North Korea: Crypto crime breaks all boundaries – $2.17 billion lost!

North Korea: Crypto crime breaks all boundaries – $2.17 billion lost!

More and more reports are drawing attention to the diplomatic and financial threat posed by North Korean hackers. A recently released cybercrime summary shows alarming statistics that underscore the importance of this activity. On August 26, 2025, the FBI revealed that the notorious Lazarus Group, directly linked to the North Korean regime, was responsible for the Bybit hack in which a staggering $1.5 billion was stolen. This sum represents the largest theft in the history of cryptocurrencies. BeInCrypto reports that the Lazarus Group has repeatedly targeted banks and crypto exchanges, generating approximately $2 billion since 2017.

The Bybit hack is a prime example of the advanced techniques used by the perpetrators. According to experts, the hackers were able to convert more than $300 million of the stolen money into unrecoverable funds. This was done by manipulating digital wallet addresses, making recovering the money almost impossible. Bybit CEO Ben Zhou clarified that customer funds were not affected and that the company has initiated a reward program to compensate for stolen funds, for which 20 people have already received over $4 million.

The increase in attacks and the response of the authorities

Attacks have increased recently, particularly in 2025, where over $2.17 billion was stolen from cryptocurrency services. This number illustrates the severity of the situation, which is considered to be more serious than in previous years. BBC added that analysts expect further sanctions against money mixers, custody wallets and liquidity pools to curb the rising threat of North Korean cybercrime. According to the Financial Action Task Force, North Korea poses the greatest state threat to the integrity of crypto markets.

A significant incident occurred in May 2025 when the Taiwanese BitoPro exchange lost approximately $11.5 million. Also in early June 2025, the U.S. Department of Justice filed a forfeiture action for $7.74 million linked to North Korean money laundering schemes. Additionally, four North Korean nationals suspected of infiltrating U.S. companies and stealing nearly $900,000 were charged in Georgia.

The role of the Lazarus group

The Lazarus Group is said to use advanced methods for its cyberattacks, including social engineering and zero-day exploits. Experts like Dr. Elliptic's Tom Robinson points out that North Korea is extremely proficient at laundering cryptocurrency money. This is done not only for enrichment, but also to finance military developments, which further complicates the global security situation. Deceptive activities and conversion of crypto funds into opaque funds give the impression that North Korean cybercriminals are working almost around the clock to clean up the stolen funds.

The investigation also revealed that over 1,000 email accounts were linked to North Korean IT workers who worked for Western companies. These workers received salaries in crypto wallets, which were subsequently laundered. The complexity and methodical nature of this cybercrime has undermined trust in the crypto community and driven up compliance costs.

Authorities' increased efforts to address this threat come amid a fast-moving environment in which cybercrime now accounts for approximately 70 percent of global crypto crime. It remains to be seen how the global community will respond to this growing challenge.