Crypto Crime Escalates: Chainalysis Data Shows Over $3.4 Billion Stolen This Year
In a recent crypto crime report, blockchain intelligence firm Chainalysis has uncovered a troubling trend in crypto theft. As of now, over $3.4 billion worth of digital assets has been stolen, surpassing the total amount reported in the previous year. Notably, North Korean hackers have been implicated in the majority of these thefts.
Crypto Theft Escalates
The report, published on Thursday, highlights significant alterations in how these thefts are occurring. One alarming statistic shows that compromises of personal wallets have surged, escalating from just 7.3% of the overall stolen value in 2022 to a staggering 44% in 2024.
Even if the Bybit attack hadn’t dramatically skewed the figures, the share for 2025 would still stand at 37%. Meanwhile, centralized services are facing increasing losses due to private key compromises.
Although such compromises are comparatively infrequent, their scale often accounts for a vast majority of stolen volumes. In fact, private key compromises were responsible for an overwhelming 88% of losses in the first quarter of the year.
Chainalysis also noted a stark escalation in the scale of these attacks, with the ratio between the largest hack and the median of all incidents exceeding 1,000 times for the first time in 2025.
This implies that funds taken in the largest hacks are now 1,000 times greater than those stolen in typical incidents—a worrying trend that eclipsed even the peak activity during the 2021 bull market.
Record-Breaking Year For DPRK Theft
The Democratic People’s Republic of Korea (DPRK) continues to be the most formidable nation-state threat to cryptocurrency security, claiming a record year for digital asset theft despite a substantial decrease in the reported frequency of attacks.
In 2025, North Korean hackers reportedly stole at least $2.02 billion in cryptocurrency, signifying a 51% increase from the previous year. This is the highest value ever recorded for DPRK-related crypto theft, with these attacks contributing to a record 76% of all service compromises.
The rise in stolen funds can be attributed in part to the DPRK’s tactics. Cybercriminals linked to the regime have increasingly embedded IT workers within cryptocurrency services, allowing them privileged access to high-impact compromises.
However, a notable evolution in strategy has emerged: DPRK operatives are now impersonating recruiters for well-known Web3 and artificial intelligence (AI) firms.
This approach involves orchestrating fake hiring processes, which culminate in technical screenings intended to harvest sensitive credentials, source code, and access to systems at current employers.
158,000 Cases Logged In 2025
In a significant finding, the report indicates that personal wallet compromises in 2025 accounted for 20% of the total value stolen. This marks a decline from 44% in 2024, reflecting an evolution in the types and scales of attacks.
The number of theft incidents skyrocketed to 158,000 in 2025, a threefold increase from the 54,000 recorded in 2022, while unique victims surged from 40,000 to at least 80,000 in the same timeframe.
Despite this increase in incidents and victims, the total value stolen from individual victims has decreased from $1.5 billion in 2024 to $713 million in 2025. This suggests a shift in focus, where attackers target a larger number of users but steal smaller amounts per person.
Featured image from DALL-E, chart from TradingView.com
About The Author
