CertiK: North Korean hackers accounted for approximately 60% of digital asset thefts in 2025, with attack patterns shifting toward “offline infiltration”
7x24h News
CertiK: North Korean hackers accounted for approximately 60% of digital asset thefts in 2025, with attack patterns shifting toward “offline infiltration”
Web3 security firm CertiK has released its “Skynet North Korean Crypto Threat Report.” Data shows that, since 2016, North Korean hacker groups have stolen approximately $6.75 billion in digital assets. In 2025 alone, their thefts caused losses totaling $2.06 billion—nearly 60% of the global crypto industry’s annual total losses (including the $1.5 billion Bybit hack). As of early 2026, this threat trend continues, accounting for roughly 55% of total industry losses. The report highlights a fundamental shift in North Korean hackers’ attack patterns—from exploiting code vulnerabilities alone to deploying a state-level offensive framework combining social engineering, deep supply-chain attacks, and “physical infiltration.” In the recent Drift protocol incident, attackers spent six months infiltrating offline industry conferences, building trust through real financial transactions and interpersonal engagement before launching their attack. CertiK security experts warn that against such systemic threats, purely technical defenses are no longer sufficient. Crypto institutions must urgently adopt a comprehensive “zero-trust” hiring model, strengthen third-party supply chains, implement circuit-breaker mechanisms for fund transfers, and collaborate with specialized security firms to build an end-to-end defense system covering code audits, 24/7 risk monitoring, and on-chain anti-money laundering (AML) / KYT (Know Your Transaction) fund tracking.
Navigating Web3 tides with focused insightsTechFlow news: On May 12, Web3 security firm CertiK released its “Skynet North Korean Crypto Threat Report.” Data shows that since 2016, North Korean hacking groups have stolen approximately $6.75 billion in digital assets. In 2025 alone, losses from their thefts amounted to $2.06 billion—nearly 60% of the global crypto industry’s total annual losses (including the $1.5 billion Bybit hack). As of early 2026, this threat trend continues, accounting for roughly 55% of total losses.
The report emphasizes that North Korean hackers’ attack patterns have undergone a fundamental shift—from exploiting code vulnerabilities alone, to deploying a state-level attack framework integrating social engineering, deep supply-chain compromises, and even “physical infiltration.” In the recent Drift protocol incident, attackers spent six months infiltrating offline industry conferences, building trust through real-world capital investments and interpersonal interactions before launching their attack. CertiK security experts warn that against such systemic threats, purely technical defenses are insufficient. Crypto institutions must urgently adopt a comprehensive “zero-trust” hiring model, strengthen third-party supply chains, implement fund circuit-breaker mechanisms, and collaborate with specialized security firms to build an end-to-end defense system covering code audits, 24/7 risk monitoring, and on-chain anti-money laundering (AML) / KYT (Know Your Transaction) fund tracking.
