Chimamanda is a crypto enthusiast and experienced writer focusing on the dynamic world of cryptocurrencies. She joined the industry in 2019 and has since developed an interest in the emerging economy. She combines her passion for blockchain technology with her love for travel and food, bringing a fresh and engaging perspective to her work.
Key Notes
- North Korea’s Lazarus and Andariel groups were confirmed as the masterminds behind the 2019 Upbit hack.
- Over half of the stolen Ethereum was sold on North Korean-linked exchanges, with the rest laundered across 51 global platforms.
- The group has been linked to high-profile cybercrimes, including the $620 million Axie Infinity heist and 2014’s Sony Pictures hack. .
South Korean authorities have officially confirmed that the infamous North Korean hacking groups, including Lazarus and Andariel, were behind the 2019 cyberattack on Upbit, one of South Korea’s largest cryptocurrency exchanges.
The hack resulted in the theft of 342,000 Ethereum ETH $3 303 24h volatility: 2.7% Market cap: $398.46 B Vol. 24h: $19.80 B , valued at approximately $50 million at the time. This marks the first instance where South Korea’s investigative agencies have conclusively attributed a digital asset breach to North Korea.
Investigation Unveils North Korean Links
On Thursday, the country’s National Office of Investigation revealed that the perpetrators used sophisticated methods to steal funds from Upbit’s hot wallet, a digital storage system used for operational transactions. According to the report, investigators tracked crypto flows, analyzed IP addresses, and identified patterns in communications that pointed to North Korean origins.
The authorities said they worked together with the United States Federal Bureau of Investigation (FBI) during the investigation.
While the investigators refrained from disclosing details about the specific hacking techniques to prevent future copycat attacks, it was disclosed that 57% of the stolen ETH was sold on exchanges reportedly operated by North Koreans. As per the report, the remaining funds were disbursed through 51 foreign exchanges to obscure their origins.
The Lazarus Group has become infamous for its involvement in high-profile cybercrimes across industries. In 2022, the US government identified the group, alongside APT38, as the masterminds behind the massive $620 million theft from the Axie Infinity Ronin Network.
The FBI confirmed the findings, stating:
“Through our investigations, we were able to confirm Lazarus Group and APT38, cyber actors associated with [North Korea], are responsible for the theft.”
Lazarus first drew global attention in 2014 after allegedly hacking Sony Pictures Entertainment in retaliation for The Interview, a satirical movie mocking North Korean leader Kim Jong Un.
Over the years, the group has been linked to a string of major cybercrimes, including the global WannaCry ransomware outbreak and attacks on international banks and individual customer accounts. Their actions underline their reputation as one of the most prolific and sophisticated hacking entities on the global stage.
Upbit Under Scrutiny
Meanwhile, the confirmation of North Korea’s involvement coincides with intensified regulatory scrutiny of Upbit. A recent probe by the Financial Intelligence Unit (FIU) of South Korea’s Financial Services Commission uncovered over 600,000 potential Know Your Customer (KYC) violations by the exchange. Upbit allegedly accepted blurred identification cards, undermining proper user verification and raising compliance concerns.
The regulatory breaches could result in fines of up to $71,500 per infraction and may complicate the exchange’s business license renewal. These lapses highlight vulnerabilities in the crypto sector, where weak compliance measures can open doors for illicit activities.
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.