Close Menu
    Wednesday, October 29
    Top Stories:
    Crypto

    North Korea’s Crypto Heist Hits $2.83B in 2024!

    Staff ReporterBy No Comments4 Mins Read

    Summary Points

    1. Massive Theft: North Korean hackers stole $2.83 billion in cryptocurrency from January 2024 to September 2025, nearly one-third of the country’s foreign currency income for 2024.

    2. Bybit Attack: The largest portion of this theft occurred in February 2025 through a significant attack on Bybit, executed by the TraderTraitor group using phishing and malware tactics.

    3. Sophisticated Laundering: A complex nine-step laundering process converts stolen crypto into cash, involving swapping for Ethereum, mixing services, and over-the-counter brokers in China, Russia, and Cambodia.

    4. International Response: The Multilateral Sanctions Monitoring Team (MSMT) calls for increased awareness and UN Security Council action to combat North Korea’s cybercrime and sanction evasion strategies.

    North Korea’s Crypto Theft Reaches $2.83 Billion Since 2024

    A recent report from the Multilateral Sanctions Monitoring Team (MSMT) reveals that North Korean hackers stole $2.83 billion in cryptocurrency from January 2024 to September 2025. This staggering amount represents about one-third of the country’s total foreign currency income in 2024.

    The MSMT, formed by 11 countries in October 2024, monitors how North Korea circumvents international sanctions through cybercrime. Notably, the scale of crypto theft increased in 2025. In the first nine months, hackers took $1.64 billion, a 50% rise from the $1.19 billion stolen the previous year.

    The most significant theft occurred in February during an attack on Bybit. Hackers linked to the TraderTraitor group targeted SafeWallet, a multi-signature wallet provider, using phishing emails and malware to infiltrate its systems. Subsequently, they masked external transfers as internal ones, gaining control of the cold wallet’s smart contract.

    North Korean cyber actors typically avoid direct attacks on exchanges. Instead, they focus on third-party service providers. Groups like TraderTraitor and CryptoCore employ fake developer profiles and stolen identities to execute their plans. In a striking example, the Web3 project Munchables lost $63 million in a hack, but the funds were later returned.

    Additionally, the laundering process for stolen cryptocurrency follows a complex nine-step method. Hackers initially swap stolen assets for Ethereum (ETH), use mixing services to obscure their trails, and eventually convert their holdings into cash through over-the-counter brokers. Notably, intermediaries from China, Russia, and Cambodia play crucial roles in this intricate process.

    The MSMT identified several key figures involved in these operations. In China, Ye Dinrong and Tan Yongzhi helped channel the stolen funds. Meanwhile, Russian brokers converted approximately $60 million from the Bybit hack. Furthermore, Cambodian services were utilized to transfer stolen assets, despite existing regulatory issues.

    Moreover, North Korean hackers have collaborated with Russian-speaking cybercriminals since the 2010s. Recently, actors linked to Moonstone Sleet engaged with the Russian group Qilin to lease ransomware tools.

    In light of these findings, the MSMT called on UN member countries to increase awareness of these cyber activities. They urged the UN Security Council to restore its Panel of Experts to monitor cyber threats more effectively.

    As technology continues to evolve, awareness and proactive measures become essential in combating cybercrime, ensuring that innovations are harnessed for positive purposes rather than illicit activities.

    Stay Ahead with the Latest Tech Trends

    Dive deeper into the world of Cryptocurrency and its impact on global finance.

    Stay inspired by the vast knowledge available on Wikipedia.

    Disclaimer

    This content is for informational and entertainment purposes only and does not constitute financial or investment advice. Cryptocurrency is highly speculative and carries significant risk, including the potential loss of your entire investment. Do not make financial decisions based on this information. Consult a licensed financial advisor before investing. This site does not offer, sell, or advise on cryptocurrency, securities or other regulated financial products in compliance with SEC and applicable laws. Please do your own research and seek professional advise.

    CryptoV1

    Share.
    Avatar photo

    John Marcelli is a staff writer for IO Tribune, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

    Related Posts

    Add A Comment

    Comments are closed.