I’m thrilled to sit down with Dominic Jainy, a seasoned IT professional whose deep expertise in artificial intelligence, machine learning, and blockchain technology offers a unique perspective on the evolving landscape of cybersecurity. With a passion for uncovering how these technologies intersect with real-world challenges, Dominic is the perfect guide to help us understand the alarming rise of cryptocurrency thefts linked to North Korean hackers. In this conversation, we dive into the staggering $2 billion haul in 2025, the sophisticated tactics behind these attacks, the shift toward targeting individuals, and the innovative methods used to launder stolen funds. Let’s explore how these threats are reshaping the digital security landscape.
Can you give us a broad picture of the scale of cryptocurrency thefts by North Korean hackers in 2025?
Absolutely. This year, North Korean hackers have pulled off an unprecedented $2 billion in cryptocurrency thefts, and we’re only three-quarters through 2025. That’s a massive jump compared to last year, when the total was about a third of this amount, and it even surpasses the previous record of $1.35 billion set in 2022. The increase is largely due to a few high-profile heists, better coordination, and a shift in tactics. It’s clear they’ve honed their skills and are capitalizing on both technical and human vulnerabilities in ways we haven’t seen before.
What stands out to you about the massive $1.46 billion theft from Bybit in February?
The Bybit theft was a game-changer. That single event accounts for nearly three-quarters of the total stolen this year, which shows just how impactful a well-executed attack can be. It exposed critical gaps in exchange security, likely involving a mix of insider information and advanced hacking techniques. Exchanges like Bybit handle enormous transaction volumes, making them prime targets, but this breach highlighted how even major platforms can be caught off guard if they don’t constantly update their defenses.
Beyond Bybit, other platforms like LND.fi, WOO X, and Seedify were also targeted. Can you shed some light on these incidents?
Yes, these attacks are part of a broader pattern. While each incident varies in scale, they often share similar entry points—think phishing schemes or exploiting outdated security protocols. My team has linked over 30 hacks to North Korean actors this year alone, showing a relentless pace. These smaller platforms may lack the robust security budgets of larger exchanges, making them easier prey, but the cumulative damage is still staggering.
I’ve heard there’s a growing focus on high-net-worth individuals. Can you explain why they’re becoming targets?
That’s right. While exchanges remain a big focus, high-net-worth individuals are increasingly in the crosshairs because they often hold large crypto portfolios with less institutional-grade security. Hackers see them as low-hanging fruit—easier to manipulate through personalized scams. Unlike exchanges, which are beefing up defenses, individuals might not even realize they’re being targeted until it’s too late, making them an attractive new frontier for these attackers.
The methods of attack seem to be evolving. Can you walk us through what social engineering looks like in these crypto thefts?
Social engineering has become the go-to strategy. It’s all about tricking people rather than breaking systems. Hackers might pose as customer support, send fake urgent messages, or create convincing phishing emails to steal login details or private keys. They prey on trust and urgency, getting users to hand over access without realizing it. This shift from exploiting software bugs to human behavior shows that attackers are adapting to where the weakest link is—us.
With human error now seen as the biggest security gap, what does this mean for the cryptocurrency industry?
It’s a wake-up call. The industry has focused heavily on technical fixes, but if people remain vulnerable, no amount of code can fully protect assets. Users need education on spotting scams, using multi-factor authentication, and storing keys offline. Companies, meanwhile, should invest in training and stricter verification processes. This human factor isn’t going away anytime soon, but with proactive steps, we can reduce the risks significantly.
Let’s pivot to how these stolen funds are being hidden. What are some of the new laundering techniques North Korean hackers are using?
They’ve gotten incredibly crafty. They use multiple rounds of mixing, which is like shuffling funds through countless transactions to obscure the source. Cross-chain transactions move assets between different blockchains to break the trail. They’re also using lesser-known blockchains where tracking tools aren’t as developed, and even exploiting refund addresses to redirect funds to clean wallets. Some are creating their own tokens to trade and wash the money, making it a real cat-and-mouse game for analysts.
Looking ahead, what is your forecast for the future of cryptocurrency security and these state-backed cyber threats?
I think we’re in for a challenging few years. As blockchain tech grows, so will the sophistication of these threats, especially from state actors like North Korea who have the resources and motive to keep pushing boundaries. On the flip side, I expect the industry to respond with better tools for tracking and prevention, alongside stronger regulations. But it’ll be a race—security must evolve faster than the attackers, and international cooperation will be key to disrupting these operations before they spiral further out of control.