North Korean hacking group intensively steals virtual assets

This article is machine translated

Show original

DPRK Accounts for 60% of Hacking Damages

Design by Blockstreet Reporter Jeong Ha-yeon

Security firm CertiK announced on the 12th that a North Korea-linked hacking group stole approximately $2.06 billion (3 quadrillion 864 trillion 980 billion won) of the virtual asset hacking losses in 2025, accounting for about 60% of the total losses.

According to CertiK's Skynet report, North Korean-linked organizations were involved in 79 of the 656 virtual asset security incidents that occurred last year, causing a total of $3.46 billion (5.1834 trillion won) in damages.

The report analyzed that North Korea has "industrialized" virtual asset theft to the level of a state-run profit business. Certick explained that North Korean hacking groups are continuously expanding the theft of virtual assets to secure funds for nuclear and ballistic missile development.

North Korean-linked organizations have recently shown a trend of focusing on attacks on platforms storing large amounts of funds rather than simple wallet hacking. CertiK stated that while North Korean organizations accounted for only about 12% of the total number of incidents, they accounted for about 60% of the stolen funds.

The largest case is the Bybit hack that occurred in February. At the time, approximately $1.5 billion (2.2472 trillion won) was leaked, and Certik analyzed the attack as a supply chain breach by the North Korean-linked hacking group TraderTraitor.

Certik explained that about 86% of the stolen Ethereum (ETH) was converted into Bitcoin (BTC) within a month through mixing services, cross-chain bridges, and DeFi exchanges.

The attack methods of North Korean hacking organizations have also changed. Certick analyzed that attacks have recently expanded from a phishing-centric approach to establishing offline relationships and infiltrating internal networks.

The Drift Protocol incident, which occurred in April, was cited as a representative example. A North Korea-linked organization stole approximately $285 million (426.9 billion KRW) from a Solana-based platform after building relationships and manipulating governance for about six months.

Jonathan Reese, a blockchain intelligence analyst at Certick, warned that North Korean IT personnel are using false identities to secure internal trust at Western cryptocurrency and fintech companies. He explained that North Korean hacking groups are simultaneously employing social engineering techniques and technical attacks.

Reporter Jeong Ha-yeon yomwork8824@blockstreet.co.kr

Sector:

Smart Contracts

Halving Tokens

Layer 1

Source

Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.

Add to Favorites

Comments

Relevant content

Followin Trending

BingX launches EventX, turning real-world events into tradable assets.

0.03%

ME News

Ma Huateng: A year ago, I thought I had boarded the AI ship, but it turned out to be leaking. Now I'm standing on it, but I still can't sit down.

Tin Tức Bitcoin

Bitcoin holding at $80,000: This indicator signals that BTC may correct.

SN44

7.84%