Hackers working for the North Korean government have been stolen more than $2 billion in code so far this year, according to blockchain analytics firm Elliptic.
On Tuesday, Elliptic published a blog post with this new quote. The company said it was “the largest total on record and hasn't made it for three months yet,” and is based on more than 30 hacks this year.
Previous records were in 2022 when North Korea stole $1.35 billion. According to Elliptic, the total amount of stolen codes since 2017 is at least $6 billion.
“The actual numbers could be even higher. Accidenting cyber theft to North Korea is not an exact science,” reads a blog post.
“We recognize many other thefts that share some of the characteristics of North Korea-related activities, but there is not enough evidence to be explicitly attributed. No other thefts have been reported and remain unknown.”
(Image: Oval)
The company said North Korea's main goal is still crypto exchange, but the administration's hackers are beginning to target “rich individuals” who own a large amount of crypto.
And it's not just recent changes, the company said.
“The majority of hacking in 2025 is being carried out through social engineering attacks in which hackers deceive or manipulate individuals to access cryptocurrency,” read the blog post. “This illustrates a shift from previous attacks where technical flaws in crypto infrastructure were often exploited to steal funds. This shift highlights the weaknesses of cryptocurrency security are becoming increasingly human, not technical.”
Elliptic estimates appear to be consistent with estimates from other organizations. Last year, the UN Security Council estimated that between 2017 and 2023, North Korean hackers stole $3 billion in cryptocurrency. Adding this year's estimate of $2 billion of Elliptic and last year's estimate of $742.8 million, the total is close to a $6 billion figure.
Japanese, South Korea and the US governments accused North Korean hackers of stealing more than $659 million in 2024.
The United Nations believes that Kim Jong-il's administration is using stolen codes to fund its nuclear weapons programme.
This year's records were driven primarily by a massive theft of over $1.4 billion from Crypto Exchange Bybit. This is attributed to North Korea by the FBI and several blockchain surveillance companies and researchers.
Other victims of North Korean hackers in the long-standing crypto world were the play-to-areen game Axie Infinity ($625 million in 2022), Crypto Startup Harmony ($100 in 2022), and Crypto Exchange Wazirx ($235 million in 2024).