We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of cybersecurity researchers, writers, and editors continues to help readers maintain their online freedom in partnership with Kape Technologies PLC, which also owns the following products: Holiday.com, ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and detailed examination by the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of cybersecurity researchers, writers, and editors continues to help readers maintain their online freedom in partnership with Kape Technologies PLC, which also owns the following products: Holiday.com, ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and detailed examination by the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Report Reveals North Korean Hackers Have Stolen Over $2 Billion

Report Reveals North Korean Hackers Have Stolen Over $2 Billion
Author Image Andrea Miliani
Andrea Miliani Published on October 12, 2025 Cybersecurity Researcher

Researchers from the blockchain firm Elliptic have revealed that North Korea-linked hackers have stolen over $2 billion in cryptocurrencies this year. The report states that 2025 has already set a record for the largest sum in history, even before the year ends.

According to Elliptic’s announcement, the figures are not exact, but considering major thefts reported and confirmed this year, such as Bybit’s $1.5 billion hack — considered the largest heist in digital asset history — along with other recent attacks, the total amount stolen since January is estimated to have surpassed the $2 billion mark.

“Attributing cyber thefts to North Korea is not an exact science: Elliptic and other experts use a combination of blockchain analytics, observed laundering patterns, and intelligence sources to make an attribution,” states the report.

Beyond the Bybit theft, the experts analyzed more than 30 North Korea-linked incidents, including hacks targeting Seedify, LND.fi, and WOOX. Elliptic compared this year to 2022, the previous record year, when hackers stole $1.35 billion in crypto assets. The researchers also noted that in 2025, a growing number of individual crypto owners have fallen victim to scams.

“The majority of losses in 2025 have been suffered by crypto exchanges; however, an increasing number of victims are high-net-worth individuals,” wrote the researchers.

Elliptic emphasized that in most 2025 thefts, hackers have relied on social engineering strategies by manipulating crypto owners into disclosing information that grants access to their accounts, rather than exploiting technical vulnerabilities in exchanges.

“The weak point in cryptocurrency security is increasingly human, rather than technical,” states the report. “Despite these challenges, blockchain’s inherent transparency means that illicit activity does not go unnoticed.”

North Korean hackers have been primarily targeting exchanges and cryptocurrency owners, but other activities, such as the remote IT worker scheme — in which individuals posed as American workers using fake identities to secure employment at major companies — have also come under investigation.

About the Author

Andrea is a seasoned tech journalist with a growing passion for cybersecurity, covering cyberattacks, AI breakthroughs, and the latest trends shaping the future of technology.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

This field must contain more than 50 characters

The field content should not exceed 1000 letters

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Special characters are not allowed in the Name field

Please enter a valid email address