Researchers from the blockchain firm Elliptic have revealed that North Korea-linked hackers have stolen over $2 billion in cryptocurrencies this year. The report states that 2025 has already set a record for the largest sum in history, even before the year ends.

According to Elliptic’s announcement, the figures are not exact, but considering major thefts reported and confirmed this year, such as Bybit’s $1.5 billion hack — considered the largest heist in digital asset history — along with other recent attacks, the total amount stolen since January is estimated to have surpassed the $2 billion mark.

“Attributing cyber thefts to North Korea is not an exact science: Elliptic and other experts use a combination of blockchain analytics, observed laundering patterns, and intelligence sources to make an attribution,” states the report.

Beyond the Bybit theft, the experts analyzed more than 30 North Korea-linked incidents, including hacks targeting Seedify, LND.fi, and WOOX. Elliptic compared this year to 2022, the previous record year, when hackers stole $1.35 billion in crypto assets. The researchers also noted that in 2025, a growing number of individual crypto owners have fallen victim to scams.

“The majority of losses in 2025 have been suffered by crypto exchanges; however, an increasing number of victims are high-net-worth individuals,” wrote the researchers.

Elliptic emphasized that in most 2025 thefts, hackers have relied on social engineering strategies by manipulating crypto owners into disclosing information that grants access to their accounts, rather than exploiting technical vulnerabilities in exchanges.

“The weak point in cryptocurrency security is increasingly human, rather than technical,” states the report. “Despite these challenges, blockchain’s inherent transparency means that illicit activity does not go unnoticed.”

North Korean hackers have been primarily targeting exchanges and cryptocurrency owners, but other activities, such as the remote IT worker scheme — in which individuals posed as American workers using fake identities to secure employment at major companies — have also come under investigation.