Record-Breaking Crypto Heists in 2025: $2.7 Billion Stolen, 60% Linked to North Korea

The cryptocurrency industry faced an unprecedented security crisis in 2025, as cybercriminals stole a staggering $2.7 billion in digital assets, marking the worst year for crypto theft on record. Data released by blockchain analytics firms Chainalysis, TRM Labs, and De.Fi reveal that approximately 60% of the stolen funds were attributed to North Korean state-sponsored hacking groups.

This surge represents a sharp increase from previous years, with losses totaling $2.2 billion in 2024 and around $2 billion in 2023. The most significant single incident occurred in February, when Dubai-based exchange Bybit was breached, resulting in the theft of roughly $1.5 billion in crypto assets. The FBI later linked the attack to a North Korean hacking group known as TraderTraitor, also referred to as Jade Sleet.

North Korea’s Largest Crypto Haul to Date

According to Chainalysis, North Korean hackers stole at least $2.02 billion in cryptocurrency in 2025 alone, a 51% increase compared to the previous year. This brings the regime’s estimated total crypto theft since 2017 to around $6.75 billion, funds widely believed to be used to finance its nuclear weapons and ballistic missile programs.

Andrew Fierman, Head of National Security Intelligence at Chainalysis, noted that cryptocurrency’s global and always-on nature makes it an especially attractive target, stating that “crypto’s 24/7 accessibility creates a unique value proposition for the regime.”

What is particularly alarming about 2025 is that these record losses were achieved through fewer attacks than in prior years, indicating that North Korean hackers are becoming more sophisticated and increasingly focused on high-value targets.

Major Hacks Beyond Bybit

The Bybit breach was not an isolated case. In May, decentralized exchange Cetus lost $223 million after an attacker exploited a vulnerability in a shared mathematical library used for liquidity calculations. In November, Ethereum-based protocol Balancer suffered a $128 million theft due to a precision rounding error in its smart contract code. Earlier in the year, Singapore-based exchange Phemex lost more than $73 million when hackers drained hot wallets across 16 blockchains.

Growing Political and Regulatory Pressure

The record-breaking thefts have intensified political scrutiny. In mid-December, U.S. Senator Elizabeth Warren sent a letter to Treasury Secretary Scott Bessent and Attorney General Pam Bondi, questioning whether federal authorities are adequately investigating decentralized crypto exchanges for national security risks. She specifically raised concerns about North Korean hackers using DeFi platforms to launder stolen assets.

Around the same time, the FBI announced the takedown of E-Note, an unlicensed cryptocurrency exchange accused of laundering over $70 million in illicit proceeds since 2017, including funds tied to ransomware attacks.

Security experts warn that without stronger protections—such as rigorous smart contract audits, enhanced asset monitoring, and improved cybersecurity across DeFi platforms—the cryptocurrency ecosystem will remain highly vulnerable. As malicious actors grow more advanced, safeguarding digital assets is becoming one of the industry’s most urgent challenges.