South Korea Confirms North Korea Behind $50M Upbit Hack

Paxful
Investigators confirm North Korean hackers Lazarus and Andariel behind Upbit cryptocurrency hack.
Coinbase

South Korea Confirms North Korea Behind $50M Upbit Hack

South Korea has identified the North Korean hacker groups Lazarus and Andariel as the masterminds responsible for the 2019 Upbit cryptocurrency hack. In a targeted cyberattack, the hackers stole 342,000 Ether (ETH) from the South Korea-based cryptocurrency exchange. At the time, ETH valued $50 million, but the surge in Ether’s value inflates the present value of the stolen currency beyond $1 billion.

North Korean Hackers and the Upbit Heist

On Nov. 21, South Korea’s National Office of Investigation officially declared North Korea was responsible for the breach-a first in declaring its involvement in a crypto hack. Investigators utilized sophisticated tracking such as crypto flow monitoring, IP analysis and linguistic pattern identification-together with data shared by the U.S. Federal Bureau of Investigation-to attribute the hack to Lazarus and Andariel.

Details about the hacking techniques applied in the process were not provided for mitigating future risks.
Laundering the Stolen Funds

According to a report, about 57% of the stolen Ether was sold on different exchanges that were supposed to be controlled by North Korea. The rest of the amount was transferred to 51 international exchanges, which has additionally increased the complexity of tracking the funds by the concerned authorities.

This has been a signature North Korean hacking group laundering strategy using decentralized and overseas platforms, further cementing their reputation as major players in global cybercrime.

Upbit Slammed over KYC Violations

The confirmation of North Korea’s involvement comes with the recent investigation into Upbit for a possible Know Your Customer or KYC compliance failure. South Korea’s Financial Intelligence Unit, or FIU, disclosed up to 600,000 KYC violations in the review of business license renewal at Upbit.

Binance

The alleged infractions include accepting blurred or tampered identification cards, making it challenging for regulators to verify user identities. Each violation could result in fines of up to $71,500, alongside potential complications in renewing the exchange’s operating license.

Rising Cybersecurity Concerns

The incident vividly shows that state-sponsored cybercrime increasingly threatens cryptocurrencies. The increasing adoption of digital assets worldwide, however, puts greater pressure on authorities to strengthen regulations and security protocols for exchanges and users in general.

The hacking into Upbit has been a sort of reminder about the weak points in crypto infrastructure and the lack of coordination on the international level to fight against cyber threats.

Blockonomics