Meet the Top 101 in Crypto
Security
2 min read

North Korea’s Lazarus Implicated in $22M Crypto Heist at Lykke Exchange

Published 18 August 2025
James Morales
Authors
Edited by Ryan James

Key Takeaways

  • Hackers targeted Lykke in June 2024.
  • The attack resulted in crypto theft worth more than $22 million.
  • U.K. authorities have blamed the incident on North Korean hackers.

In June 2024, hackers lifted over $22 million worth of Bitcoin and Ether from the U.K.-registered cryptocurrency exchange Lykke. 

A year later, the Office of Financial Sanctions Implementation (OFSI) has attributed that attack to “malicious [Democratic People’s Republic of Korea] cyberactors.” In other words, Lazarus strikes again.

Top iGaming Casinos
Sponsored
Disclosure
Opened in 2023
Promotions
200% deposit bonus up to 20,000 USDT + up to 100 FS (promo code: CG100)
Coins
Tether Bitcoin Ethereum USD Coin TRON +7
Opened in 2021
Promotions
Casino No Wagering 100 Free Spins
Coins
Bitcoin Tether USD Coin Ethereum Solana +11
Opened in 2018
Promotions
500% Welcome Bonus up to $90,000 + 100 Free Spins
Coins
Bitcoin Ethereum Litecoin Tether Dogecoin +3
Show More

Fallout From Lykke Hack

While crypto exchanges have survived worse, as they are relatively small exchanges, Lykke was ill-prepared to recover from losing customer funds.

The platform officially shut down in December, and Lykke was liquidated in March following legal action by a group of creditors.

The OFSI mentioned the incident in a report highlighting the threat of Lazarus and associated groups.

“It is likely that hackers associated with the DPRK will continue to attempt to compromise systems and steal assets,” from crypto firms, it warned.

Lazarus Crypto Spoils Grow

While the North Korean group has a broad range of victims, since 2017, Lazarus has increasingly targeted cryptocurrency exchanges and DeFi projects, which have collectively lost billions of dollars to the hackers.

Law enforcement agencies and blockchain security firms have traced some of the biggest hacks in recent years to the group.

Its most profitable heists include the $625 million Ronin Network exploit, the theft of tokens worth $530 million from Coincheck, and the record-breaking $1.46 billion ByBit hack.

Small Platforms Vulnerable

The Lykke affair highlights how vulnerable smaller platforms are when faced with the resources of state-backed hackers. 

Unlike giants that can absorb losses and tighten security, mid-tier and boutique exchanges risk collapse from a single breach—as Lykke’s liquidation shows.

James Morales

James Morales is CCN’s blockchain and crypto policy reporter. He has been working in the news media since 2020, writing about topics such as payments, banking and financial technology. These days, he likes to explore the latest blockchain innovations and the evolving landscape of global crypto regulation.

With an educational background in social anthropology and media studies, James uses his platform as a journalist to explore how new technologies work, why they matter and how they might shape our future.

Related

Survey Icon
Help us improve
1 of 4
Is this your first time here?
What brought you here today?
What are you most interested in?
Would you be interested in:
Thank you icon
Thank you for your feedback!
DMCA.com Protection Status