North Korea has again rewritten the record books in global cybercrime, with state-linked hackers stealing an estimated Rs. 2.02 billion in cryptocurrency during 2025, according to new research. The figure surpasses the country’s previous annual high and underscores the growing scale and sophistication of its digital theft operations. Investigators say the proceeds are funneled through complex laundering networks and are widely believed to support Pyongyang’s weapons programs amid heavy international sanctions. The surge highlights persistent vulnerabilities in the crypto ecosystem and the difficulty governments face in deterring a highly isolated state from exploiting digital finance.
Record-Breaking Year for State-Linked Crypto Theft
For the second consecutive year, North Korea has eclipsed its own record for cryptocurrency theft. New research indicates that hacking groups tied to the country stole Rs. 2.02 billion worth of digital assets in 2025, up sharply from the previous record of Rs. 1.3 billion.
This latest surge brings the estimated cumulative value of cryptocurrency stolen by North Korean-linked actors to roughly Rs. 6.75 billion. Globally, total crypto theft during the year climbed to Rs. 3.4 billion, underscoring the disproportionate role attributed to Pyongyang’s operations.
Major Exchange Breach Amplifies Losses
A significant share of the year’s losses stemmed from a high-profile breach at a Dubai-based cryptocurrency exchange earlier in the year. Hackers linked to North Korea’s elite government cyber unit allegedly stole about Rs. 1.5 billion, largely in ethereum, according to statements from company leadership.
U.S. law enforcement agencies have attributed the operation to state-backed actors, reinforcing long-standing concerns that North Korea’s hacking campaigns are centrally directed rather than the work of independent criminal groups.
Tracking the Money Through the Blockchain
The findings were compiled by blockchain analytics specialists who monitor cryptocurrency flows and trace stolen assets as they move through laundering channels. Such firms play an increasingly critical role in identifying patterns of illicit finance, even as hackers employ more advanced obfuscation techniques.
Despite improvements in monitoring, analysts note that once private keys are compromised, digital assets can be transferred almost instantly and irreversibly, limiting the ability of victims to recover funds.
Sanctions Pressure and Strategic Motivation
International bodies and independent researchers have long accused North Korea of using cyber theft to offset the economic pressure of global sanctions. With limited access to traditional financial systems, cryptocurrency offers a scalable and relatively efficient alternative source of funding.
Security experts argue that this strategic
motivation explains the persistence of the activity. With few diplomatic or economic levers left to pull, deterrence remains elusive.
Insider Access and Remote Work Exploitation
The research also highlights a growing tactic in which North Korean operatives fraudulently secure remote technical roles at overseas firms. By embedding themselves within legitimate organizations, they can gain access to sensitive systems, enabling colleagues to steal private keys or reroute digital funds.
This insider-assisted approach has increased the difficulty for companies attempting to safeguard their crypto holdings, even when robust security protocols are in place.
A Global Problem With No Easy Fix
While other nations have been linked to large-scale cyber thefts, analysts say no country matches the scale or consistency of North Korea’s alleged operations. The combination of state backing, technical expertise, and sophisticated laundering networks sets it apart.
With cryptocurrencies remaining easier to launder at scale than traditional currencies, experts warn that similar attacks are likely to continue. As one security analyst noted, existing tools have done little to curb the threat, suggesting the global crypto industry must prepare for a prolonged and evolving challenge.
About Author
