Elliptic assesses that North Korea-linked hackers have stolen more than $2 billion in cryptoassets in 2025, the largest annual total it has recorded, bringing known cumulative regime-linked theft above $6 billion. The total is driven heavily by the $1.46 billion Bybit theft, with other publicly attributed 2025 victims including LND.fi, WOO X, and Seedify, plus more than thirty additional hacks Elliptic attributes to North Korea. The report says the target mix now includes crypto exchanges and increasingly high-net-worth individuals, with social engineering becoming the dominant access method rather than exploitation of technical flaws alone. Laundering has grown more complex through multiple rounds of mixing and cross-chain movement, obscure blockchains, protocol utility-token purchases, refund-address abuse, and tokens issued by laundering networks. The finding matters for DPRK tracking because the stolen assets are assessed by the UN and government agencies as a funding source for North Korea’s nuclear and missile programs, while blockchain transparency still enables tracing and interdiction.