$2.2 billion worth of cryptocurrency was stolen from various platforms in 2024, Chainalysis’s 2025 Crypto Crime Report revealed. Of this sum, $1.34 billion was stolen by hackers affiliated with North Korea, in 47 hacking incidents (out of 303).
Most targeted organizations
Between 2021 and 2023, decentralized finance (DeFi) platforms were the main targets of crypto hacks, but in the second and third quarters of 2024, centralized services were the most targeted.
Funds stolen between January and November 2024 – by type of compromise (Source: Chainalysis)
“This shift in DeFi’s focus toward centralized services highlights the growing importance of security mechanisms commonly exploited in hacks, such as private keys. For centralized services, ensuring the security of private keys is essential, as they control access to user assets,” Chainalysis note.
“Since centralized exchanges manage large sums of user funds, the impact of a private key compromise can be devastating; just look at the $305 million DMM Bitcoin hack, which is one of the largest crypto exploits to date, and may be due to poor private key management or a lack of adequate security.
North Korean hackers: a cryptographic scourge
Crypto attacks from the DPRK are becoming more frequent, the company found, and they are becoming more successful in stealing larger sums (more than $100 million in cryptocurrency).
Not that they avoid spending time and effort on targets that can yield more modest sums: “The DPRK’s dominance at the top of the exploitation scale continued into 2024, but we observe also an increasing density of hacks from the DPRK for lower amounts, notably around $10,000. in value,” according to Chainalysis.
“Some of these events appear to be linked to North Korean computer scientists, who are increasingly infiltrating crypto and Web3 companies and compromising their networks, operations and integrity. These workers often use sophisticated tactics, techniques, and procedures (TTPs), such as false identities, hiring third-party intermediaries, and manipulating remote work opportunities to gain access.
Stronger defenses are needed
Chainalysis urges companies to prioritize employment due diligence, implement rigorous private key hygiene, and leverage existing detection technologies to prevent and mitigate attacks.
They also call for better collaboration between the public and private sectors on data sharing initiatives, real-time security solutions, advanced tracing tools and targeted training.
