Cybercriminals with links to the regime in North Korea are said to have stolen cryptocurrency worth more than two billion US dollars (around 1.7 billion euros) this year. According to the IT consultancy Elliptic, which tracks money flows on blockchains, this is already more than in any previous year. The record is mainly due to the theft of billions from the crypto exchange Bybit. In addition to Bybit, other cryptocurrency services have also been robbed of large sums of money, but these involved millions rather than billions. However, the experts are also seeing an increasing number of individuals from whom large sums of cryptocurrency are being stolen. They attribute this to the increased prices of Bitcoin & Co.
Profitable business without consequences
In total, the North Korean regime has already stolen six billion US dollars in cryptocurrency, Eliiptic continues. However, the actual sum is probably even higher, as not all incidents can be attributed to the country. According to Elliptic, it is aware of a whole series of thefts in which there are indications that North Korea is the perpetrator, but for which it is not possible to make a clear attribution. There are also likely to be incidents where the theft was not reported or publicized. In most cases this year, the criminals were successful with social engineering, writes Elliptic.
If the total haul is confirmed, 2025 would not only be by far the most successful year for the North Korean crypto thieves, they would also have taken significantly more than 2023 and 2024 combined. The previous record was 1.35 billion US dollars in one year, explains the IT consultancy, which was in 2022. For years, the regime has relied on stealing Bitcoin & Co. on a large scale, for example, to circumvent the international financial system and the sanctions imposed and to pay for goods and technology. The regime’s capabilities in such thefts are almost unrivaled worldwide, partly due to its many years of experience, and considering its immense success, there is no end to the extremely lucrative cyberattacks to be expected.
(mho)