South Korean authorities have made a significant breakthrough by recovering 4.8 Bitcoin (BTC) that was linked to the 2019 hack of the Upbit exchange. This cyberattack, orchestrated by North Korean hackers, resulted in the theft of 342,000 Ethereum (ETH), valued at $41.4 million in 2019 but now worth over $1 billion.
The investigation conducted by South Korea’s National Police Agency confirmed the involvement of notorious North Korean hacker groups Lazarus and Andariel in the Upbit hack. These groups have a history of large-scale cybercrime, having stolen more than $3 billion in cryptocurrency between 2017 and 2023. This marks the first time that South Korean police have officially linked a significant hack to North Korean operatives.
The hackers laundered 57% of the stolen ETH by converting it into Bitcoin, which then flowed through three North Korea-linked exchanges and 51 global platforms. Through years of tracing blockchain activity and analyzing North Korean IP addresses, investigators were able to identify patterns, including unique North Korean language usage. Support from the US Federal Bureau of Investigation (FBI) also played a crucial role in uncovering the hackers’ operations.
The recovered Bitcoin, traced to a Swiss exchange, has been returned to Upbit, marking a significant victory in the fight against cybercrime. However, Upbit itself is under scrutiny from South Korea’s Financial Intelligence Unit (FIU) for KYC-related violations, with reports suggesting as many as 600,000 compliance breaches. The Financial Services Commission (FSC) has also raised concerns about Upbit’s market dominance, as the exchange accounts for nearly 20% of the 22 trillion won deposited in K Bank, posing potential risks to the financial system.
Despite these challenges, Upbit remains the largest South Korean crypto trading platform, with a trading volume of around $6 billion, according to CoinMarketCap data.
This latest development underscores the ongoing battle against cybercrime in the cryptocurrency space and highlights the importance of regulatory oversight and compliance in ensuring the security and integrity of digital assets.