USD
Binance Says AI Security Blocked Billions in Fraud Attempts
TL;DR
- North Korea-linked hackers accounted for most crypto theft losses in 2025.
- Binance said AI-powered tools prevented major fraud losses through March 2026.
- Social engineering, laundering networks and AI-driven scams shaped the security threat.
We’ve launched the all-new COIN360 Perp DEX, built for traders who move fast!
Trade 130+ assets with up to 100× leverage, enjoy instant order placement and low-slippage swaps, and earn USDC passive yield while climbing the leaderboard. Your trades deserve more than speed — they deserve mastery.
North Korea-linked hackers stole $2.06 billion in cryptocurrency in 2025, accounting for 60% of all crypto theft losses that year, according to CertiK’s Skynet analysis, while Binance said its AI-powered security tools prevented $10.53 billion in user losses from scams and fraud between early 2025 and March 2026.
CertiK said North Korea-linked groups have stolen $6.75 billion in cryptocurrency across 263 incidents since 2016, marking a sustained campaign against crypto platforms and decentralized finance. The findings described state-sponsored actors as the primary force in crypto crime and said DPRK-linked groups have moved from opportunistic exploits into coordinated campaigns targeting DeFi protocols.
The threat extended into 2026, with North Korean hackers accounting for 55% of global crypto losses since the start of the year. Taylor Monahan, the report author, identified social engineering as the “dominant attack vector,” including April’s $285 million Drift Protocol hack, where DPRK hackers spent six months infiltrating the DeFi platform by posing as a quantitative trading firm.
Laundering Networks Obscured Stolen Funds
North Korean hackers used a “large-scale laundering infrastructure” involving decentralized exchanges and cross-chain bridges to rapidly obscure stolen funds. CertiK said 86% of funds in one major case were laundered within one month, framing North Korea’s crypto theft as a “primary state revenue mechanism” as stolen assets moved through systems that continue to challenge enforcement efforts.
The $285 million Drift Protocol attack was described as 2026’s largest DeFi hack, but it remained smaller than the 2025 Bybit breach, where hackers extracted $1.46 billion in two transactions on February 21. Blockchain security firms said more than $1 billion of the Bybit funds had been laundered through the same cross-chain infrastructure highlighted by CertiK.
TRM Labs characterized North Korea’s crypto operations as an “industrial-scale” threat using “cyber activity, intelligence support, illicit finance infrastructure, and partnerships with overseas facilitators.” Researchers referred to the regime’s laundering network as the “Chinese Laundromat,” describing underground bankers, OTC brokers, money transmitters and trade-based laundering intermediaries.
U.S. authorities filed a civil forfeiture complaint last June targeting $7.7 million in cryptocurrency tied to North Korean IT worker laundering networks. Court documents showed that one wallet controlled by Sim Hyon Sop, a representative of North Korea’s sanctioned Foreign Trade Bank, received more than $24 million in cryptocurrency between August 2021 and March 2023.
CertiK recommended that at-risk firms adopt rigorous ID verification including video interviews, zero-trust hiring policies and “technical hardening” of DeFi infrastructure such as bridges and hot wallets. The recommendation followed findings that DPRK-linked attackers used identity-based infiltration and fast-moving laundering infrastructure to target crypto firms.
Binance Says AI Fraud Controls Reduced Losses
Binance said its AI-powered security tools helped prevent more than $10 billion in user losses from scams and fraud between early 2025 and March 2026. Binance said it protected more than 5.4 million users from fraud between the first quarter of 2025 and the first quarter of 2026 after rolling out more than 24 AI-driven initiatives and more than 100 models.
Binance said that over the 15 months through March 2026, its AI-integrated security systems blacklisted 36,000 malicious addresses. During the first quarter of 2026 alone, Binance said it “intercepted 22.9 million scam and phishing attempts,” saving $1.98 billion worth of user funds.
Binance said “AI-powered scams and exploits are accelerating,” adding that “the barrier to entry for scam perpetrators is falling fast, with AI accelerating the drop. What once required technical expertise can now be executed for next to nothing and at scale.” Binance also said “AI is amplifying social engineering at an unprecedented level, powering deepfakes, phishing bots, fake platforms, voice cloning and impersonation across chat applications, exploiting trust and urgency.”
Binance said it had implemented computer vision to detect fake payment proofs and real-time language analysis to identify scam patterns. Binance also said it used AI in identity verification to counter increasingly sophisticated deepfakes and synthetic identities, while “AI-driven decisioning now powers 57% of fraud controls, contributing to a 60%-70% reduction in card fraud rates compared to industry benchmarks.”
FAQ
Who accounted for most crypto theft losses in 2025?
North Korea-linked hackers accounted for 60% of all crypto theft losses.
What was the dominant attack vector?
Taylor Monahan identified social engineering as the “dominant attack vector.”
How much fraud did Binance say AI tools prevented?
Binance said AI-powered tools prevented $10.53 billion in user losses.
What security steps did CertiK recommend?
CertiK recommended video interviews, zero-trust hiring policies and technical hardening.
This article has been refined and enhanced by ChatGPT.
