South Korea has officially confirmed that North Korean hackers were responsible for the theft of 342,000 Ethereum (ETH) from the crypto exchange Upbit in 2019. The stolen tokens, worth around 58 billion won ($41.5 million) at the time, are now worth 1.47 trillion won ($1.1 billion), making this attack one of the largest crypto thefts ever.
North Korea’s involvement revealed
South Korea’s National Investigation Headquarters said on November 21 that two hacking groups, Lazarus and Andariel, were behind the attack. Both groups are linked to North Korea’s Recognition General Bureau, a state agency known for cybercrime and espionage.
Advanced digital forensics allowed authorities to trace IP addresses and the flow of the stolen cryptocurrency. In addition, researchers discovered traces of North Korean language on the systems involved in the attack. An example of this is the term Heulhan Il, which means ‘unimportant matter’.
The case was further strengthened with support from the American FBI. Ultimately, it turned out that the hackers converted 57% of the stolen Ethereum into Bitcoin via three North Korean crypto exchanges, often at prices that were 2.5% lower than the market value. The remaining tokens were distributed to 51 foreign exchanges and laundered to disguise their origin.
Recovery of funds
In 2020, some of the stolen funds were traced to a Swiss crypto exchange. After a four-year legal effort, 4.8 Bitcoin (worth 600 million won) were recovered and returned to Upbit in October 2024.
Growing threat from North Korean hackers
This is not the first time North Korea has been accused of crypto crime. Hackers linked to the regime are notorious for their sophisticated techniques, including phishing and supply chain attacks. A recent investigation revealed a campaign called ‘Hidden Risk’, which used fake news about crypto to deceive victims via malicious PDF files.
However, the confirmation of North Korea’s involvement in the Upbit hack marks an important step in the fight against cybercrime. It is the first time that South Korea has officially linked a major crypto company to North Korean activities.
Upbit under fire
In addition to external threats, Upbit also faces internal problems. South Korea’s Financial Intelligence Unit has identified more than 600,000 possible KYC violations at the platform, raising questions about compliance with anti-money laundering measures. In addition, the South Korean Fair Trade Commission is investigating whether Upbit is abusing its dominant market position.
The attack on Upbit highlights the need for stricter regulations and improved security protocols. Only through better compliance and oversight can future attacks be prevented and the industry create a safer trading environment for investors.
Temporary promotion: receive €25 free at Bitvavo
To celebrate the price increase, the Dutch crypto exchange Bitvavo is offering an exclusive promotion in collaboration with Newsbit: all new customers temporarily receive €25 free when they create an account via the button below and deposit €20.
Claim your €25 free and create an account with Bitvavo
Don’t miss this opportunity to immediately benefit from the growing popularity of Crypto!
Source: https://newsbit.nl/noord-korea-stal-342-000-ethereum-van-upbit-bevestigt-zuid-korea/
