#朝鲜黑客2025年窃取20点2亿美元加密货币 As of December 19, 2025, Chainalysis' "Crypto Crime 2026" report shows that North Korean-linked hackers (represented by the Lazarus Group) stole approximately $2.02 billion in cryptocurrency in 2025, a year-on-year increase of **+51%**, accounting for 59% of the global total theft for the year (approximately $3.4 billion), with cumulative theft reaching $6.75 billion**, setting a new historical record.
Core Data and Key Events
- Annual Amount: $2.02 billion, year-on-year +51% (approximately $1.3 billion in 2024).
- Proportion: The total amount stolen globally is approximately $3.4 billion, with North Korean-related theft accounting for 59%, and service intrusion incidents accounting for 76%.
- Largest Single Case: In February, Bybit exchange was attacked, with approximately $1.5 billion stolen, accounting for nearly 74% of the annual total.
- Attack Mode: Shifted to fewer but larger amounts, with three major cases contributing to the main losses for the year; targets shifted from DeFi back to centralized exchanges and core infrastructure.
Attack Methods and Money Laundering Paths
- Technology + Social Engineering Dual Drive: Supply chain attacks (tampering with cloud code, hardware wallet blind signing vulnerabilities), fake video conferences/hijacking Telegram accounts, and inserting insiders to gain privileged access.
- Money Laundering: Over **60%** of funds split into single transactions under $500,000, converted to fiat through mixers, cross-chain bridges, and small exchanges/OTC, with a cycle of about 20-45 days.
Risks and Key Response Points
1. Target Preferences: Prioritize exchanges, corporate wallets, executive accounts, and other high-value targets, with the highest risk on fund-intensive platforms.
2. Core Defense: Strong multi-signature + hardware wallet isolation, all personnel social engineering attack and defense training, regular supply chain and code audits, and a 24-hour cooling-off period for large transfers.
3. Fund Flow Monitoring: Focus on monitoring high-frequency small splits of single transactions <$500,000, abnormal transfers through mixers and cross-chain bridges, and large trades in Asian OTC.
Trading and Security Tips
- Platform Selection: Prioritize compliant exchanges with strong risk control, avoid excessive asset concentration on a single platform.
- Asset Protection: Use cold wallets for large assets, hot wallets only for small operational funds; enable two-factor authentication and alerts for abnormal logins/transfers.
- Warning Signals: Unknown meeting invitations, "urgent authorization" emails, and unusually large withdrawal requests should all be verified offline.
