Mitrade Insights is dedicated to providing investors with rich, timely and most valuable financial information to help investors grasp the market situation and find timely trading opportunities.

2021

Best News & Analysis Provider

FxDailyInfo

2022

Best Forex Educational Resources Global

International Business Magazine

Insights

News

Cryptocurrencies

$6.75 billion stolen since 2016: CertiK flags North Korea as crypto's biggest theft threat

Source Cryptopolitan

The May 12 report by CertiK has put every crypto project and exchange on alert after the blockchain security firm pointed out the scale of the damage that North Korean hackers have masterminded since 2016. The results are in, and the picture is grim: an estimated $6.75 billion in cryptocurrency has been lost across 263 incidents.

Certik’s report landed just days after TRM Labs implicated North Korean actors for about 76% of the money lost to crypto hacks through April 2026. Just as in 2025 when they hit Bybit for $1.5 billion, DPRK actors were named in the KelpDAO and Drift Protocol hacks, two of the largest exploits in 2026.

CertiK: North Korea has become a $6.75B problem for the crypto industry. — DPRK hackers have become a problem for the crypto sector. Source: CertiK.

Most notably, neither of the reports from the security intelligence firms implied that crypto’s most persistent and costly adversary is slowing down. North Korea’s hackers are moving with better precision, causing far more losses in fewer incidents.

North Korean hackers cash bigger payouts on fewer attacks

According to CertiK’s report, North Korean-linked actors were behind just 12% of total crypto theft incidents and roughly 60% of all stolen value in 2025, which came up to $2.06 billion out of $3.4 billion in total losses.

2026 has started out on the same trajectory, with North Korean groups on the hook for 55% ($620.9 million) of the losses that projects have taken this year.

Counting the $285 million Drift Protocol breach on April 1 and the $292 million KelpDAO bridge exploit on April 18 alone, that’s 3% of incident count and 76% of loot stolen in 2026, according to TRM Labs.

North Korean actors are everywhere

Both TRM Labs and Certik cautioned that a big majority of North Korea-linked exploits are not even due to software vulnerabilities. Rather, they exploit people in old-fashioned social-engineering schemes.

“Most major DPRK operations begin with human manipulation, including fake job offers, VC impersonation, and malicious repositories,” CertiK stated in its report.

TRM Labs reported that North Korean proxies held in-person meetings with Drift employees before the breach. Between March 23 and March 30, the attacker exploited Solana’s durable nonce feature to get Drift’s multisig signers to pre-authorize transactions.

Come April 1, the protocol was drained in 31 withdrawals that took roughly 12 minutes.

The $1.5 billion Bybit hack in February 2025, the largest single crypto theft ever recorded, demonstrated that “even institutional-grade multisig wallets can be compromised by targeting trusted third-party infrastructure rather than smart contracts,” according to CertiK. The FBI attributed that attack to North Korea’s TraderTraitor group.

ZachXBT traced $16.58 million in direct crypto payroll payments to North Korean operatives posing as developers between January and July 2025, according to Cryptopolitan’s reporting.

CertiK’s latest report echoed the concern, stating that “DPRK operatives have infiltrated DeFi teams under false identities, in some cases directly enabling the theft of funds from within.”

The KelpDAO breach followed a different playbook. The attackers, TraderTraitor, a Lazarus Group-affiliated operation, exploited a single-verifier design flaw in a LayerZero bridge. After Arbitrum froze roughly $75 million of the stolen funds, the hackers pivoted to laundering through THORChain, converting stolen Ether (ETH) to Bitcoin (BTC), according to TRM Labs.

Since then, LayerZero has denied and issued a public apology, as reported by Cryptopolitan.

North Korean hackers follow similar exit routes

CertiK reported that within one month of the Bybit hack, 86.29% of stolen ETH was converted to Bitcoin using mixers, cross-chain bridges, decentralized exchanges, and over-the-counter brokers.

TRM Labs noted that THORChain processed the majority of proceeds from both the Bybit breach and the KelpDAO hack, “converting hundreds of millions in stolen ETH to Bitcoin with no operator willing to freeze or reject transfers.”

U.S. intelligence assessments have indicated that funds stolen by North Korean cyber operations support the country’s nuclear and ballistic missile programs, according to CertiK.

North Korea has denied involvement. A Foreign Ministry spokesperson called the allegations “absurd slander” spread by U.S. “government organs, reptile media organs and plot-breeding organizations,” according to Cryptopolitan’s May 4 report on Pyongyang’s rebuttal.

If you're reading this, you’re already ahead. Stay there with our newsletter.

Disclaimer: For information purposes only. Past performance is not indicative of future results.

Recommended Articles

Markets in 2026: Will gold, Bitcoin, and the U.S. dollar make history again? — These are how leading institutions think After a turbulent 2025, what lies ahead for commodities, forex, and cryptocurrency markets in 2026?

Author Insights

Dec 25, 2025

After a turbulent 2025, what lies ahead for commodities, forex, and cryptocurrency markets in 2026?

ECB Policy Outlook for 2026: What It Could Mean for the Euro’s Next Move With the ECB likely holding rates steady at 2.15% and the Fed potentially extending cuts into 2026, EUR/USD may test 1.20 if Eurozone growth proves resilient, but weaker growth and an ECB pivot could pull the pair back toward 1.13 and potentially 1.10.

Author Mitrade

Dec 26, 2025

With the ECB likely holding rates steady at 2.15% and the Fed potentially extending cuts into 2026, EUR/USD may test 1.20 if Eurozone growth proves resilient, but weaker growth and an ECB pivot could pull the pair back toward 1.13 and potentially 1.10.

My Top 5 Stock Market Predictions for 2026 Five 2026 market predictions written in a native, news-style voice: AI’s winners and losers, broader sector leadership, dividend demand, valuation cooling as the Shiller CAPE sits at 39 (Dec. 31, 2025), and quantum-computing bursts—while keeping all original facts and numbers unchanged.

Author Mitrade

Jan 06, Tue

Five 2026 market predictions written in a native, news-style voice: AI’s winners and losers, broader sector leadership, dividend demand, valuation cooling as the Shiller CAPE sits at 39 (Dec. 31, 2025), and quantum-computing bursts—while keeping all original facts and numbers unchanged.

Gold slumps below $4,700 on Trump rejection of Iran peace proposal Gold price (XAU/USD) falls to around $4,690 during the early Asian session on Monday. The precious metal attracts some sellers after US President Donald Trump rejected Iran’s latest peace offer to end the 10-week conflict choking the Strait of Hormuz, fanning inflation fears.

Author FXStreet

May 11, Mon

Gold price (XAU/USD) falls to around $4,690 during the early Asian session on Monday. The precious metal attracts some sellers after US President Donald Trump rejected Iran’s latest peace offer to end the 10-week conflict choking the Strait of Hormuz, fanning inflation fears.

Gold drifts higher to near $4,750 ahead of US CPI inflation release Gold price (XAU/USD) trades in positive territory around $4,750 during the early Asian session on Tuesday. The precious metal edges higher as traders assess developments in the United States (US)-Iran diplomacy and await key US inflation data, which is due later on Tuesday.

Author FXStreet

Yesterday 01: 16

Gold price (XAU/USD) trades in positive territory around $4,750 during the early Asian session on Tuesday. The precious metal edges higher as traders assess developments in the United States (US)-Iran diplomacy and await key US inflation data, which is due later on Tuesday.

Popular Symbols