ExchangeDEX+

Buy Crypto Markets Spot Futures500X Earn Events

TRM has published new research showing that North Korea-linked actors were responsible for more than half of the US$2.7 billion stolen in cryptocurrency hacks inTRM has published new research showing that North Korea-linked actors were responsible for more than half of the US$2.7 billion stolen in cryptocurrency hacks in

North Korea Linked to Over Half of 2025 Crypto Heist Losses

2025/12/19 13:07

TRM has published new research showing that North Korea-linked actors were responsible for more than half of the US$2.7 billion stolen in cryptocurrency hacks in 2025, marking the regime as the single most dominant and sophisticated threat actor in the crypto theft ecosystem.

For years, North Korea has used crypto theft to fund weapons proliferation, evade sanctions, and pursue destabilising activities.

Notably, high-value heists in 2023–2025 have shifted from exploiting smart-contract flaws to targeting the operational infrastructure of exchanges and custodial services. Single points of failure in these systems allow access to large sums.

Source: TRM

TRM attributes several major incidents to the regime, including Atomic Wallet, CoinsPaid, Alphapo, Stake.com, CoinEx, and the February 2025 Bybit exploit.

North Korean operators typically gain entry through social engineering.

They use fake job offers or investment pitches to compromise developer systems and extract wallet keys.

Once assets are stolen, they are laundered through a complex network known as the “Chinese Laundromat.”

This network comprises brokers, money transmitters, and trade-based intermediaries.

TRM notes that this process now occurs end-to-end with Chinese actors.

Funds move across chains, exchanges, and jurisdictions, often converting into stablecoins such as USDT on Tron before settlement in yuan, goods, or payments to North Korean front companies.

Source: TRM

Therefore, for exchanges and financial institutions, this evolution collapses traditional silos between cybersecurity and AML.

Static blocklists are insufficient; effective detection requires monitoring cross-chain flows and nested service counterparts, while pairing hardware-secured key storage with tiered withdrawal policies and privileged-access segmentation.

Overall, North Korea’s operations reflect the industrialisation of crypto theft.

They blend cyber activity, intelligence support, and outsourced laundering to create a state-directed revenue system.

As stablecoins and crypto payments grow, tracing stolen assets becomes increasingly complex.

This highlights the need for coordinated, cross-border measures to counter these structured, high-volume operations.

Featured image credit: Edited by Fintech News Hong Kong, based on image by aukid via Freepik

The post North Korea Linked to Over Half of 2025 Crypto Heist Losses appeared first on Fintech Hong Kong.

Market Opportunity

Moonveil Price(MORE)

$0.002491

$0.002491$0.002491

+3.96%

USD

Moonveil (MORE) Live Price Chart

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.