North Korea’s Lazarus Group steals 342,000 ETH from Upbit, South Korea’s Police confirm

A South Korean investigative agency has exposed the Lazarus Group for crimes relating to crypto theft. The South Korean police confirmed that the North Korean-linked Lazarus Group is responsible for the crypto stolen from Upbit five years ago.

North Korea has a history of hacking crypto and stealing funds through the Lazarus Group, which laces this case with a strong sense of deja vu. The damage was estimated at 58 billion won ($41.5m) at the time, which has increased to 1.47 trillion won ($1 billion) by today’s standards.

The group carries out sophisticated hacks targeting financial institutions and crypto exchanges globally.

South Korean police confirmed that Andariel joined the Lazarus Group to orchestrate the 2019 heist of 342,000 Ethereum (ETH) from Upbit, South Korea’s largest crypto exchange. 

South Korean authorities report on Ethereum heist findings  

The Police found that 57% of the Ethereum stolen by North Korea was exchanged for Bitcoin at a price 2.5% cheaper than the market price. North Korea is believed to have opened three crypto exchange sites to carry out money laundry. The remaining 43% of Ethereum was distributed to 51 overseas exchanges and then laundered.

The South Korean authorities also confirmed that some of the stolen assets were converted into Bitcoin. This happened in October 2020. They then stored them on a crypto exchange in Switzerland.

According to reports, South Korean authorities tracked the stolen assets in partnership with the US FBI. Despite many laundered funds being spread across foreign exchanges, the investigation has led to a significant recovery. 

After presenting evidence to Swiss authorities, they successfully recovered 4.8 bitcoins worth 600 million won and returned them to Upbit. The recovery marks one of the very few instances in which crypto funds have been recovered from the Lazarus Group.

The police department proved to Swiss prosecutors for four years that the bitcoins were assets stolen domestically.

North Korea sponsors Lazarus Group cyber crimes to sustain economy

Reports have it that North Korea has sanctioned several Lazarus Group operations. The group has a background in hacking across different industries, with a notorious record for many large-scale DeFi project hacks. It continues to launch hacks despite tough sanctions imposed on North Korea by Western and European nations. 

From 2021 to 2023, the Lazarus Group caused billions of dollars in losses across the crypto ecosystem. This group has caused damage at an international level, not only with crypto but traditional finance hacks. 

The group’s first major crypto hack was in July 2017, when it plundered Bithumb Exchange, stealing over $7 million worth of crypto assets in one day. Their other hacks include $534m from Coincheck, $275m from Kucoin exchange, $5.4m from Eterbase,$97m from Liquid exchange, $600m from Ronin network, $100m from Harmony Bride, and $235m from Wazir X. 

This trend is a broader reflection of North Korea’s reliance on crypto hacks to fund its economy. North Korea has been implicated in many high-profile crypto cyberattacks. In 2023 alone, it was responsible for crypto hacks worth over $3 billion.

A Step-By-Step System To Launching Your Web3 Career and Landing High-Paying Crypto Jobs in 90 Days.

Source: https://www.cryptopolitan.com/lazarus-group-steals-342000-eth-from-upbit/