North Korean Hackers Attacked South Korean Exchanges, NIS Claims

As originally reported by local media outlets, the South Korean National Intelligence Service has traced previous hackings of domestic cryptocurrency exchanges back to the North. 

North vs. South

This Saturday, South Korean newspapers recapped reports by the NIS that claimed North Korean hackers were behind an attack on the Bithumb exchange. The hack, which began after an employee’s PC was compromised, leaked personal details of some 36,000 user accounts.  The attack supposedly occurred this past February, but Bithumb was not aware of the breach until June. According to reports, the hackers demanded 6 billion won (US$5.5 million) in exchange for deleting the stolen account information.

The NIS believes that North Korean hackers were also behind a series of attacks in April and September. In April, Youbit, formerly Yapizon, had its own exchange compromised, and Coinis suffered hacking attacks in September.

As a result of these attacks, hackers ran off with a cumulative 7.6 billion won (US$6.99 million) in cryptocurrencies. Today, these stolen funds are valued at 90 billion won (US$82.7 million). If you can believe it, though, things could have been worse, as the Korean Internet Security Agency thwarted an attempted hack on 10 South Korean exchanges in October.

Justifying its findings, the NIS said that the emails used in the hacks came from North Korean IP addresses. Additionally, the agency discovered that the hackers had used the same malware employed for their attacks on Sony Pictures in 2014 and on the Bangladeshi central bank in 2016.

Ramifications Going Forward

Conspirators, watchdogs, and analysts have long suspected that North Korean hackers have been lurking in cryptocurrency’s shadows.  Some analysts have argued that these attacks are a means for North Korea to circumvent financial sanctions brought on by its nuclear development.

Back in South Korea, exchanges have been feeling regulatory as well as financial repercussions in the wake of these attacks. According to Chosun Ilbo, the Korean Communications Commission came down on BTCKorea.com, the media company that owns Bithumb, with US$55,000 worth of fines. These fines were in direct response to the hackings earlier this year, according to the KCC, as Bithumb “failed to protect the information of users by not encrypting private data.”

The news of North Korea’s involvement in these attacks follows a month of legislative efforts by the South’s regulatory agencies to extend their reach into cryptocurrency markets. This development will no doubt hasten the passage of legislation regarding cryptocurrency exchanges and serve to strengthen what little regulatory frameworks are currently in place.

“We are seeing continued problems with cryptocurrency speculation and hacking attacks against online exchanges,” KCC Chairman Lee Hyo-seong said in a statement to Chosun Ilbo. “We will bolster regulations until separate laws for cryptocurrency exchanges are drafted.”