6.75 billion.
The findings are just the latest example of how the heavily sanctioned nation has exploited security vulnerabilities in the crypto world to create a significant source of income. As of 2019, national security officials for the United States and the UN have stated that funds stolen from these affiliated hacker groups support North Korea’s nuclear weapons and missile programs.
“The reality is that cryptocurrency, because of its 24/7 global access, creates a unique value proposition for the regime to target,” said Chainalysis’ head of national security intelligence Andrew Fierman.
The crypto industry saw $3.4 billion in thefts in 2025 through early December, according to Chainalysis. Most came from a single breach in late February, when Dubai-based exchange Bybit suffered a $1.5 billion theft at the hands of North Korean-affiliated hackers. In terms of stolen funds, it was the largest in the industry ever.
Crypto heists have become “the easiest way for DPRK cyber actors to finance their regime,” said Eun Young Choi, an attorney at Arnold & Porter and a former federal prosecutor with experience investigating cyber attacks.
Read more: How to navigate a crypto meltdown
Not only have hackers become more sophisticated in the way they steal and launder proceeds, according to Choi, but they have also benefited from the crypto industry’s growth in value and adoption, which has created more opportunities and reasons to exploit potential cyber vulnerabilities.
After this year’s Bybit heist, hackers laundered stolen funds using a complex web of maneuvers, including moving assets across multiple digital wallets and blockchains, and channeled some of the funds through decentralized finance (DeFi) apps.
Earlier this week, Senator Elizabeth Warren, the top Democrat on the Senate Banking Committee, sent a letter to the US Department of Treasury and Justice demanding an investigation into how North Korean hackers and other illicit actors are using decentralized financial protocols to fund the regime.
And while digital asset prices have fallen in recent weeks, the industry has realized a number of victories on the policy front this year as the Trump administration has pushed to make the United States the “crypto capital of the world.”