- DPRK-led crypto theft has escalated, stealing a record $2 billion in 2025 and accelerating in early 2026, with attacks doubling in January compared to last year.
- Social engineering remains the primary attack method, using campaigns like DangerousPassword and Contagious Interview to steal private keys, which have netted $37.5 million so far in 2026.
- The recent Tenexium case suggests DPRK operatives are evolving from infiltrating projects to potentially creating entire projects from the ground up as a front for theft.
One year after the DPRK‘s historic $1.46 billion theft from Bybit exchange, the regime’s crypto heist operation shows no signs of stopping. Instead, it has intensified, with thefts continuing at an alarming pace and evolving in sophistication.
Social engineering remains the primary vector for these attacks, exploiting human vulnerabilities rather than technical flaws. Consequently, campaigns like DangerousPassword and Contagious Interview have generated millions this year alone by tricking victims.
These campaigns target individuals to compromise their devices and steal sensitive data like seed phrases. DangerousPassword uses fake video call software errors, while Contagious Interview baits victims with fictitious job opportunities.
Operatives also infiltrate the crypto industry as IT workers using fabricated identities. Their goal is to earn salaries for the regime and potentially create backdoors for future exploits within legitimate projects.
A case involving the vanished Tenexium project, linked to the Bittensor ecosystem, highlights this evolving threat. Reports on X suggest DPRK IT workers were contributors, and blockchain analysis revealed laundering patterns consistent with DPRK activity.
Meanwhile, the overall impact is staggering. DPRK operatives have stolen more than $6 billion cumulatively to fund their weapons programs. The laundering of the Bybit funds, over $1 billion within six months, demonstrated unprecedented sophistication.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Coinbase’s Base Blockchain Splits From Optimism’s Tech
- AI Trade Not Out of Steam, Says Wedbush
- Judge Blocks Tennessee from Banning Kalshi Prediction Markets
- Sonic Labs Debuts AI-Powered Web3 App Builder Spawn
- Ukrainian Hacker Gets 5 Years for North Korean IT Scheme
