North Korea’s Lazarus cybercrime group has been accused of carrying out a £17 million cryptocurrency theft from British-registered exchange Lykke, an attack described as one of the largest to hit a UK-based digital asset company.
The claim was detailed in a recent report by The Telegraph, citing findings from the Office of Financial Sanctions Implementation (OFSI).
🔴 North Korea accused of £17m crypto heist that killed British start-uphttps://t.co/6yInIZna2U
— The Telegraph (@Telegraph) August 17, 2025
The breach, which occurred in 2023, saw hackers drain Bitcoin, Ethereum and other digital assets from Lykke’s platform. The company later confirmed losses of $22.8 million (£16.8 million) and froze trading, initially pledging to recover customer funds. By December, however, operations were permanently shut down, triggering legal battles from investors.
According to OFSI, the theft was attributed to “malicious Democratic People’s Republic of Korea cyberactors” operating on both Bitcoin and Ethereum networks. While the agency did not disclose intelligence sources, it said the assessment was made in coordination with law enforcement.
Blockchain research firm Whitestream separately tied the stolen assets to Lazarus, alleging they were funneled through cryptocurrency services with weak anti-money laundering safeguards. Other analysts cautioned that attribution remains contested, given the difficulty of tracing funds across anonymised blockchain channels.
Founded in 2015 by Swiss banker Richard Olsen, Lykke was headquartered in Zug, Switzerland, but registered in the UK. The platform gained early recognition for offering commission-free trading but came under regulatory scrutiny. In 2023, the Financial Conduct Authority issued a warning stating Lykke was not authorized to operate in Britain.
Following the hack, more than 70 investors sought compensation in UK courts. In March, a judge ordered Lykke’s liquidation, appointing Interpath Advisory to manage payouts, with customer claims totaling £5.7 million. Olsen, a descendant of Swiss banking dynasty Julius Baer, has since been declared bankrupt and is facing criminal investigations in Switzerland.
The Lazarus group has a track record of high-profile cryptocurrency raids. In 2020, derivatives exchange BitMEX reported that its staff were targeted in a phishing campaign allegedly linked to the same North Korean outfit.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
