State-backed North Korean hackers have stolen $1.5bn (£1.2bn) of cryptocurrency in the largest heist in history.
Agents from Pyongyang were able to breach the systems of Dubai-based exchange Bybit to steal the digital coin Ether, according to security analysts.
The hackers stole more cryptocurrency in one attack than all the funds stolen by North Korean cyber criminals in 2024, when the rogue state’s cyber attackers made off with around $1.3bn in digital coins, according to cryptocurrency analysts Chainalysis.
The $1.5bn total eclipses the largest known bank theft of all time, when Saddam Hussein stole $1bn from the Iraqi central bank ahead of the Iraq War in 2003.
The record haul comes as Kim Jong-un, North Korea’s supreme leader, turns to elite units of computer hackers to prop up the Communist dictatorship’s failing economy.
Chainalysis said the attack served as a “stark reminder” of the advanced tactics employed by the country’s hackers. As well as technical skills, North Korean hackers are adept at what is known as “social engineering”: manipulating people to do what they want in order to pave the way for a heist.
This can involve developing relationships with targets over email and digital chats, sometimes over a period of months.
Sign inSearch the web
Top Stories
- Michelle Trachtenberg death
- Trump budget bill
- Measles outbreak FAQ
- Fort Knox conspiracy theory
- How much has DOGE saved?
- NASA asteroid scale
- ‘Constitutional crisis’
- Daylight saving time
- Unpaid toll scam
- Search for Flight MH370
North Korea steals $1.5bn as it pulls off world’s biggest ever heist
Matt Field
Tue, February 25, 2025 at 9:49 PM GMT+7
5 min read2.7k
State-backed North Korean hackers have stolen $1.5bn (£1.2bn) of cryptocurrency in the largest heist in history.
Agents from Pyongyang were able to breach the systems of Dubai-based exchange Bybit to steal the digital coin Ether, according to security analysts.
The hackers stole more cryptocurrency in one attack than all the funds stolen by North Korean cyber criminals in 2024, when the rogue state’s cyber attackers made off with around $1.3bn in digital coins, according to cryptocurrency analysts Chainalysis.
Advertisement
The $1.5bn total eclipses the largest known bank theft of all time, when Saddam Hussein stole $1bn from the Iraqi central bank ahead of the Iraq War in 2003.
The record haul comes as Kim Jong-un, North Korea’s supreme leader, turns to elite units of computer hackers to prop up the Communist dictatorship’s failing economy.
Chainalysis said the attack served as a “stark reminder” of the advanced tactics employed by the country’s hackers. As well as technical skills, North Korean hackers are adept at what is known as “social engineering”: manipulating people to do what they want in order to pave the way for a heist.
This can involve developing relationships with targets over email and digital chats, sometimes over a period of months.
Advertisement
Cyber security experts believe North Korea’s notorious Lazarus Group are the masterminds behind the latest attack. The group has terrorised Western businesses for more than a decade with a series of cyber breaches that have caused billions of dollars in losses.
Elliptic, a cryptocurrency analysis business, said the hacking group was the “most sophisticated and well-resourced launderer of cryptoassets in existence”.
The group is believed to be part of North Korea’s intelligence agency, the Reconnaissance General Bureau. It has been linked to past attacks including the hack of Sony in 2014, when the group leaked private emails from executives in an attempt to block the release of the comedy film The Interview, which lampooned North Korea’s supreme leader.
Lazarus Group has also been blamed for a near-$1bn heist from a Bangladeshi bank in 2016 and the global Wannacry cyber attack, which knocked hundreds of thousands of computers offline with damaging ransomware, including NHS systems.
While Pyongyang once relied on its elite hacking cadres to conduct espionage or steal trade secrets, increasingly they have been employed as a weapon of economic warfare to bolster the coffers of the heavily sanctioned regime.
