State-backed hackers infiltrated crypto projects via malware and social engineering, causing record losses this year.
Cryptocurrency losses tied to North Korea-backed hackers rose 51% year-over-year in 2025, reaching $280 million. The increase reflects escalating cyber threats targeting exchanges and developers through malware and social engineering scams.
In April, the Ethereum Foundation identified 100 DPRK-affiliated threat actors, while Drift Protocol reported a $280 million breach after collaborating with hackers posing as remote workers. The attackers met the team at an industry conference and deployed malware over six months.
The Drift Protocol team noted the hackers used intermediaries to build trust, avoiding direct involvement of North Korean nationals. Onchain investigators also documented similar schemes during the same period.