South Korea Confirms North Korea Behind $50M Upbit Hack

South Korean authorities have officially confirmed that North Korean hacker groups Lazarus and Andariel were responsible for the $50 million Upbit cryptocurrency hack that occurred in 2019. On November 21, South Korea’s National Office of Investigation revealed that the cyberattack, which resulted in the theft of 342,000 Ether (ETH) from the South Korea-based exchange, was orchestrated by the North Korean operatives.

At the time of the hack, the stolen Ether was valued at around $147 per coin, totaling approximately $50 million. However, due to the recent surge in Ether’s value, the stolen cryptocurrency is now worth more than $1 billion.

Authorities Track Down Hackers After Five Years

This marks the first time South Korean authorities have publicly acknowledged North Korea’s involvement in a cryptocurrency hack. The investigation confirmed North Korean responsibility through a detailed analysis of cryptocurrency flows, IP addresses, and linguistic patterns, along with information provided by the U.S. Federal Bureau of Investigation (FBI).

Although the authorities confirmed the perpetrators' identities, they withheld details about the specific hacking methods used in order to avoid encouraging similar attacks.

Since the breach, it’s believed that the hackers sold approximately 57% of the stolen Ether through exchanges allegedly operated by North Korean entities. The remaining funds were laundered through 51 overseas exchanges.

Upbit Faces Additional Scrutiny Over KYC Violations

The confirmation of North Korean involvement comes amid increased scrutiny of Upbit. On November 14, South Korea’s Financial Intelligence Unit (FIU), part of the Financial Services Commission, uncovered around 600,000 potential violations of Know Your Customer (KYC) regulations during its review of Upbit’s business license renewal.

The FIU found that Upbit allegedly accepted blurred identification cards, which made it difficult for regulators to properly verify user identities. These violations could lead to significant fines, up to $71,500 per case, and potentially complicate the exchange’s efforts to renew its business license