Additional Coverage:
- North Korea stole a record amount of crypto—again: report estimates its hackers’ 2025 haul at $2 billion (fortune.com)
North Korea Emerges as Major Player in Record-Breaking Crypto Thefts, New Report Reveals
A staggering amount of cryptocurrency was stolen this year, with North Korea reportedly siphoning off the lion’s share. According to the recently released 2026 Crypto Crime Report by Chainalysis, the hermit kingdom was responsible for approximately 59% of the more than $3.4 billion in pilfered digital assets.
Andrew Fierman, head of national security intelligence at Chainalysis, emphasized the growing sophistication of North Korea’s illicit operations. “North Korea’s sophistication and efficacy in laundering the proceeds from these incidents is continuing to improve,” Fierman stated, urging the industry to bolster its security measures.
The report’s findings come at a time when cryptocurrency investment has become increasingly mainstream. With more individuals engaging in crypto transactions, and the inherent irreversibility of these transactions, both individuals and exchanges are becoming increasingly attractive targets for cybercriminals.
Chainalysis, a private analytics firm dedicated to fostering transparency within the blockchain ecosystem, assists government agencies in disrupting illicit activities and supports private crypto companies with compliance. The company has published this annual report since 2019.
North Korea has reportedly surpassed its own record for annual crypto theft, employing inventive and increasingly complex methods. The country has deployed its citizens as IT employees within crypto companies, where they reportedly utilize artificial intelligence to mask their true locations, often posing as workers from countries like the U.S.
These operatives then gain access to sensitive information, leading to large-scale breaches. Another tactic employed by North Korean actors is “social engineering,” involving the dissemination of deceptive emails and text messages to crypto holders.
A single click on a malicious link can grant hackers access to private digital wallets.
The largest crypto hack in history occurred in February, when Bybit, a prominent crypto exchange, suffered a loss of $1.4 billion. The Federal Bureau of Investigation quickly attributed this massive theft to North Korea.
This single attack accounted for roughly 40% of all crypto heists this year. Chainalysis observed a trend of large-scale attacks dominating in 2025, with over two-thirds of stolen funds originating from just three significant breaches.
Beyond major exchange hacks, the report also highlights a concerning rise in personal wallet compromises. There were 158,000 such incidents in 2025, nearly tripling since 2022.
This alarming trend includes high-profile physical assaults on crypto owners, colloquially known as “wrench attacks.” Earlier this year, for instance, the co-founder of a Paris-based crypto wallet firm was subjected to a kidnapping where assailants severed a finger while demanding a ransom.
Fierman offered a stark warning to crypto investors: “If you’re online, talking about your success in crypto investments, I’d recommend not doing that. It points to you potentially having a hardware wallet and creates a physical target for you as an individual.”