The South Korean authorities have officially done so identified North Korean hackers were the perpetrators of a major Ethereum heist in 2019, which marked a major breakthrough in the investigation.
The stolen cryptocurrency, valued at 58 billion won (about $55.7 million) at the time, was traced to North Korea’s Reconnaissance General Bureau, a military intelligence agency. The hackers reportedly infiltrated a South Korea-based exchange to carry out the theft.
Detailing the hack and the coordinated efforts behind exposing the perpetrators
The KLPD announced this attackers stole 342,000 Ethereum tokens, now valued at over 1.4 trillion won (approximately $1.05 billion), making this one of the most notable crypto thefts ever.
Although the specific exchange targeted was not disclosed, Upbit, a leading South Korean exchange, had reported one similar loss in Ethereum to an unknown wallet in 2019.
The hackers laundered more than half of the stolen money through three self-managed crypto exchanges, offering discounts to convert the assets into Bitcoin. The remaining Ethereum was spread across 51 other exchanges worldwide.
According to the report, the investigation involved cooperation between South Korean authorities and the US Federal Bureau of Investigation (FBI), which used sophisticated techniques to track Internet Protocol (IP) addresses and the movement of stolen assets.
This is the first time that South Korea has definitively linked a cyberattack on crypto exchanges to North Korea. Local media attributed the operation to the infamous Lazarus and Andariel hacker groups, both linked to the North Korean Reconnaissance General Bureau.
Hackers pose an ongoing threat to the crypto industry
Notably, this isn’t the first time North Korean hackers have been linked to the perpetrators of significant hacking incidents. In recent years, this group has gained notoriety for targeting cryptocurrency exchanges and financial platforms to fund their country’s operations.
Although authorities are making efforts to recover stolen funds from these notorious hackers, they remain a persistent threat to the crypto industry. Recently, the United Nations flagged North Korea’s involvement in numerous cyber attacks on cryptocurrency platforms.
This was reported by a UN panel report As of May, the regime is suspected of orchestrating roughly 97 crypto hacks between 2017 and 2024, collectively valued at $3.6 billion.
These activities are believed to play a significant role in financing North Korea’s missile and nuclear programs, highlighting the broader geopolitical implications of these crimes.
Despite the coordinated efforts of authorities and platforms to curb the attacks of these hackers, they have proven to be quite resilient. Just last month, same hacking group has stolen approximately $3 billion worth of cryptocurrency from users by “inventing a fake blockchain game.”
According to reports, the operation that led to this large amount of theft was carried out by the North Korean hackers within six years, from 2016 to 2022.
Featured image created with DALL-E, Chart from TradingView