A current report from the Multilateral Sanctions Monitoring Group (MSMT), a gaggle fashioned by a number of United Nations member states, has claimed in a current report that the Democratic Individuals’s Republic of Korea (DPRK) has stolen not less than $2.8 billion in cryptocurrency hacks because the starting of 2024.
The report claims that crypto heists have “accounted for approximately one-third of the DPRK’s total foreign currency revenue in 2024.”
MSMT was aided in its evaluation by Chainalysis and Mandiant, and this complete for the heists consists of those who MSMT thought it might attribute to North Korea “with a high degree of certainty.”
The most important of those hacks was the February 2025 compromise of Bybit, a crypto alternate that noticed roughly $1.46 billion stolen from its coffers.
Many different giant heists have been additionally crypto exchanges, together with DMM Bitcoin, which had roughly $308 million stolen, and WazirX, which misplaced roughly $235 million.
There are additionally a wide range of giant DeFi hacks included on this evaluation, together with:
PlayDapp, which noticed $290 million stolen
Radiant Capital that had $50 million stolen
UwU Lend, which misplaced $19.3 million
Nevertheless, it’s not clear that the report has appropriately recognized all of those thefts as coming from North Korea.
1. Swissborg (“Swissbord”)—which stemmed from a compromise of Kiln keys—was not DPRK.
There are not any DPRK indicators onchain or offchain.
Laundering is totally completely different.
It is an lively case—and never DPRK—so I am unable to touch upon attribution past that. pic.twitter.com/Ch1XzqJ8tb
— Tay 💖 (@tayvano_) October 22, 2025
Taylor Monahan, a safety researcher within the cryptocurrency house, challenged a number of of the report’s characterizations on X.
Monahan advised that SwissBord (Swissborg), Zoth, PrismaFi, and UwU Lend weren’t associated to North Korea in her opinion.
She moreover identified that it attributed the 2024 BTCTurk hack to North Korea, when it was BTCTurk’s 2025 hack that was truly North Korea. The 2024 hack was tied to Russia.
These contentious classifications counsel that the top-line quantity introduced within the report might overstate the quantity that North Korea has made on this interval from these hacks.
