North Korean hackers made off with $1.5 billion in cryptocurrency from Bybit, marking the largest digital heist in history and raising alarms about the regime’s growing cyber warfare capabilities.
At a Glance
- North Korean hackers stole $1.5 billion in cryptocurrency from Bybit, the world’s second-largest crypto exchange with 40 million users
- The notorious Lazarus Group, linked to North Korea’s intelligence agency, is believed responsible for the attack
- North Korean hackers were responsible for 61% of global cryptocurrency thefts in 2024, stealing an estimated $3 billion since 2017
- Stolen funds are laundered through multiple wallets and exchanges, with only $43 million recovered so far
- Crypto theft directly funds North Korea’s weapons programs and military development amid international sanctions
Record-Breaking Crypto Heist
North Korean state-sponsored hackers have executed the largest cryptocurrency theft in history, stealing $1.5 billion from Bybit, the world’s second-largest cryptocurrency exchange.
The attack, carried out by the infamous Lazarus Group, represents a significant escalation of North Korea’s cyber warfare operations against financial institutions. Cybersecurity experts have traced the theft, revealing how quickly the stolen funds were dispersed across multiple wallets and exchanges to evade detection and recovery efforts.
You could have been impacted without even knowing it.
Investigators have managed to recover only about $43 million of the stolen assets, with an additional $243,000 seized – but there’s a lot left. The scale of the theft highlights the growing vulnerability of digital finance platforms, even major exchanges with sophisticated security systems. North Korean hackers have been increasingly focusing on cryptocurrency platforms as their primary targets for generating revenue to support the sanctioned regime.
Breaking News: North Korean Hackers Have Stolen $1.5 Billion From a Crypto Exchange's Customers to Fund Its Nuclear Weapons Program. Caveat Emptor Everyone!
Crypto exchange Bybit just announced that it was hacked, resulting in what analysts estimate was the customer losses of… pic.twitter.com/LDloHFM62t
— John Reed Stark (@JohnReedStark) February 22, 2025
Under Kim Jong-un’s leadership, North Korea has dramatically expanded its cyber warfare operations. The regime views these capabilities as essential to its military strategy, particularly as it continues to develop nuclear weapons and missile systems despite international pressure. The country has invested heavily in training elite computer science professionals, giving them privileged access to technology despite the general population’s isolation from the global internet.
North Korea’s shift from targeting traditional financial institutions to cryptocurrency platforms began during the crypto boom of 2017.
The regime employs various methods including direct theft, cryptojacking, and manipulating initial coin offerings. These activities have become a crucial lifeline for the North Korean economy as international sanctions tighten, with a direct correlation observed between major crypto thefts and subsequent missile test launches.
While it’s easy to see North Korea as a potential military threat in the future, it’s important to recognize that the country is already attacking the United States digitally.
Isn’t that…a form of war?