Lazarus and Andariel are the official culprits

The authorities of South Korea have confirmed that behind the 2019 Upbit crypto hack of 50 million dollars, there are the North Koreans Lazarus and Andariel. The amount stolen then of 342,000 ETH now exceeds a billion dollars. 

Upbit and the crypto hack 2019: the North Korean Lazarus and Andariel confirmed as the responsible parties

The National Office of Investigation of South Korea has confirmed that the real culprits of the 2019 Upbit crypto hack are the North Korean hacker groups Lazarus and Andariel. 

Apparently, it took a full five years to officially confirm North Korea’s involvement in a bull hack of cryptocurrencies.

From what has emerged, it seems that the flows of cryptocurrencies and IP addresses have been tracked. Not only that, the South Korean police have analyzed the use of North Korean language and the information provided by the Federal Bureau of Investigation (FBI) of the United States.

At the moment, the police have not wanted to provide details on the hacking method adopted by Lazarus and Andariel, to avoid potential imitation attacks. 

Upbit is a crypto-exchange from South Korea that in 2019 had suffered a theft of 342,000 ETH. At that time, ETH was worth only 147 dollars, and the total amount stolen from the crypto-exchange was equivalent to 50 million dollars. 

Today, the situation is different. The 342,000 ETH in the hands of Lazarus and Andariel now exceed a billion dollars. 

Upbit: officially revealed Lazarus and Andariel as responsible for the 2019 crypto hack

After five years of investigations, it has been revealed today that the North Korean group Lazarus is also responsible for the theft of ETH from the South Korean crypto-exchange Upbit in 2019. 

From what has emerged, it seems that after the breach, the hackers sold about 57% of the stolen amount on exchanges presumably managed by North Koreans. The remaining funds were distributed and laundered through 51 foreign exchanges.

As anticipated, the police of South Korea also made use of the information obtained from the FBI of the USA. 

In this regard, in August 2023, the FBI had identified the North Korean Bitcoin hackers, stating that they were trying to cash in from the sale of stolen BTC, over 40 million dollars.

In that case, there was talk of both Lazarus Group and APT38, who are the main hackers of the Democratic People’s Republic of Korea (DPRK), as responsible for various crypto thefts. 

Here is the message from the FBI regarding these subjects, which was addressed to crypto companies to warn them given the results of their investigations. 

Chainalysis and the fight against crime on blockchain

Last May, Chainalysis had talked about the fight against crime on blockchain at its event “Links NYC 2024”.

In the specific case of the North Korean hacking unit Lazarus Group and other connected subgroups, Chainalysis estimated thefts of about 1 billion dollars from DeFi protocols from 2022 to that moment. 

Chainalysis has defined Lazarus Group as the most ruthless hacking entity, as well as the most “skilled” in the world, with possible support from the North Korean government.

The biggest theft by Lazarus was the one against the crypto video game Axie Infinity and the Ronin sidechain in March 2022, amounting to 600 million dollars at that time.

Source: https://en.cryptonomist.ch/2024/11/21/upbit-and-the-crypto-hack-2019-lazarus-and-andariel-are-the-official-culprits/