South Korean police have confirmed that North Korean hacker group Lazarus and Andariel orchestrated the 2019 theft of 342,000 Ethereum (ETH) from Upbit, South Korea’s largest cryptocurrency exchange. It is the first time authorities have officially acknowledged North Korea’s involvement in a domestic exchange hack.

The stolen assets, worth 1.4 trillion won at current prices, have passed through several exchanges worldwide. Despite the massive scale of the theft, only a small portion has been recovered. Specifically, 4.8 Bitcoins were taken from a Swiss exchange.

Lazarus and Andariel steal 342,000 ETH from Upbit

Lazarus and Andariel, the notorious North Korean hacking groups, committed the theft of 342,000 ETH from Upbit in 2019, South Korean police confirmed. The stolen Ethereum, valued at over 1.4 trillion won (about $1 billion), was carefully laundered. According to yna.co Reportedly, 57% of the stolen ETH was exchanged for Bitcoin at a 2.5% discount on three exchange sites, likely created by North Korea. Meanwhile, the remaining cryptocurrency circulated through 51 exchanges in 13 countries, including major players in the US and China.

South Korean authorities worked closely with the US FBI and other international agencies to track down the stolen goods. Despite the fact that many laundered funds are spread across currencies, the investigation resulted in a significant recovery. After presenting evidence to the Swiss authorities, they successfully recovered 4.8 Bitcoins, worth 600 million won, and returned them to Upbit. This marked a rare example of recovery of stolen funds.

This theft highlights North Korea’s growing reliance on cryptocurrency hacks to fund its activities. The Lazarus group has led North Korea in carrying out several high-profile cyber attacks top crypto exchanges.

Additionally, this report also highlights the increasing incidents of hacks and scams in the crypto space. For context, US DOJ charged five hackers recently for stealing $6.3 million in digital assets.

North Korea’s long history of cryptocurrency theft and global impact

The Lazarus Group operates as a North Korean state-sponsored cybercrime organization. It performs sophisticated hacks targeting financial institutions and cryptocurrency exchanges globally. The group’s operations focus on stealing high-value assets, particularly cryptocurrencies.

Recently, the investigators linked Lazar to the 238 million dollars August Bitcoin Theft 2023. During this attack, funds moved to multiple platforms. Speculation about the group’s involvement intensified as experts scrutinized the suspicious transactions.

✓ Distribute:

Coingape staff

CoinGape comprises an experienced team of native content writers and editors who work around the clock to cover news globally and present news as fact rather than opinion. CoinGape writers and reporters contributed to this article.

Disclaimer: The content presented may include the author’s personal opinion and is subject to market conditions. Do some market research before investing in cryptocurrencies. The author or publication assumes no responsibility for your personal financial loss.