South Korea identifies North Korean hacker groups as suspects in $50M Upbit hack

The hackers stole 342,000 Ether (ETH), which was worth $50 million at the time but has now surged in value to over $1 billion due to market increases.

Cyberespionage

South Korean authorities have officially confirmed that North Korean hacker groups Lazarus and Andariel orchestrated the infamous $50 million cryptocurrency heist from the Upbit exchange in 2019. The stolen 342,000 Ether (ETH), worth around $147 per coin at the time, has soared in value and is now estimated to be worth over $1 billion due to recent market surges.

The investigation, conducted by South Korea’s National Office of Investigation, tracked crypto flows, IP addresses, and linguistic patterns, with support from the US Federal Bureau of Investigation, to pinpoint North Korea’s involvement. It is the first time South Korea has directly tied a cryptocurrency attack to the reclusive nation, a significant breakthrough in cybercrime investigations.

Meanwhile, the probe into Upbit continues after allegations of weak Know Your Customer measures. Regulators flagged over 600,000 potential violations, including acceptance of unclear identification documents, which could lead to hefty fines and regulatory challenges for the exchange.