North Korean hackers stole a record amount of more than $2 billion in cryptocurrencies in 2025. Here’s what we know about these criminal operations backed by the Pyongyang regime.
• Also read: “Axis of upheaval”: what we know about the anti-American alliance led by China and Russia
North Korea has just recorded the most profitable year in the history of cryptocurrency piracy, according to a report published on December 18 by the specialist company Chainalysis.
Criminals have embezzled a total of $2.2 billion in cryptocurrencies, $681 million more than in 2024.
A little more than half of this amount came from the hack of the Dubai-based cryptocurrency exchange Bybit in February 2025.
The criminals worked for the North Korean government’s elite team and managed to steal around $1.5 billion, according to the US Secret Service (CIA).
Since 2016, the total cryptocurrencies stolen by North Korea are approximately $6.75 billion.
Fake identities, fake employees
The report highlights that criminals are using “increasingly daring” methods to get their hands on these large sums of money.
In particular, they use artificial intelligence to create false identities and fake LinkedIn accounts which allow them to get hired as IT technicians within large companies offering teleworking.
After joining the team, they compromise the computer systems so that accomplices can access confidential information allowing them to get their hands on the cryptocurrencies.
Hackers also sometimes obtain this information during bogus telephone conversations with entrepreneurs in which they pose as large investors, analysts note.
Funds used to develop nuclear weapons
What is worrying about the clandestine activities orchestrated by the Pyongyang regime is that they are used in particular to finance the research and development of nuclear weapons, reveals a recent international report on North Korea’s IT capabilities.
The government also uses cryptocurrencies to launder money and make military purchases, thereby evading international sanctions linked to its nuclear program.
Helped in part by Russia and China, North Korea has increased attacks which have “been directly linked to the destruction of computer equipment, the endangerment of human lives, the loss of private property and the financing of illegal weapons of mass destruction and ballistic missile programs,” the authors indicate.
