tl;dr
South Korea has confirmed that North Korea was responsible for the theft of 342,000 Ethereum tokens worth $41.5 million from the Upbit crypto exchange in 2019. The theft, now valued at 1.47 trillion Won, is one of the largest cryptocurrency heists attributed to North Korea. The National Police Agenc...
Based on the provided request, here is the -formatted article summary:
South Korea confirms North Korea's involvement in the theft of 342,000 Ethereum tokens from Upbit crypto exchange, worth approximately $41.5 million.
- National Investigation Headquarters of South Korea's National Police Agency identifies North Korean hacking groups Lazarus and Andariel as orchestrators of the attack.
- Perpetrators exchange 57% of stolen Ethereum for Bitcoin on North Korean-operated exchanges and launder remaining Ethereum across 51 overseas exchanges.
- South Korean authorities recover 4.8 Bitcoin, worth around 600 million won, and return the funds to Upbit in October 2024.
- North Korea increasingly targets crypto firms with sophisticated methods, prompting the need for heightened cybersecurity measures.
- South Korean authorities officially link North Korea to a major cryptocurrency heist, highlighting vulnerabilities and inadequate regulatory compliance in the industry.
South Korea has confirmed that North Korea was responsible for the theft of 342,000 Ethereum tokens worth $41.5 million from the Upbit crypto exchange in 2019. The theft, now valued at 1.47 trillion Won, is one of the largest cryptocurrency heists attributed to North Korea. The National Police Agency of South Korea identified two North Korean hacking groups, Lazarus and Andariel, as the orchestrators of the attack. The groups are linked to North Korea’s Reconnaissance General Bureau. The investigation utilized digital forensics and identified linguistic traces of North Korean vocabulary, strengthening the case against North Korea. The FBI provided additional evidence linking the attack to North Korea. Following the theft, the perpetrators exchanged a majority of the stolen Ethereum for Bitcoin on exchanges believed to be operated by North Korea. Some of the stolen cryptocurrency was later recovered in Switzerland and returned to Upbit in October 2024. North Korea’s involvement in cryptocurrency crimes is not new, with reports indicating a shift in tactics, including increased targeting of crypto firms through phishing campaigns and supply chain attacks. This development highlights the need for enhanced cybersecurity measures in the industry. The confirmation of North Korea’s involvement in the Upbit hack underscores the vulnerabilities facing the cryptocurrency industry, including external threats from state-sponsored hackers and internal risks related to regulatory compliance. South Korea’s Financial Intelligence Unit raised concerns about inadequate user verification systems at Upbit, citing over 600,000 potential KYC violations. Improved oversight and stricter enforcement of anti-money laundering measures could help prevent future attacks and ensure a safer trading environment. Upbit is also under antitrust investigation by South Korea’s Fair Trade Commission for potential market dominance abuses.
According to local media, South Korea confirmed that North Korea was behind the theft of 342,000 Ethereum (ETH) tokens. The 2019 loot, worth approximately 58 billion Won or $41.5 million, was stolen from the Upbit crypto exchange. The stolen tokens, now valued at 1.47 trillion Won, represent one of the largest cryptocurrency heists attributed to North Korea.
NORTH KOREA’S INVOLVEMENT UNCOVERED
Per the report, the National Investigation Headquarters of South Korea’s National Police Agency announced on November 21 that two North Korean hacking groups, Lazarus and Andariel, orchestrated the attack. Both groups are known affiliates of North Korea’s Reconnaissance General Bureau, a state agency linked to cyber espionage and financial crimes. Investigators relied on a combination of digital forensics, including tracking IP addresses and analyzing the flow of stolen cryptocurrencies. The probe also identified linguistic traces of North Korean vocabulary.
“It was revealed that traces of the North Korean term ‘Heulhan Il’ (a word meaning ‘unimportant matter’) were found on the computer used in the attack at the time,” another local Korean media corroborated. This linguistic fingerprint, alongside other technical evidence, strengthened the case against North Korea. According to the report, the US Federal Bureau of Investigation (FBI) police also aided the investigation. They provided additional evidence linking the attack to North Korea.
Following the theft, the perpetrators exchanged 57% of the stolen Ethereum for Bitcoin on three cryptocurrency exchanges believed to be operated by North Korea. These transactions happened at prices 2.5% below market value, presumably to expedite the sale. They then distributed the remaining Ethereum across 51 overseas exchanges and laundered them to obscure its origins. Ethereum Price Performance. Source: BeinCrypto
In 2020, some of the stolen cryptocurrency was identified at a Swiss crypto exchange. After a four-year effort to prove its source to Swiss prosecutors, South Korean authorities recovered 4.8 Bitcoin (BTC), worth around 600 million won. The recovered funds were later returned to Upbit in October 2024.
CONCERNS OVER NORTH KOREA AND UPBIT WOES
Meanwhile, North Korea’s