In 2024, crypto funds stolen increased by approximately 21.07% year-over-year (YoY) to $2.2 billion, and the number of individual hacking incidents increased from 282 in 2023 to 303 in 2024.
North Korean-linked cybercriminals stole a record $1.34 billion from cryptocurrency platforms in 2024, marking a 102.88% increase compared to the $660.5 million stolen in 2023, according to data from Chainalysis. These exploits, representing 61% of the total crypto theft for the year, were conducted across 47 incidents, highlighting North Korea’s growing dominance in high-value hacks.
The surge in crypto theft is tied to Pyongyang’s use of stolen digital assets to fund its weapons programs and circumvent international sanctions, posing a significant threat to global security. U.S. and international officials have warned that these activities bolster North Korea’s ballistic missile and weapons of mass destruction initiatives.
The intensity of North Korean cyberattacks escalated in the first half of 2024, with large-scale hacks occurring more frequently than in previous years. Notable incidents include the $305 million breach of Japanese exchange DMM Bitcoin in May, attributed to vulnerabilities in private key management. Following the attack, DMM Bitcoin announced its closure, transferring operations to SBI VC Trade.
Despite the early-year surge, hacking activity by North Korean groups slowed significantly in the latter half of 2024. Chainalysis attributes this decline partially to geopolitical factors, including a June summit between Russian President Vladimir Putin and North Korean leader Kim Jong Un. The meeting resulted in a mutual defense pact and Russia’s release of millions of dollars in frozen North Korean assets. Analysts speculate that Pyongyang may have redirected resources to support its alliance with Moscow, including military involvement in Ukraine.
Key attacks
Private key compromises were the leading attack vector in 2024, accounting for 43.8% of stolen assets. Hackers frequently laundered stolen funds through decentralized exchanges (DEXs), mixing services, and cross-chain bridges to obscure their tracks.
Emerging technologies, such as machine learning models developed by Hexagate—a Web3 security firm recently acquired by Chainalysis—are helping detect and mitigate such threats. However, experts stress that even advanced tools require proper implementation to prevent hacks.
The rise in crypto theft underscores the need for robust security measures and greater collaboration between private firms, law enforcement, and regulatory bodies. Strengthening defenses is critical not only for safeguarding individual assets but also for ensuring the long-term stability of the crypto ecosystem.
As the crypto industry continues to grapple with sophisticated threats, the focus on preventing attacks and maintaining accountability is likely to intensify, further shaping the sector’s regulatory and security landscape.
