South Korean Police Confirm Lazarus Group Behind 342,000 ETH Upbit Hack
Highlights
- South Korean police confirm Lazarus and Andariel groups behind 342,000 ETH theft from Upbit in 2019.
- 57% of stolen ETH was exchanged for Bitcoin at a discounted rate, laundered via 51 exchanges.
- Police recover 4.8 BTC from Swiss exchange, returning it to Upbit after four years of investigation.
South Korean police confirmed that North Korean hacker Lazarus group and Andariel orchestrated the 2019 theft of 342,000 Ethereum (ETH) from Upbit, South Korea’s largest cryptocurrency exchange. This is the first time authorities have officially acknowledged North Korea’s involvement in a domestic exchange hack.
The stolen assets, worth 1.4 trillion won at the current price, flowed through multiple exchanges worldwide. Despite the theft’s massive scale, only a small portion was recovered. Specifically, 4.8 Bitcoins were retrieved from a Swiss exchange.
Lazarus and Andariel Steal 342,000 ETH From Upbit
Lazarus and Andariel, North Korea’s notorious hacker groups, carried out the 2019 theft of 342,000 ETH from Upbit, South Korean police confirmed. The stolen Ethereum, valued at over 1.4 trillion won (approximately $1 billion), was carefully laundered. According to yna.co report, 57% of the stolen ETH was exchanged for Bitcoin at a 2.5% discount on three exchange sites, likely created by North Korea. Meanwhile, the remaining cryptocurrency flowed through 51 exchanges across 13 countries, including major players in the US and China.
South Korean authorities worked closely with the US FBI and other international agencies to track the stolen assets. Despite many laundered funds being spread across foreign exchanges, the investigation led to a significant recovery. After presenting evidence to Swiss authorities, they successfully recovered 4.8 Bitcoin, worth 600 million won, and returned it to Upbit. This marked a rare instance of recovering stolen funds.
This theft highlights North Korea’s increasing reliance on cryptocurrency hacks to fund its activities. The Lazarus Group has led North Korea in carrying out multiple high-profile cyberattacks on top crypto exchanges.
Besides, this report also highlights the growing hacks and scam incidents in the crypto space. For context, the US DOJ has charged five hackers recently for stealing $6.3 million in digital assets.
North Korea’s Long History of Crypto Thefts and Global Impact
The Lazarus Group operates as a North Korean state-sponsored cybercrime organization. It carries out sophisticated hacks targeting financial institutions and crypto exchanges globally. The group’s operations focus on stealing high-value assets, especially cryptocurrency.
Recently, investigators linked Lazarus to the $238 million Bitcoin theft in August 2023. During this attack, the funds moved across several platforms. Speculation surrounding the group’s involvement intensified, as experts analyzed the suspicious transactions.
- Crypto Stakeholders Push Back as Banks Seek Yield Ban Provision in CLARITY Act
- Crypto ETFs Approval Faces Uncertainty as Government Shutdown Looms, Bloomberg Analyst Says
- Fed’s Hammack Backs Restrictive Policy Over Rate Cuts Amid Inflation Concerns
- Fed Governor Chris Waller Champions Stablecoins as a Tool for Cheaper Global Payments
- LBank Celebrates 10 Years With Bold Achievements and Global Expansion
- Dogecoin Price Prediction – Chart Set-Up Highlights Perfect Buying Opportunity With Outflows Backing $0.45
- Bitcoin Price Set to Rebound Ahead of US Government Shutdown, NFP Data
- XRP Price Prediction: How XRP Could React After October 2025 SEC ETF Decisions
- Aster Price Prediction as US President Adds $110M Worth of Tokens to His Portfolio
- Pepe Coin Price Bounce Likely as Support Zone Aligns With Rising Social Activity
- Solana Price Set for Recovery Amid Wyckoff Accumulation and Canary Capital ETF Filing
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more…to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
