PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

North Korean Hackers Have Already Stolen Over $2 Billion in Crypto This Year

It’s the biggest North Korean crypto haul in a single year. Hackers are also increasingly targeting individual users.

Michael Kan
 & Michael Kan Principal Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS
(Credit: Tatevrika via Getty Images)

The year isn't even over, but North Korean hackers have already stolen an estimated $2 billion+ in cryptocurrency in 2025, a record-breaking haul. 

This is the most North Korean hackers have ever looted in a single year, according to blockchain tracking firm Elliptic. “This brings the cumulative known value of cryptoassets stolen by the [North Korean] regime to more than $6 billion,” it says. 

This year in particular, North Korean hackers made a killing by stealing over $1.4 billion from the Bybit exchange in February, what’s become the largest crypto heist in history. To do so, hackers first infiltrated a digit wallet provider, which paved a way for them to compromise an offline “cold wallet” at the Bybit exchange that held 400,000 Ethereum coins.

(Credit: Elliptic)

Although the suspected North Koreans managed to loot the cryptocurrency, Bybit reported in April that about 68% of the funds remained traceable, suggesting the North Koreans were only able to cash out part of their earnings. 

Recommended by Our Editors

Google Will Soon Spot Fake Calls on Supported Android Phones
Google Will Soon Spot Fake Calls on Supported Android Phones
Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders
Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders
Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts
Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts

Elliptic adds: “Other thefts publicly attributed to North Korea in 2025 include those suffered by LND.fi, WOO X and Seedify. Elliptic has attributed more than thirty additional hacks to North Korea so far this year.” Chainalysis, another blockchain tracking firm, has also pegged the losses to the North Koreans hackers at $2.17 billion for this year so far. 

The ongoing heists show the North Korean government continues to exploit cryptocurrrency to generate funds for the regime, despite strict sanctions against the country. Back in 2019, a confidential United Nations report also estimated North Korean state-sponsored hackers had already stolen $2 billion to help fund the country’s nuclear weapons program. 

Both Elliptic and Chainalysis supply blockchain tracking to help law enforcement crack down on illegal cryptocurrency transactions. Still, the companies warn that North Korean hackers have also been targeting “high-net-worth individuals” rather than merely preying on cryptocurrency exchanges and blockchain-related firms. 

hackers are using social engineering schemes, such as phishing attacks to impersonate companies and trick users into installing malware. “Personal wallet compromises now represent a growing share of total ecosystem theft, with attackers increasingly targeting individual users, making up 23.35% of all stolen fund activity YTD in 2025,” Chainalysis added.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter

My Experience

I've been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I'm currently based in San Francisco, but previously spent over five years in China, covering the country's technology sector.

Since 2020, I've covered the launch and explosive growth of SpaceX's Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I've combed through FCC filings for the latest news and driven to remote corners of California to test Starlink's cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I'm now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I'm always eager to learn more, so please jump in the comments with feedback and send me tips.

The Best Tech I've Had:

  • My first video game console: a Nintendo Famicom
  • I loved my Sega Saturn despite PlayStation's popularity.
  • The iPod Video I received as a gift in college
  • Xbox 360 FTW
  • The Galaxy Nexus was the first smartphone I was proud to own.
  • The PC desktop I built in 2013, which still works to this day.

Read the latest from Michael Kan

Read full bio