North Korea | Crypto

The cybersecurity threats from North Korea are perpetrated by a myriad of small hacker groups deploying malware and executing social engineering scams. North Korea (DPRK) state-affiliated hackers and threat actors were responsible for more than $2 billion in crypto losses in 2025, a 51% year-over-year increase, despite fewer attacks carried out by the group, according to cybersecurity company CrowdStrike. DPRK hackers represent the “largest” threat group targeting cryptocurrency users, as measured by the dollar amount of assets stolen, according to the company’s 2026 Financial Services Threat Landscape report. Crowdstrike added: The DPRK hackers and scammers focused on targeting Web3 projects and cryptocurrency exchanges because the stolen funds could be “cashed out” and transferred with a greater degree of anonymity than in the traditional financial system, CrowdStrike said. Read more

North Korea-linked hackers stole about $2.06 billion of the $3.4 billion lost in crypto hacks in 2025 and are moving from phishing to physical infiltration, CertiK’s new report finds. CertiK says North Korea-linked hackers stole about 60% of the value lost to crypto hacks in 2025, with proceeds used to help fund the regime’s nuclear and ballistic missile programs, highlighting the country's growing reliance on digital assets to generate hard currency. The findings, shared with Cointelegraph on Tuesday, come from a new Skynet report that attributes roughly $2.06 billion of an estimated $3.4 billion in 2025 crypto security losses to groups tied to the Democratic People’s Republic of Korea, or DPRK, across 79 of 656 incidents documented that year. Between 2016 and early 2026, DPRK-linked actors stole an estimated $6.75 billion in cryptocurrency across 263 documented incidents, the report says, citing findings by independent onchain researcher Taylor Monahan. Read more

A Manhattan judge modified a restraining notice to let Arbitrum DAO move $71 million in frozen Ether to Aave, while preserving terrorism victims’ legal claim on the funds. A Manhattan federal judge has allowed Arbitrum DAO to move $71 million in frozen Ether to Aave, clearing the path for the DeFi protocol’s recovery effort following a North Korea-linked exploit. Judge Margaret Garnett of the Southern District of New York issued the order on Friday, modifying a restraining notice that had locked the assets inside Arbitrum DAO. The modification permits an onchain governance vote to send the funds to a wallet controlled by Aave LLC, and explicitly protects anyone who participates in the transfer from being held in violation of the freeze. The order still keeps the terrorism victims’ legal claim on the funds, meaning Aave can’t use the funds freely and could be forced to hand them over if the court ultimately rules in the terrorism victims’ favor. Read more

What crypto hacks? North Korea denies “unfounded” allegations. Upbit’s official bank partner to trial remittances with Ripple. Asia Express.

DPRK-linked crypto theft topped $578M in April after the Kelp DAO exploit, as attacks continue to expand across protocols, companies and end users. Kelp DAO suffered a $292 million hack on Saturday, overtaking Drift as the largest crypto exploit of the year so far. North Korea-linked hackers are suspected to be behind the attack. Kelp DAO said Monday that the exploit stemmed from a failure of cross-chain messaging protocol LayerZero’s infrastructure. LayerZero said the breach was enabled by Kelp DAO’s use of a single verifier configuration to approve cross-chain messages. LayerZero said that “preliminary indicators” attributed the exploit to TraderTraitor, a subgroup of North Korea’s state-backed hacking unit known as Lazarus Group.  Read more

In just under three weeks, cyber operatives linked to the Democratic People’s Republic of Korea (DPRK) have stolen more than $500 million from crypto DeFi platforms. This marks a drastic escalation in Pyongyang’s state-sponsored campaign to bankroll its weapons programs through cryptocurrency theft. Drift and KelpDAO drive North Korea's over $500 million DeFi exploits Notably, […] The post North Korea hit crypto for $500M+ this month — and the $6.75 billion threat is not over yet appeared first on CryptoSlate.

Solana drops 6.9% to $78.62 after North Korea's $285M Drift Protocol exploit. Key support at $78, resistance at $88 — full price analysis and what comes next for SOL. The post Solana Price Prediction: North Korea $285 Hack Took 6 Month – Can Sol Survive? appeared first on Cryptonews.

The Treasury Department said North Korea infiltrated IT workers into U.S. businesses and channeled their wages back to the country to fund weapons of mass destruction programs.

Crypto trading may be huge in South Korea, but just over the border, crypto hacking accounts for around 13.5% of North Korea’s GDP.

Crypto trading may be huge in South Korea, but just over the border, crypto hacking accounts for around 13.5% of North Korea’s GDP.

Crypto trading may be huge in South Korea, but just over the border, crypto hacking accounts for around 13.5% of North Korea’s GDP.

World Liberty Financial has come under scrutiny as Elizabeth Warren and Jack Reed have urged U.S. officials to probe claims that the Trump-linked crypto firm has sold tokens to buyers tied to money-laundering platforms and North Korean and Russian actors. The post Democratic Senators Demand Probe Into World Liberty Financial’s Alleged Ties To North Korea: CNBC appeared first on Cryptonews.

CZ has received a Google alert on a state-linked hack attempt. Investigations have tied fresh Lazarus activity to fake IT hires, credential-stealing malware, traced laundering via Tornado Cash, and prior breaches as U.S. actions against DPRK-linked networks have been reported. The post CZ Targeted by ‘Government-Backed’ Hackers – Is North Korea’s Lazarus Group Behind It? appeared first on Cryptonews.

Blockchain investigator ZachXBT has linked a major exploit affecting several NFT projects connected to Pepe creator Matt Furie to a group of suspected North Korean IT workers. According to his analysis, the attacks led to the loss of over $1 million across multiple platforms, including ChainSaw-related projects Replicandy and Peplicator, with around $310,000 stolen from […] The post Pepe Creator Projects Hit by $1M Exploit Linked to North Korea IT Workers: ZachXBT appeared first on Cryptonews.

ChatGPT automates North Korea’s crypto hacks. Malaysian highway funds funneled to digital assets. Asia Express North Koreas state-sponsored hacking groups are automating cryptocurrency theft with the help of AI tools like ChatGPT, according to South Korean cybersecurity officials. Lee Seul-gi, lead researcher at the Korea Internet & Security Agency (KISA), said attackers are using AI-configured scripts to automatically transfer crypto to their own wallets once a victims balance exceeds $200. During a security conference in Seoul on Thursday, Lee shared the findings of an investigation that analyzed 39 virtual server images seized in September, according to local media. Read more

The Justice Department has filed a civil forfeiture complaint to seize crypto and NFTs allegedly tied to laundering efforts by North Korea. The US Department of Justice has moved to seize $7.74 million in crypto allegedly earned by North Korean IT workers using fake identities and working at blockchain firms as remote contractors.   The funds were initially frozen in April 2023 as part of an indictment against Sim Hyon Sop, a China-based banker allegedly helping North Korean IT workers launder money, the DOJ said in a June 5 statement. The Justice Department is looking to seize multiple cryptocurrencies, including stablecoins and Bitcoin (BTC) in varying amounts, along with non-fungible tokens and Ethereum Name Service domains that are held in multiple self-custody wallets and Binance accounts, according to its civil forfeiture complaint filed June 5 in a Washington, DC federal court. Read more

BitMEX’s security team has exposed significant operational weaknesses within the Lazarus Group, the North Korean state-sponsored cybercrime network. The post BitMEX Uncovers Security Flaws in North Korea’s Lazarus Group Operations appeared first on Cryptonews.