North Korean Hackers Seize $1.5B in Record Crypto Heist Year
KO YONG-CHUL Reporter
korocamia@naver.com | 2025-12-21 20:54:10
(C) Techradar
SEOUL — Global cryptocurrency losses from hacking have reached a staggering $2.7 billion (approx. 3.99 trillion KRW) in 2025, with North Korean state-sponsored actors identified as the perpetrators behind more than half of the total stolen value. According to a year-end report by blockchain intelligence firm TRM Labs, Pyongyang has evolved its tactics from targeting decentralized protocols to launching massive strikes against centralized exchanges (CEX).
The Pivot to Centralized Exchanges
The report highlights a strategic shift in North Korea’s cyber-warfare. While previous years focused on the vulnerabilities of Decentralized Finance (DeFi), the 2025 data shows a "whale-hunting" approach. The most prominent example occurred in February, when the cryptocurrency exchange Bybit was compromised, resulting in a $1.5 billion loss in a single breach. This incident alone accounts for a significant portion of the year’s total damages.
Sophisticated "Code to Custody" Tactics
The methods employed by North Korean hackers have reached new levels of sophistication. Investigators described a "Code to Custody" strategy, where hackers pose as recruiters or investors on professional platforms. By offering fake job opportunities or lucrative investment deals to exchange developers, they deploy malware-laden files to gain entry into the internal systems of major trading platforms.
The "Chinese Laundromat" Network
As international sanctions have tightened around traditional "mixing" services, North Korea has increasingly relied on what experts call the "Chinese Laundromat." This industrialized underground financial network consists of:
OTC Brokers: Over-the-counter traders who convert crypto to fiat.
Underground Bankers: Middlemen facilitating large-scale transfers across borders.
Shell Companies: Using trade-based money laundering to funnel funds back into North Korean weapon programs.
"North Korea’s hacking is no longer a series of isolated incidents; it is a highly specialized, state-level operation with clear strategic goals," said Chris Wong, a former FBI agent and current investigator at TRM Labs. He emphasized that global cooperation and real-time tracking are now more critical than ever to disrupt these illicit financial flows.
WEEKLY HOT
- 1The 'Black Hands' Reaching Media, Politics, and Culture… The Reality of Cult Encroachment on Society
- 2S. Korea’s AI Landscape: 3 in 4 Citizens Now Using AI as Google’s Gemini Chases ChatGPT’s Lead
- 3NewJeans Hits Another Milestone: ‘Super Shy’ Surpasses 800 Million Streams on Spotify
- 4Beyond Numbers to Humanity: The Structural Trap of South Korea's Low Birth Rate
- 5Shinsegae Simon Transforms Premium Outlets into a Magical "Winter Wonderland"
- 6Denmark Ends 400-Year Era of Mail Delivery Amid Digital Revolution