South Korean police have officially confirmed that the theft of 342,000 Ethereum (ETH) from the Upbit exchange was carried out by North Korean hacker groups Lazarus and Andariel.
Investigation into Cryptocurrency Theft
Initially, the stolen Ethereum, valued at 58 billion won at the time of theft, was traced using North Korean IP addresses and cryptocurrency transaction flows, with the FBI's involvement.
Recovery of Stolen Ethereum and Bitcoin
According to authorities, more than half of the Ethereum (57%) was exchanged for Bitcoin at a rate lower than market value. The remaining ETH was laundered through 51 overseas exchanges. Over four years of investigation, police managed to recover 4.8 Bitcoin from a Swiss exchange.
Consequences and Current Situation
This confirmation links North Korea to cybercrimes aimed at generating revenue through illicit activities. Police withheld details of the attack methods to prevent future breaches. North Korean language traces were found on hackers' computers.
This confirmation strengthens the belief that North Korea is actively involved in cyberattacks on cryptocurrency exchanges, though attack methods remain confidential to avoid subsequent breaches.
