North Korean Hackers Ramp Up Crypto Attacks, Stealing Billions

North Korean Hackers Stole $3 Billion in Crypto Assets Through Sophisticated Attack Networks

  • North Korean Hackers have stolen approximately $3 billion between 2017-2023, with an additional $1.7 billion from attacks on WazirX and Bybit in recent years.
  • At least five North Korean Hacking organizations target the crypto industry, with Lazarus Group being the most notorious for high-profile attacks.
  • These threat actors employ increasingly sophisticated methods from phishing to supply chain hijacks, sometimes planning attacks that take up to a year to execute.

North Korean crypto hacking operations have escalated in both sophistication and scale, according to a new report by Paradigm titled “Demystifying the North Korean Threat.” The Cybersecurity research reveals that state-backed hackers have developed complex attack methodologies targeting cryptocurrency exchanges and infrastructure, representing a growing threat to the digital asset industry.

- Advertisement -

According to United Nations estimates, North Korean hackers successfully stole $3 billion between 2017 and 2023. This figure has increased dramatically in recent years, with attacks against exchanges WazirX and Bybit netting approximately $1.7 billion in stolen funds.

The report identifies at least five distinct North Korean hacking organizations targeting the cryptocurrency sector: Lazarus Group, Spinout, AppleJeus, Dangerous Password, and TraitorTrader. Additionally, a network of North Korean operatives poses as legitimate IT professionals to infiltrate technology companies globally.

Lazarus Group, the most infamous of these organizations, has executed several high-profile attacks since 2016. Their targets have included Sony and the Bank of Bangladesh in 2016, followed by involvement in the WannaCry 2.0 Ransomware attack in 2017. The group’s focus on cryptocurrency began with attacks on exchanges Youbit and Bithumb in 2017, followed by the 2022 Ronin Bridge exploit that resulted in hundreds of millions in stolen assets.

Most notably, Lazarus Group is credited with the 2025 theft of $1.5 billion from Bybit, one of the largest cryptocurrency heists to date. Security researchers also believe the group may be connected to various Solana memecoin scams.

These North Korean cyberattacks employ diverse methodologies, including direct assaults on exchanges, social engineering, phishing campaigns, and complex supply chain hijacks. Some operations demonstrate remarkable patience, with attackers meticulously planning their approach over periods extending up to a year.

After successful attacks, Lazarus Group follows predictable money laundering patterns according to Chainalysis and other blockchain intelligence firms. The group fragments stolen funds into progressively smaller amounts distributed across numerous wallets, converts illiquid tokens to those with higher liquidity, and consolidates much of the value into Bitcoin. Following these conversions, they often hold the assets for extended periods until law enforcement attention diminishes.

- Advertisement -

Law enforcement has made some progress in identifying the perpetrators. The FBI has identified three alleged members of the Lazarus Group, with the U.S. Justice Department indicting two individuals in February 2021 for involvement in global cybercrime operations.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest

Michael Saylor Invites Joe Rogan to Discuss Bitcoin on Podcast

Michael Saylor has shown interest in discussing Bitcoin on The Joe Rogan Experience podcast.The idea has generated excitement in the Bitcoin community, with some...

Congress Debates Stablecoin Bill Amid Rising Bank and Crypto Tensions

U.S. lawmakers are moving forward with the Senate Guiding and Establishing National Innovation for U.S. Stablecoins (GENIUS) Act, with debates set to resume after...

American Engineer Drugged, Robbed in Sophisticated London Crypto Heist

An American software engineer lost approximately $123,000 in cryptocurrency after being drugged and robbed in London.The victim was targeted by an impersonator posing as...

Max Keiser Doubts New Bitcoin Treasuries’ Discipline in Bear Market

Bitcoin-focused companies are increasingly copying the treasury strategy used by Michael Saylor's Strategy.Max Keiser raised doubts about whether these newer companies can maintain commitment...

South Korea Election Puts Crypto Policy at Center of Debate

Nearly one-third of South Koreans hold digital assets, making crypto a vital issue in the upcoming presidential election.Both major parties support crypto exchange-traded funds...

Must Read

Top 11 Hosting Providers To Buy VPS With Bitcoin And Cryptocurrency

As a full-time blogger with over 5 years of experience and running multiple niche websites, I have gained the necessary expertise when it comes...