Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / BlockNinjaX /
North Korean Hackers Shift Tactics: From Infiltration to Launching Their Own Cryptocurrency Platforms in 2026

North Korean Hackers Shift Tactics: From Infiltration to Launching Their Own Cryptocurrency Platforms in 2026

Author:
BlockNinjaX
Published:
2026-02-20 18:43:01
9
3


North Korean cybercriminals are no longer just hacking crypto projects—they’re building their own. With a record $2 billion stolen in 2025 and tactics evolving, these hackers are now creating deceptive platforms like Tenexium to directly target users. This article dives into their new strategies, the alarming rise in crypto heists, and how investors can stay SAFE in an increasingly risky DeFi landscape.

How Are North Korean Hackers Adapting Their Crypto Strategies?

North Korean hackers have long been a thorn in the side of the cryptocurrency world, but their tactics are evolving. Gone are the days when they relied solely on infiltrating existing projects. Now, they’re launching their own platforms—like Tenexium—to lure unsuspecting users. According to Elliptic, these hackers stole nearly $2 billion in 2025 alone, with no signs of slowing down in 2026. Their methods? A mix of social engineering, sophisticated laundering techniques, and outright deception.

The Bybit Hack: A Turning Point for North Korean Cybercrime

The 2025 Bybit hack wasn’t just another heist—it was a game-changer. Nearly all of the stolen funds were laundered within six months using unprecedented methods: fake refund addresses, worthless tokens, and advanced mixing services. This $1 billion+ operation set a new standard for North Korean hackers, who’ve since maintained a relentless pace. By 2026, Elliptic reported a doubling in exploits compared to early 2025, with total damages potentially exceeding $6 billion. These funds are suspected to fuel North Korea’s nuclear and ballistic programs, adding a geopolitical twist to the financial chaos.

Are North Korean Hackers Launching Their Own Crypto Products?

Meet Tenexium: the first major crypto hack of 2026. This seemingly legitimate project on the Bittensor (TAO) network disappeared overnight, taking $2.5 million with it. Investigations suggest its “team” might have been North Korean operatives posing as developers—possibly even the founder. This case highlights a dangerous trend: hackers aren’t just stealing crypto; they’re creating entire ecosystems to scam users directly. As DeFi grows, so do the risks of interacting with unvetted platforms.

How Are Stolen Funds Being Laundered?

North Korean hackers have mastered the art of moving dirty money. After the Bybit breach, they employed a toolkit of laundering techniques that left investigators scrambling. Strategic use of refund addresses, sham tokens, and mixing services allowed them to clean over $1 billion swiftly. In 2026, their methods grew even more refined, with Elliptic noting a spike in complex transactions designed to obscure fund trails. For context, TradingView data shows suspicious activity spikes correlating with major hacks—proof that these groups are optimizing their cash-out strategies.

What Does This Mean for Crypto Security?

The rise of hacker-built platforms like Tenexium signals a new era of threats. Unlike traditional hacks targeting exchanges, these schemes prey on user trust in decentralized projects. The BTCC team emphasizes that while tech safeguards matter, human error remains the weakest link. Their advice? Stick to established DeFi hubs and verify teams thoroughly—because in today’s market, even a “neutral exchange protocol” could be a front for state-sponsored theft.

Can the Crypto Industry Fight Back?

Despite the sophistication of North Korean operations, their success often hinges on simple oversights: phishing clicks, unverified contracts, and FOMO-driven investments. While blockchain analytics firms like Elliptic are getting better at tracing stolen funds, prevention starts with users. As one analyst quipped, “If a project’s dev team won’t show their faces, maybe your wallet shouldn’t either.”

FAQs: North Korean Hackers and Crypto Threats in 2026

How much have North Korean hackers stolen in 2025-2026?

Elliptic reports $2 billion in confirmed hacks for 2025, with projections exceeding $6 billion total when including unrecovered funds.

What’s new about their tactics?

Instead of just hacking projects, they’re now creating fake platforms (e.g., Tenexium) to directly scam users.

Where do the stolen funds go?

Analysts suspect links to North Korea’s weapons programs, given the scale and laundering patterns.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2026 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.