North Korean $2.83B Crypto Theft Sparks Laundering Crackdown
Since January 2024, North Korean crypto theft has reached $2.83 billion, with $1.64 billion stolen in the first nine months of 2025, according to a Multilateral Sanctions Monitoring Team (MSMT) report. This surge in North Korean crypto theft comes amid growing reliance on international laundering channels. The largest incident occurred in February 2025 when the TraderTraitor group exploited Bybit’s SafeWallet multi-signature system via phishing and malware.
North Korean hackers typically target third-party providers rather than exchanges directly, as demonstrated by CryptoCore and Citrine Sleet’s $63 million Munchables Web3 supply-chain hack. Stolen funds are processed through a nine-step laundering network: assets convert to ETH on decentralized exchanges, pass through mixers like Tornado Cash and Wasabi Wallet, shift to BTC across bridging platforms, undergo further mixing, then convert to TRX and finally to USDT for OTC sales. MSMT identifies key facilitators, including Shenzhen Chain Element employees, Russian intermediaries, and Cambodia’s Huione Pay.
The report warns that North Korean crypto theft undermines sanctions and calls on UN member states to bolster cybersecurity measures and revive oversight panels.
Bearish
The news of a $2.83 billion theft and its intricate nine-step laundering network is likely to dent confidence in major cryptocurrencies like ETH and BTC. In the short term, traders may reduce exposure to decentralized exchanges and mixing services, triggering sell-offs and price pressure. Heightened regulatory scrutiny and potential sanctions on service providers could tighten liquidity, further weighing on prices. Over the long term, enhanced security protocols and oversight may restore stability, but persistent concerns over asset safety will keep market sentiment cautious.