{"@context":"https://neupai.io/schema/v0.2","@type":"StructuredNewsArticle","identity":{"article_id":"tech42_20260512_north-korea-hackers-offline-infiltration","canonical_url":"https://www.tech42.co.kr/%eb%b6%81%ed%95%9c-%ed%95%b4%ec%bb%a4-%eb%94%94%ec%a7%80%ed%84%b8%ec%9e%90%ec%82%b0-%ea%b3%b5%ea%b2%a9%eb%8f%84-%ec%98%a4%ed%94%84%eb%9d%bc%ec%9d%b8-%ec%b9%a8%ed%88%ac%eb%a1%9c/?utm_source=rss&utm_medium=rss&utm_campaign=%25eb%25b6%2581%25ed%2595%259c-%25ed%2595%25b4%25ec%25bb%25a4-%25eb%2594%2594%25ec%25a7%2580%25ed%2584%25b8%25ec%259e%2590%25ec%2582%25b0-%25ea%25b3%25b5%25ea%25b2%25a9%25eb%258f%2584-%25ec%2598%25a4%25ed%2594%2584%25eb%259d%25bc%25ec%259d%25b8-%25ec%25b9%25a8%25ed%2588%25ac%25eb%25a1%259c","ai_url":null,"publisher":{"name":"테크42","domain":"www.tech42.co.kr","type":"online"},"author":"김한수 기자","published_at":"2026-05-12T23:58:34.000Z","updated_at":null,"language":"en","article_type":"analysis","originality":"self_produced"},"content":{"headline":"North Korean Hackers Evolve Digital Asset Attacks to 'Offline Infiltration'","summary":"North Korean-linked hacker organizations are expanding their digital asset attack methods from exploiting code vulnerabilities to social engineering, supply chain infiltration, and offline relationship building. According to a CertiK report, 60% of virtual asset hacking damages in 2025 were caused by North Korean-linked attacks.","topics":["cybersecurity","north korea","cryptocurrency","hacking"],"geography":["KR","KP","US"],"entities":[{"name":"CertiK","canonical_id":"corp:us:certik","type":"company","role_in_article":"primary_subject","metadata":{"ticker":null,"parent":null}},{"name":"Bybit","canonical_id":"corp:ae:bybit","type":"company","role_in_article":"mentioned","metadata":{"ticker":null,"parent":null}},{"name":"Ronin","canonical_id":"product:kr:ronin-bridge","type":"product","role_in_article":"mentioned","metadata":{"ticker":null,"parent":null}},{"name":"Drift Protocol","canonical_id":"product:us:drift-protocol","type":"product","role_in_article":"mentioned","metadata":{"ticker":null,"parent":null}},{"name":"Stefan Mühlbauer","canonical_id":"person:us:stefan-muehlbauer","type":"person","role_in_article":"quoted","metadata":{"ticker":null,"parent":null}}],"claims":[{"id":"c1","statement":"North Korean hacker organizations have stolen approximately $6.75 billion worth of digital assets through 263 attacks since 2016","as_of":"2026-05","as_of_explicit":false,"as_of_raw":"to date","source_type":"research_paper","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c2","statement":"In 2025, North Korean-linked attacks accounted for only about 12% of global hacking incidents by number, but the stolen amount reached $2.06 billion","as_of":"2025","as_of_explicit":true,"as_of_raw":"in 2025","source_type":"research_paper","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c3","statement":"The 2025 North Korean-linked attack theft amount corresponds to approximately 60% of the entire virtual asset industry's damages in the same year","as_of":"2025","as_of_explicit":true,"as_of_raw":"in the same year","source_type":"research_paper","comparison":"same_period","type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c4","statement":"The Bybit hacking incident that occurred in 2025 caused damages of approximately $1.5 billion, recorded as the largest single hacking incident in industry history","as_of":"2025","as_of_explicit":true,"as_of_raw":"in 2025","source_type":"research_paper","comparison":"all_time_high","type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c5","statement":"More than 86% of the funds stolen in the Bybit incident were laundered and transferred within a month through mixers, cross-chain bridges, decentralized exchanges (DEX), and over-the-counter (OTC) networks","as_of":"2025","as_of_explicit":false,"as_of_raw":"within a month","source_type":"research_paper","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c6","statement":"As of early 2026, digital asset damages confirmed to be caused by North Korean hackers reached approximately $620.9 million, accounting for about 55% of global total damages","as_of":"2026-H1","as_of_explicit":true,"as_of_raw":"as of early this year","source_type":"research_paper","comparison":"same_period","type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c7","statement":"The 2022 Ronin bridge hacking incident caused damages amounting to $625 million","as_of":"2022","as_of_explicit":true,"as_of_raw":"in 2022","source_type":"research_paper","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c8","statement":"The 2026 Drift Protocol incident damages were calculated at $285 million","as_of":"2026","as_of_explicit":true,"as_of_raw":"in 2026","source_type":"research_paper","comparison":null,"type":"fact","figures":null,"expiry_hint":null,"insight":null},{"id":"c9","statement":"A waiting period of 24-72 hours should be applied to large withdrawal requests to secure time for security teams to detect and block suspicious transactions","as_of":"2026-05","as_of_explicit":false,"as_of_raw":"May 2026","source_type":"research_paper","comparison":null,"type":"opinion","figures":null,"expiry_hint":null,"insight":null}],"ai_emotional_context":{"valence":0,"arousal":0,"primary_emotions":[],"secondary_emotions":[],"emotional_triggers":[]}},"provenance":{"source_chain":["primary_reporting"],"original_source_url":null,"related_articles":[]},"temporal":{"freshness":"recent","next_update_expected":null},"access":{"license":"neupai_standard","attribution_required":true,"structured_data":"free","full_text_available":false,"full_text_access":null}}