🌅 A Record Year for Crypto Crime

Author

Sunrise Stat
April 17, 2026

$154 billion - The value of cryptocurrency sent to illicit wallet addresses in 2025.

Uncover the power of a single statistic: Sign up for Sunrise Stat to find your intellectual clarity.

SOURCE
WHAT TO KNOW

  • A recent report by blockchain data platform Chainalysis found 2025 was a record year for crypto crime, with $154 billion in value being sent to illicit wallet addresses, a 162% increase from the year prior that was primarily driven by a staggering 694% increase in funds received by internationally sanctioned entities (i.e., money laundering activity). The report describes a landscape that’s become increasingly professionalized in recent years as illicit organizations now operate large-scale technological infrastructure designed to help transnational criminal networks procure goods and services to launder illicit funds. Nonetheless, the report found less than 1% of all crypto transaction volume is attributed to illegal activity.

WHY IT MATTERS

  • North Korea is the world’s leading cryptocurrency security threat, accounting for just over $2 billion of the total $3.4 billion the industry lost to theft last year (of the funds stolen by North Korean hackers, $1.5 billion came in a single attack). Since 2016, groups backed by the North Korean government have stolen $6.75 billion in cryptocurrency, most often by embedding IT workers inside companies or using sophisticated impersonation tactics to target executives.

CONNECT THE DOTS

  • On April 1, a group of state-sponsored North Korean hackers capped off a six-month campaign by draining approximately $285 million from Drift, one of the world’s largest cryptocurrency trading platforms. In a statement confirming the attack, Drift described how the hackers slowly established a relationship of trust through months of communication and deep technical collaborations, including in-person meetings with third parties who weren’t North Korean nationals. The hackers executed the attack by slipping malicious code into a repository shared with a Drift employee in a common way by a supposedly trustworthy and known person. By targeting the human element of the opaque world of crypto, the hackers were able to steal the funds without ever having to compromise a single administrative password or key.