3 World-Class Hackers That Make Crypto Investors Uneasy
Jakarta, Pintu News – The year 2025 will be one of the darkest periods in cryptocurrency history. Whereas previously crypto scams were mostly rug pulls or small scams, now attacks are evolving into large operations involving state actors. In just the first six months of this year, total losses due to crypto hacks reached Rp35.99 trillion ($2.17 billion).
The situation became even more alarming in September 2025, when 20 crypto-related incidents were recorded with a loss value of around Rp2.1 trillion ($127.06 million). This figure shows how digital attacks on crypto exchanges, blockchain projects, and financial institutions are increasingly organized, demanding serious attention at the government level.
Lazarus Group
Lazarus Group is widely recognized as the most dangerous hacker group in the world, with a track record of activity dating back to 2007. They once shook the public with the Sony Pictures attack in 2014 and spread the WannaCry ransomware in 2017. In recent years, Lazarus’ main focus has shifted to the cryptocurrency industry.
According to data, from 2021 to 2025 Lazarus has stolen over IDR 82.9 trillion ($5 billion) worth of crypto. Their biggest stunt was recorded in February 2025, when they hacked into the Bybit exchange and made off with IDR 24.8 trillion ($1.5 billion) in Ethereum (ETH). This case set a record for the largest crypto theft in history, and showed how the group operates like a state cyber army.
Also read: 3 Meme Coins that Have the Potential to Reach a Market Cap of Over $1 Billion by 2025
Gonjeshke Darande
Unlike Lazarus, Gonjeshke Darande or Predatory Sparrow is a group known to be politically motivated and believed to be associated with Israel. Their main targets are Iran’s digital systems, including crypto exchanges. In June 2025, they managed to breach the security of Nobitex, the largest exchange in Iran, and stole around Rp1.49 trillion ($90 million) before burning the assets.
Not only that, the group also publicly released Nobitex’s source code, damaging the exchange’s reputation and fueling distrust from users and partners. Gonjeshke’s track record is nothing short of horrific: they crippled Iran’s train system in 2021, attacked a steel plant in 2022, and broke into Bank Sepah in May 2025. This emphasizes that crypto has now become part of global geopolitical conflicts.
Also read: 5 Ways to Predict Crypto that Will Rise
UNC4899
Apart from Lazarus, North Korea also has another hacker unit called UNC4899. The Google Cloud Threat Horizons report said this group is under the command of the Reconnaissance General Bureau (RGB), the country’s main intelligence agency. Their operations focus on blockchain companies and crypto infrastructure through sophisticated methods such as supply chain attacks.
Between 2024 and 2025, UNC4899 was involved in a series of multi-million dollar crypto heists. They used a variety of techniques, from entrapment via Telegram with Docker malware, to stealing AWS cookies via LinkedIn to infiltrate cloud services. With these methods, they successfully copied billions of dollars worth of digital assets from their targets.
That’s the latest information about crypto. Follow us on Google News to get the latest crypto news about crypto projects and blockchain technology. Also, learn crypto from scratch with complete discussion through Pintu Academy and stay up-to-date with the latest crypto market such as bitcoin price today, xrp coin price today, dogecoin and other crypto asset prices through Pintu Market.
Enjoy an easy and secure crypto trading experience by downloading Pintu crypto app via Google Play Store or App Store now. Also, get a web trading experience with various advanced trading tools such as pro charting, various types of order types, and portfolio tracker only at Pintu Pro.
*Disclaimer
This content aims to enrich readers’ information. Pintu collects this information from various relevant sources and is not influenced by outside parties. Note that an asset’s past performance does not determine its projected future performance. Crypto trading activities have high risk and volatility, always do your own research and use cold cash before investing. All activities of buying and selling bitcoin and other crypto asset investments are the responsibility of the reader.
Reference:
- BeInCrypto. Crypto’s Most Wanted: 3 Hackers Driving the Digital Crime Wave. Accessed October 4, 2025.
- Featured Image: Generated by Ai
Latest News
© 2025 PT Pintu Kemana Saja. All Rights Reserved.
The trading of crypto assets is carried out by PT Pintu Kemana Saja, a licensed and regulated Digital Financial Asset Trader supervised by the Financial Services Authority (OJK), and a member of PT Central Finansial X (CFX) and PT Kliring Komoditi Indonesia (KKI). The trading of crypto asset futures contracts is carried out by PT Porto Komoditi Berjangka, a licensed and regulated Futures Broker supervised by BAPPEBTI, and a member of CFX and KKI. Crypto asset trading is a high-risk activity. PT Pintu Kemana Saja and PT Porto Komoditi Berjangka do not provide any investment and/or crypto asset product recommendations. Users are responsible for thoroughly understanding all aspects related to crypto asset trading (including associated risks) and the use of the application. All decisions related to crypto asset and/or crypto asset futures contract trading are made independently by the user.
