Hackers linked to the North Korean regime have so far stolen more than $2bn (£1.49bn) according to researchers who say 2025 is a record-breaking year for the country’s cyber criminals.

The thefts now account for around 13% of the secretive country’s gross domestic product (GDP), according to United Nations’ estimates.

Western security agencies say these funds are used to finance North Korea’s nuclear weapons and missile development programs.

For the last few years operatives from hacking teams like Lazarus Group have focussed on attacking cryptocurrency companies for large thefts of digital tokens.

The worst of these attacks came in February this year when hackers swiped $1.4bn from crypto exchange ByBit.

But the new research from investigators at research firm Elliptic warns the cyber-criminals are also increasingly targeting individuals who hold large amounts of crypto.

High net worth individuals have become increasingly attractive targets as they often lack the security measures employed by businesses, researchers warn.

Dr Tom Robinson, chief scientist at Elliptic, says the targeting of individuals – which is less likely to be disclosed – means the true figure for hacks carried out by North Korea could be even higher.

“Other thefts are likely unreported and remain unknown as attributing cyber thefts to North Korea is not an exact science.”

“We are aware of many other thefts that share some of the hallmarks of North Korea-linked activity but lack sufficient evidence to be definitively attributed,” he says.

North Korea’s UK embassy was approached for comment but did not immediately respond. Previously the regime has denied any involvement in hacks.

Elliptic and other companies like Chainalysis are able to track the movement of stolen funds like Bitcoin and Ethereum by following the public list of transactions on the blockchain.

Over the years researchers have noticed patterns in methods and tools favoured by North Korean hackers.

Elliptic estimates that 2025’s bumper year so far takes the cumulative known value of cryptoassets stolen by the regime to more than $6 billion.

As well as the ByBit hack in February, Elliptic analysts have attributed more than 30 other attacks to North Korea so far this year.

An attack on WOO X in July that saw $14 million stolen from 9 users.

Another case led to $1.2m of digital coins stolen from Seedify.

This year’s activity dwarfs the regime’s previous record set in 2022 when it is accused of stealing $1.35 billion in total.

As well as a prolific cyber crime team, the regime is increasingly being accused of operating an elaborate fake IT workers programme to bring in additional money and skirt international sanctions.



By

Source link