Upbit Hack: South Korea Confirms North Korean Hackers Stole Crypto Assets

Table of Contents

north korean group implicated in Upbit hack

Share

South Korean authorities have officially confirmed that North Korean hackers were responsible for the Upbit exchange hack in 2019. 

The Upbit hack, which resulted in the theft of 342,000 Ether (ETH), has now been attributed to the Lazarus Group and Andariel. The two notorious hacker groups are known for their sophisticated cyberattacks, often to fund the North Korean regime.

The stolen ETH, initially worth about $50 million, is estimated to be worth over $1 billion at the time of writing. Consequently, the Upbit hack is dubbed one of the largest cryptocurrency hacks of all time.

Unmasking the Perpetrators of the Upbit Hack

Meanwhile, the confirmation of North Korea’s involvement comes after a five-year investigation by South Korean authorities. Investigators meticulously tracked cryptocurrency flows, analyzed IP addresses, and identified linguistic traces of North Korean terminology to link the Upbit hack to the Lazarus Group and Andariel.

The Lazarus Group, a state-sponsored hacking organization stands implicated in numerous cyberattacks around the globe. The group is believed to be responsible for the 2017 WannaCry ransomware attack. Likewise, the 2016 Bangladesh Bank heist and the 2014 Sony Pictures hack have been traced to them.

These attacks resulted in the theft of billions of dollars and disrupted many businesses and individuals globally. 

Laundering and Recovery Efforts Following the Hack

Following the Upbit hack, the North Korean hackers engaged in a complex laundering operation to hide the stolen ETH. Apart from exchanging a portion of the ETH, the group laundered the remaining funds through 51 overseas exchanges across 13 countries.

Despite the sophisticated laundering techniques, South Korean authorities were able to recover a small portion of the stolen funds. By cooperating with the FBI and Swiss prosecutors, the authorities successfully retrieved approximately 4.8 BTC from a Swiss exchange. This was then returned to Upbit.

Interestingly, Upbit itself has faced scrutiny recently. On November 14th, the Financial Intelligence Unit of South Korea’s Financial Services Commission identified 600,000 potential Know Your Customer (KYC) violations by the exchange. 

These alleged violations involve the acceptance of blurred identification cards, making it difficult to properly identify users. Consequently, Upbit could face fines and complications with its business license renewal as a result of these potential KYC breaches.

Disclaimer: This article is intended solely for informational purposes and should not be considered trading or investment advice. Nothing herein should be construed as financial, legal, or tax advice. Trading or investing in cryptocurrencies carries a considerable risk of financial loss. Always conduct due diligence before making any trading or investment decisions.