South Korea Confirms North Korean Lazarus Group Behind Upbit Crypto Theft

South Korea Confirms North Korean Lazarus Group Behind Upbit Theft South Korea Confirms North Korean Lazarus Group Behind Upbit Theft

South Korea Police has confirmed that the North Korean Lazarus and Andariel group were the masterminds of crypto theft which saw 342,000 ETH stolen from the crypto exchange Upbit, in 2019. The damage which was estimated at 58 billion Won at the time, is estimated at more than $1 billion USD today.

Police discovered that 57% of the Ethereum stolen by North Korea was exchanged for Bitcoin at a 2.5% discount on three virtual asset exchanges reportedly operated by the country. The remaining Ethereum was laundered across 51 overseas exchanges.

Some of the Bitcoin, converted in October 2020, was later stored at a cryptocurrency exchange in Switzerland. After a four-year investigation, Swiss authorities confirmed the Bitcoins were stolen assets and recovered 4.8 BTC, which were subsequently returned to Upbit in October.

According to a local media report, “Although there have been UN reports and foreign government announcements regarding North Korea’s virtual asset hacking, this is the first time that a domestic investigative agency has officially confirmed it”, noted the South Korean police.

South Korea Traces Upbit Crypto Theft to Lazarus group

Advertisement

Reports further suggest that on the 21st November, the National Investigation Headquarters of the National Police Agency announced that it had discovered that two organizations, including hacker groups Lazarus and Andariel, affiliated with the North Korean Reconnaissance General Bureau, were involved in the theft. 

The investigation team found clues with the findings of the North Korean term ‘Heulhan Il’ (a word meaning ‘unimportant matter’) found on the computer used in the attack at the time.

Additionally, a combination of other information such as North Korea’s IP addresses, the flow of virtual assets, traces of North Korean vocabulary usage, and data obtained through cooperation with the Federal Bureau of Investigation (FBI), helped the team trace the case.

Also Read: Chinese OTC Trader Linked to Lazarus Group’s Crypto Laundering: ZachXBT

Advertisement