The collapse of Lykke, a UK-registered cryptocurrency exchange founded in 2015, has become one of the most dramatic failures linked to state-sponsored hacking.
Once known for offering zero-fee trading, the firm was forced to shut down after cybercriminals stole £17 million ($23 million) in Bitcoin, Ethereum and other assets, an attack traced to North Korea’s Lazarus Group.
The breach struck in March 2024, crippling the platform’s operations.
Trading was immediately suspended, and by December Lykke confirmed it would not resume services.
In March 2025, a British court ordered the company into liquidation, appointing Interpath Advisory to oversee remaining assets.
The ruling followed lawsuits from more than 70 users demanding refunds worth £5.7 million.
Richard Olsen, Lykke’s Swiss founder and a great-grandson of banker Julius Baer, was declared bankrupt in January 2025.
His collapse followed mounting losses and the liquidation of the Swiss parent company.
Reports in Switzerland confirmed criminal investigations are ongoing into the hack and how the stolen assets were moved.
The UK Treasury’s Office of Financial Sanctions Implementation (OFSI) attributed the theft to “malicious cyber actors” from North Korea.
Whitestream, an Israeli blockchain research firm, also connected the crime to Lazarus, reporting that attackers laundered the stolen funds through two other cryptocurrency firms.
By converting Ether into DAI stablecoins and distributing Bitcoin across multiple wallets, the group masked the trail and bypassed anti-money laundering controls.
If attribution is confirmed, analysts say the theft marks the largest known crypto heist against a UK-registered exchange by North Korean operatives.
Lazarus has been linked to billions in global crypto thefts used to support Pyongyang’s weapons programmes.
One UK Treasury note warned,
"They’re not just stealing directly."
It added that the group has also used fake online jobs and AI-generated identities to infiltrate firms.
Lykke’s downfall has also fuelled scrutiny of unlicensed exchanges.
UK regulators had previously warned the firm was not authorised to offer financial services.
Following the collapse, legal experts highlighted the gap in protections for retail users who trusted the platform.
Despite close cooperation between UK and Swiss authorities, the stolen £17 million remains out of reach.
Some cybersecurity experts caution that attributing the attack to state-backed actors requires ongoing monitoring, noting the complexity of global crypto laundering networks.
For affected customers still seeking refunds, the case has become another reminder of the fragile protections in the fast-growing digital asset market.
The first television debate of the 2024 U.S. presidential election ended today. Online predictions gave a high probability that Trump would win. After Trump was elected, China should re-examine the issue of cryptocurrency.
WenJunDespite the decline, Binance remains the top exchange in many sectors.
AlexThe crash also triggered a general rout in the crypto space, with more than US$1B in liquidations
ClementThe Japanese branch of the failed crypto exchange will start processing withdrawals as of February 21.
cryptopotatoCrypto Broker, Voyager, has decided to resume its cash withdrawals on its app. Users shall be able to make cash ...
BitcoinistThe lending firm said clients with U.S. dollars in their accounts could withdraw up to $100,000 in a 24-hour period, with the funds received in 5–10 business days.
CointelegraphPer a Bloomberg report, North Korean-backed hackers might be stepping up their efforts and attack vectors against the crypto industry. ...
BitcoinistCrypto exchange, CoinFLEX might not lift the ban on user withdrawals just yet. The exchange had put a halt to ...
BitcoinistCoinFlex CEO Mark Lamb said the exchange needs more time to reopen its platform for user withdrawals.
CointelegraphCoinFlex CEO Mark Lamb said more time was needed before the exchange can reopen its platform for user withdrawals.
Cointelegraph