{"id":18795,"date":"2024-11-21T13:36:12","date_gmt":"2024-11-21T11:36:12","guid":{"rendered":"https:\/\/forklog.com\/en\/north-korean-hackers-implicated-in-2019-upbit-breach\/"},"modified":"2024-11-21T13:36:12","modified_gmt":"2024-11-21T11:36:12","slug":"north-korean-hackers-implicated-in-2019-upbit-breach","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/north-korean-hackers-implicated-in-2019-upbit-breach\/","title":{"rendered":"North Korean Hackers Implicated in 2019 Upbit Breach"},"content":{"rendered":"<p>The theft of 342,000 ETH from the Upbit exchange in 2019 has been linked to North Korea, according to South Korea&#8217;s National Investigation Service. This was reported by<a href=\"https:\/\/www.theblock.co\/post\/327555\/north-korea-stole-342k-eth-in-2019-upbit-hack\"> The Block<\/a>.<\/p>\n<p>This marks the first time the country&#8217;s authorities have connected the crime to the neighboring state.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>\u201c[We] reached this conclusion based on a comprehensive analysis of evidence, [\u2026] including IP addresses, virtual asset flows, terminology, as well as data obtained from the <span data-descr=\"Federal Bureau of Investigation of the USA\" class=\"old_tooltip\">FBI<\/span>,\u201d<\/em> the statement reads.<\/p>\n<\/blockquote>\n<p>Specific details were not disclosed.<\/p>\n<p>The agency confirmed that Upbit was the victim of the attack.<\/p>\n<p>In 2019, the stolen ETH was valued at approximately $41.5 million, now it exceeds $1 billion.<\/p>\n<p>The perpetrators converted about 57% of the stolen ETH into Bitcoin at a 2.5% discount on three crypto exchanges. The remaining funds were withdrawn in fiat through 51 platforms.<\/p>\n<p>South Korean police and Swiss authorities recovered 4.8 BTC of the stolen assets for Upbit.<\/p>\n<p>In December 2017, the country&#8217;s National Intelligence Service reported suspicions of North Korean hackers in an attack on Bithumb, resulting in the theft of 7.6 billion <span data-descr=\"Korean won\" class=\"old_tooltip\">KRW<\/span> ($6.9 million).<\/p>\n<p>Earlier in 2023, Upbit faced 159,061 hacking attempts in the first six months.<\/p>\n<p>In November, South Korea&#8217;s financial intelligence unit of the <span data-descr=\"Financial Services Commission of South Korea\" class=\"old_tooltip\">FSC<\/span> identified at least 500,000\u2013600,000 potential violations of <span data-descr=\"Know Your Customer\" class=\"old_tooltip\">KYC<\/span> procedures on the platform.\u00a0<\/p>\n<p>Previously, ForkLog reported that the North Korean state-associated Lazarus Group<a href=\"https:\/\/forklog.com\/en\/news\/lazarus-groups-deceptive-investor-profile-targets-defi-sector\"> created a fake investor<\/a> to target the DeFi sector.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The theft of 342,000 ETH from the Upbit exchange in 2019 has been linked to North Korea, according to South Korea&#8217;s National Investigation Service. This was reported by The Block. This marks the first time the country&#8217;s authorities have connected the crime to the neighboring state. \u201c[We] reached this conclusion based on a comprehensive analysis [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":18794,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1323,1125,1202,974,1503],"class_list":["post-18795","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-investigations","tag-lazarus","tag-north-korea-dprk","tag-south-korea","tag-upbit"],"aioseo_notices":[],"amp_enabled":true,"views":"29","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/18795","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=18795"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/18795\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/18794"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=18795"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=18795"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=18795"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}