South Korean authorities have officially confirmed that North Korean hackers were responsible for the Upbit exchange hack in 2019.
The Upbit hack, which resulted in the theft of 342,000 Ether (ETH), has now been attributed to the Lazarus Group and Andariel. The two notorious hacker groups are known for their sophisticated cyberattacks, often to fund the North Korean regime.
The stolen ETH, initially worth about $50 million, is estimated to be worth over $1 billion at the time of writing. Consequently, the Upbit hack is dubbed one of the largest cryptocurrency hacks of all time.
Unmasking the Perpetrators of the Upbit Hack
Meanwhile, the confirmation of North Korea’s involvement comes after a five-year investigation by South Korean authorities. Investigators meticulously tracked cryptocurrency flows, analyzed IP addresses, and identified linguistic traces of North Korean terminology to link the Upbit hack to the Lazarus Group and Andariel.
The Lazarus Group, a state-sponsored hacking organization stands implicated in numerous cyberattacks around the globe. The group is believed to be responsible for the 2017 WannaCry ransomware attack. Likewise, the 2016 Bangladesh Bank heist and the 2014 Sony Pictures hack have been traced to them.
These attacks resulted in the theft of billions of dollars and disrupted many businesses and individuals globally.
Laundering and Recovery Efforts Following the Hack
Following the Upbit hack, the North Korean hackers engaged in a complex laundering operation to hide the stolen ETH. Apart from exchanging a portion of the ETH, the group laundered the remaining funds through 51 overseas exchanges across 13 countries.
Despite the sophisticated laundering techniques, South Korean authorities were able to recover a small portion of the stolen funds. By cooperating with the FBI and Swiss prosecutors, the authorities successfully retrieved approximately 4.8 BTC from a Swiss exchange. This was then returned to Upbit.
Interestingly, Upbit itself has faced scrutiny recently. On November 14th, the Financial Intelligence Unit of South Korea’s Financial Services Commission identified 600,000 potential Know Your Customer (KYC) violations by the exchange.
These alleged violations involve the acceptance of blurred identification cards, making it difficult to properly identify users. Consequently, Upbit could face fines and complications with its business license renewal as a result of these potential KYC breaches.
Related posts:
- Hong Kong Police Arrest 72 JPEX Exchange Rug pull Suspects
- Binance CEO Calls Out Nigeria Over ‘Unlawful’ Detention of Exec, Asks for His Immediate Release
- Binance and Kraken Face Legal Battle Over Bitcoin SV Delisting
- Circle USDC IPO Faces Hurdles as SEC Scrutiny Intensifies
- Bitcoin Whale Awakens After 6 Years, Transfers $61 Million Worth of BTC