CyberSecurityBoard
Sponsor Register Login

Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The Record from Recorded Future News

The $2.17 billion stolen so far this year already surpasses the losses seen in all of 2024, and is the highest number seen in the first six months of a year since the company began tracking the figures in 2022. Chainalysis researchers noted several other concerning trends, including increases in personal wallet compromises and so-called “wrench” attacks where physical violence or coercion is used against crypto holders. Most of the total comes from the $1.5 billion stolen from Dubai-based crypto platform Bybit in February by hackers connected to North Korea. “The Bybit hack demonstrates that even sophisticated industry entities remain vulnerable to advanced persistent threats, while the surge in personal wallet compromises shows that individual holders of cryptocurrency face unprecedented risks,” the researchers said. The data from Chainalysis largely matches numbers released by the blockchain intelligence firm TRM Labs two weeks ago — which found $2.1 billion stolen across at least 75 distinct hacks and exploits. More than $2 billion in cryptocurrency was stolen by hackers in the first half of 2025, according to the blockchain security firm Chainalysis. Chainalysis estimates that up to $4 billion worth of cryptocurrency may be stolen by the end of the year. The United Nations said last year that it is tracking dozens of incidents over a five-year period that have netted North Korea $3 billion. The Bybit incident is currently the largest-ever crypto theft and accounts for 69% of all funds stolen this year. The report found that the average losses coming from compromised personal wallets storing Bitcoin has increased, illustrating that hackers are likely going after higher-value individual holdings. There have already potentially been twice the number of physical attacks in 2025 compared to the entire next highest year on record. The U.S., Germany, Russia, Canada, Japan, Indonesia and South Korea saw the highest concentration of stolen fund victims. Alongside North Korea's attacks, it illustrated the growing role of nation-states in crypto theft incidents. TRM Labs also highlighted the Israel-linked attack in June on Iran’s largest crypto exchange, Nobitex, which involved the theft of more than $90 million.

This Cyber News was published on therecord.media. Publication date: Thu, 17 Jul 2025 12:05:17 +0000


Cyber News related to Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The Record from Recorded Future News

North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group
Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The Record from Recorded Future News - The $2.17 billion stolen so far this year already surpasses the losses seen in all of 2024, and is the highest number seen in the first six months of a year since the company began tracking the figures in 2022. Chainalysis researchers noted several ...
3 weeks ago Therecord.media
Chainalysis observes decrease in cryptocurrency crime in 2023 - While the ransomware market is rising and cybercriminals continue to rack up bitcoin payments, illicit cryptocurrency activity is declining, according to new research from Chainalysis. Funds sent to illicit cryptocurrency addresses dropped from $39.6 ...
1 year ago Techtarget.com Rocke
North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit | The Record from Recorded Future News - TRM Labs has tracked previous thefts by North Korean actors and found a similar playbook, where the hackers use DeFi platforms to convert funds into Bitcoin before using mixers to obfuscate the source of the cryptocurrency. Last week, the FBI ...
5 months ago Therecord.media Lazarus Group
North Korean IT worker scam is now a threat to all companies, cybersecurity experts say | The Record from Recorded Future News - Since disruptions began last year and law enforcement has publicly warned companies of the practice, DTEX’s Barnhart and others said they have seen some workers try to extort companies or hand off their access to more sophisticated North Korean ...
3 months ago Therecord.media
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks - Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet, that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for ...
1 year ago Microsoft.com
The past year was the most detrimental for digital currency security breaches, with North Korean organizations profiting. - In 2022, cyberattacks on cryptocurrency platforms resulted in the theft of almost $4 billion, with a large portion of the activity being attributed to hackers working on behalf of the North Korean government. According to blockchain research firm ...
2 years ago Therecord.media Lazarus Group
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com Lazarus Group
North Korean Hackers Stole $600m in Crypto in 2023 - North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such heists, according to blockchain intelligence firm TRM. Despite the eye-watering sum, this figure represents a 30% reduction on ...
1 year ago Infosecurity-magazine.com
North Korea's Kimsuky Attacks Rivals' Trusted Platforms - North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along ...
5 months ago Darkreading.com Andariel Kimsuky
Reserachers Uncovered North Korean Nationals Remote IT Worker Fraud Scheme - In a significant cybersecurity investigation, researchers have revealed an elaborate fraud scheme orchestrated by North Korean nationals who used stolen identities to secure remote IT positions at US-based companies and nonprofits. The operation ...
2 months ago Cybersecuritynews.com
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers - The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, ...
1 year ago Bleepingcomputer.com Lazarus Group
U.S DoJ Announces Nationwide Actions to Combat North Korean Remote IT Workers - The U.S. Department of Justice announced coordinated nationwide law enforcement actions on June 30, 2025, targeting North Korean remote information technology workers’ illicit revenue generation schemes that have defrauded American companies ...
1 month ago Cybersecuritynews.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report - North Korean threat actors are believed to have stolen more than $3 billion in cryptocurrency to date, according to a report from threat intelligence firm Recorded Future. Collectively tracked as the Lazarus Group, the North Korean hackers specialize ...
1 year ago Securityweek.com Lazarus Group
North Korean hackers linked to $1.5 billion ByBit crypto heist - Since the attack, crypto fraud investigator ZachXBT has discovered links between the Bybit hackers and the infamous North Korean Lazarus threat group after the attackers sent stolen Bybit funds to an Ethereum address previously ...
5 months ago Bleepingcomputer.com Lazarus Group
US govt sanctions North Korea's Kimsuky hacking group - The Treasury Department's Office of Foreign Assets Control has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. OFAC has also sanctioned eight North Korean agents for ...
1 year ago Bleepingcomputer.com Andariel Kimsuky
Lazarus Group hackers appear to return to Tornado Cash for money laundering - North Korea's Lazarus hacking group allegedly has turned back to an old service in order to launder $23 million stolen during an attack in November. Investigators at blockchain research company Elliptic said on Friday that in the last day they had ...
1 year ago Therecord.media Lazarus Group
Hackers Stole Cryptocurrency Worth $2 Billion in Year 2023 - As per crypto security firms, this was the first time since 2020, that the trend has been declining. Based on dozens of cyberattacks and thefts this year, hackers stole over $2 billion in cryptocurrency, according to De.FI, the web3 security company ...
1 year ago Cysecurity.news Lazarus Group
US Treasury sanctions Sinbad cryptocurrency mixer used by North Korean hackers - The U.S. Treasury Department on Wednesday sanctioned a popular cryptocurrency mixer used to launder funds stolen by hackers connected to the North Korean government. The Treasury Department's Office of Foreign Assets Control announced new sanctions ...
1 year ago Therecord.media Lazarus Group
FBI Charges North Korean Hackers Over $100 Million Stolen in Crypto Hack - The FBI has recently charged a North Korean hacker in connection with the Harmony crypto hack from which the hacker allegedly stole over $100 million. The hacker, Jon Chang Hyok, is a member of the North Korean military intelligence agency, the ...
2 years ago Bleepingcomputer.com
North Korean Hackers Amass $3bn in Cryptocurrency Heists - North Korean hackers have reportedly stolen a total of $3bn in cryptocurrency since 2017, as revealed in a recent report by Recorded Future's Insikt Group. The revelation underscores the prolonged engagement of the regime in the cryptocurrency ...
1 year ago Infosecurity-magazine.com
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
2 years ago Thehackernews.com
macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks - North Korean advanced persistent threat groups are mixing and matching components of two recently unleashed types of Mac-targeted malware to evade detection and fly under the radar as they continue their efforts to conduct operations at the behest of ...
1 year ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)