CrowdStrike Report: $2.02B DPRK-Nexus Digital Theft Highlights 51% Surge
CrowdStrike released its 2026 Financial Services Threat Landscape Report, revealing DPRK-nexus actors stole $2.02 billion in digital assets in 2025, a 51% year-over-year increase. The report also noted global hands-on-keyboard intrusions rose 43% and North America saw a 48% jump, underscoring escalating cyber risk that could drive demand for CrowdStrike’s Falcon platform.
1. Release of 2026 Financial Services Threat Report
CrowdStrike released its 2026 Financial Services Threat Landscape Report detailing trends and tactics used against banks, fintechs and exchanges over the past year. The report draws on frontline intelligence from more than 280 tracked adversary groups to quantify the scale and complexity of attacks on digital asset holdings.
2. Key Findings on DPRK-Nexus Activity
The report shows DPRK-nexus actors drove a 51% year-over-year rise in digital asset theft in 2025, stealing $2.02 billion across the sector. PRESSURE CHOLLIMA carried out a $1.46 billion cryptocurrency heist via trojanized software in a supply chain compromise, representing the largest financial theft ever recorded.
3. AI-Driven Attacks Escalate
Adversaries such as FAMOUS CHOLLIMA and STARDUST CHOLLIMA used AI-generated identities and synthetic video environments to double and triple their intrusion efforts. These AI-powered deceptions enabled faster reconnaissance and credential theft, allowing attackers to bypass legacy defenses more effectively.
4. Implications for CrowdStrike
With global hands-on-keyboard intrusions up 43% and North America up 48%, the report highlights intensifying cyber risk in financial services. This escalation could bolster demand for CrowdStrike’s cloud-native Falcon platform and AI-driven threat hunting capabilities as institutions seek stronger defenses.