{"@type":"StructuredNewsArticle","access":{"license":"neupai_standard","structured_data":"free","full_text_access":null,"full_text_available":false,"attribution_required":true},"content":{"claims":[{"id":"c1","type":"fact","as_of":"2026-05","figures":null,"insight":null,"as_of_raw":"to date","statement":"North Korean hacker organizations have stolen approximately $6.75 billion worth of digital assets through 263 attacks since 2016","comparison":null,"expiry_hint":null,"source_type":"research_paper","as_of_explicit":false},{"id":"c2","type":"fact","as_of":"2025","figures":null,"insight":null,"as_of_raw":"in 2025","statement":"In 2025, North Korean-linked attacks accounted for only about 12% of global hacking incidents by number, but the stolen amount reached $2.06 billion","comparison":null,"expiry_hint":null,"source_type":"research_paper","as_of_explicit":true},{"id":"c3","type":"fact","as_of":"2025","figures":null,"insight":null,"as_of_raw":"in the same year","statement":"The 2025 North Korean-linked attack theft amount corresponds to approximately 60% of the entire virtual asset industry's damages in the same year","comparison":"same_period","expiry_hint":null,"source_type":"research_paper","as_of_explicit":true},{"id":"c4","type":"fact","as_of":"2025","figures":null,"insight":null,"as_of_raw":"in 2025","statement":"The Bybit hacking incident that occurred in 2025 caused damages of approximately $1.5 billion, recorded as the largest single hacking incident in industry history","comparison":"all_time_high","expiry_hint":null,"source_type":"research_paper","as_of_explicit":true},{"id":"c5","type":"fact","as_of":"2025","figures":null,"insight":null,"as_of_raw":"within a month","statement":"More than 86% of the funds stolen in the Bybit incident were laundered and transferred within a month through mixers, cross-chain bridges, decentralized exchanges (DEX), and over-the-counter (OTC) networks","comparison":null,"expiry_hint":null,"source_type":"research_paper","as_of_explicit":false},{"id":"c6","type":"fact","as_of":"2026-H1","figures":null,"insight":null,"as_of_raw":"as of early this year","statement":"As of early 2026, digital asset damages confirmed to be caused by North Korean hackers reached approximately $620.9 million, accounting for about 55% of global total damages","comparison":"same_period","expiry_hint":null,"source_type":"research_paper","as_of_explicit":true},{"id":"c7","type":"fact","as_of":"2022","figures":null,"insight":null,"as_of_raw":"in 2022","statement":"The 2022 Ronin bridge hacking incident caused damages amounting to $625 million","comparison":null,"expiry_hint":null,"source_type":"research_paper","as_of_explicit":true},{"id":"c8","type":"fact","as_of":"2026","figures":null,"insight":null,"as_of_raw":"in 2026","statement":"The 2026 Drift Protocol incident damages were calculated at $285 million","comparison":null,"expiry_hint":null,"source_type":"research_paper","as_of_explicit":true},{"id":"c9","type":"opinion","as_of":"2026-05","figures":null,"insight":null,"as_of_raw":"May 2026","statement":"A waiting period of 24-72 hours should be applied to large withdrawal requests to secure time for security teams to detect and block suspicious transactions","comparison":null,"expiry_hint":null,"source_type":"research_paper","as_of_explicit":false}],"topics":["cybersecurity","north korea","cryptocurrency","hacking"],"summary":"North Korean-linked hacker organizations are expanding their digital asset attack methods from exploiting code vulnerabilities to social engineering, supply chain infiltration, and offline relationship building. According to a CertiK report, 60% of virtual asset hacking damages in 2025 were caused by North Korean-linked attacks.","entities":[{"name":"CertiK","type":"company","metadata":{"parent":null,"ticker":null},"canonical_id":"corp:us:certik","role_in_article":"primary_subject"},{"name":"Bybit","type":"company","metadata":{"parent":null,"ticker":null},"canonical_id":"corp:ae:bybit","role_in_article":"mentioned"},{"name":"Ronin","type":"product","metadata":{"parent":null,"ticker":null},"canonical_id":"product:kr:ronin-bridge","role_in_article":"mentioned"},{"name":"Drift Protocol","type":"product","metadata":{"parent":null,"ticker":null},"canonical_id":"product:us:drift-protocol","role_in_article":"mentioned"},{"name":"Stefan Mühlbauer","type":"person","metadata":{"parent":null,"ticker":null},"canonical_id":"person:us:stefan-muehlbauer","role_in_article":"quoted"}],"headline":"North Korean Hackers Evolve Digital Asset Attacks to 'Offline Infiltration'","geography":["KR","KP","US"],"ai_emotional_context":{"arousal":0,"valence":0,"primary_emotions":[],"emotional_triggers":[],"secondary_emotions":[]}},"@context":"https://neupai.io/schema/v0.2","identity":{"ai_url":null,"author":"김한수 기자","language":"en","publisher":{"name":"테크42","type":"online","domain":"www.tech42.co.kr"},"article_id":"tech42_20260512_north-korea-hackers-offline-infiltration","updated_at":null,"originality":"self_produced","article_type":"analysis","published_at":"2026-05-12T23:58:34.000Z","canonical_url":"https://www.tech42.co.kr/%eb%b6%81%ed%95%9c-%ed%95%b4%ec%bb%a4-%eb%94%94%ec%a7%80%ed%84%b8%ec%9e%90%ec%82%b0-%ea%b3%b5%ea%b2%a9%eb%8f%84-%ec%98%a4%ed%94%84%eb%9d%bc%ec%9d%b8-%ec%b9%a8%ed%88%ac%eb%a1%9c/?utm_source=rss&utm_medium=rss&utm_campaign=%25eb%25b6%2581%25ed%2595%259c-%25ed%2595%25b4%25ec%25bb%25a4-%25eb%2594%2594%25ec%25a7%2580%25ed%2584%25b8%25ec%259e%2590%25ec%2582%25b0-%25ea%25b3%25b5%25ea%25b2%25a9%25eb%258f%2584-%25ec%2598%25a4%25ed%2594%2584%25eb%259d%25bc%25ec%259d%25b8-%25ec%25b9%25a8%25ed%2588%25ac%25eb%25a1%259c"},"temporal":{"freshness":"recent","next_update_expected":null},"provenance":{"source_chain":["primary_reporting"],"related_articles":[],"original_source_url":null}}