CrowdStrike has released its 2026 Financial Services Threat Landscape Report, warning that AI-powered cybercrime and state-backed hacking groups significantly intensified attacks against global financial institutions in 2025.
According to the report, hands-on-keyboard intrusions targeting the financial sector surged by 43% globally and 48% in North America over the past two years, as cybercriminals increasingly exploited trusted identities, SaaS platforms, and AI-generated deception techniques to bypass traditional security systems.
The cybersecurity firm revealed that DPRK-linked threat actors were responsible for a record $2.02 billion in digital asset theft in 2025, marking a 51% year-over-year increase. Among the most significant incidents was a reported $1.46 billion cryptocurrency theft attributed to PRESSURE CHOLLIMA, which used trojanized software distributed through a supply chain compromise.
The report also highlighted the growing use of artificial intelligence by cyber adversaries. Groups such as FAMOUS CHOLLIMA and STARDUST CHOLLIMA allegedly used AI-generated identities, fake recruiter personas, and synthetic video conferencing tools to infiltrate cryptocurrency exchanges, fintech companies, and consumer banks across North America, Europe, and Asia.
CrowdStrike further identified China-linked cyber espionage groups as a major threat to financial institutions worldwide. HOLLOW PANDA reportedly targeted organizations in the Philippines, Indonesia, and Brazil, while MURKY PANDA operated relay box networks across 36 countries affecting hundreds of organizations across multiple industries.
Meanwhile, ransomware and eCrime activity continued to escalate, with 423 financial organizations appearing on leak sites in 2025 — a 27% increase from the previous year. Threat actors such as MUTANT SPIDER and SCATTERED SPIDER were linked to phishing, vishing, and ransomware campaigns targeting banks and insurance firms.
According to Adam Meyers, AI has dramatically lowered the cost and speed of cyberattacks, forcing defenders to adopt AI-driven security and threat hunting capabilities to keep pace with increasingly sophisticated adversaries.
The report underscores the growing cybersecurity risks facing the global financial industry as AI becomes a central tool in both cyber defense and cybercrime operations.
