North Korean hackers pull off the biggest heist of all time, stealing $1.5 billion in crypto

The group successfully walked away with $1.5 billion in cryptocurrencies—Ether, specifically—following a breach of Bybit, a Dubai-based exchange. That tops the previous record of $1 billion, which was set by Iraqi dictator Saddam Hussein, who took the money from his country's central bank ahead of the 2003 U.S.-Iraq war.

It’s also higher than the $1.3 billion total amount of crypto stolen by North Korean hackers in all of 2024. And it’s nearly triple the $660.5 million pilfered in 2023.

The attack, according to a report from Chainalysis, was launched via social engineering attacks, a type of cyberattack that tricks or manipulates people into giving away sensitive information by gaining the trust of workers at the exchange. The hackers have also employed intricate laundering methods, the report adds, making it harder to track the movement of the stolen funds.

All totaled, the hackers stole 410,000 Ether. While that was worth $1.5 billion at the time of the heist, the market has not worked in the hackers’ favor. Ether is down 27% year to date, and the value of those tokens, if the hacker collective or North Korea is still holding them, has fallen to $1 billion as of Wednesday morning.

That’s likely, as Chainalysis says “a notable portion of the stolen funds has remained idle across various addresses, a deliberate move often employed by North Korea–affiliated hackers. By delaying laundering efforts, they aim to outlast the heightened scrutiny that typically immediately follows such high-profile breaches.”

With North Korea’s economy faltering, Kim Jong-un, North Korea’s supreme leader, has increasingly turned to hackers to fund military and other operations. Chainalysis said the attack served as a “stark reminder” of the advanced tactics those hackers use and warned bigger heists could still be looming.