As originally reported by local media outlets, the South Korean National Intelligence Service has traced previous hackings of domestic crypto-currency exchanges back to the North. 

North vs. South

This Saturday, South Korean newspapers recapped reports by the NIS that claim that North Korean Hackers were behind a February Bithumb attack.  The hack, which began after an employee’s PC was compromised, leaked personal details of  some 36,000 user accounts.  The attack supposedly occurred this past February, but Bithumb was not aware of the breach until June. According to reports, the hackers demanded 6bln won ($5.5mln) in exchange for deleting the stolen account information.

The NIS believes that North Korean hackers were also behind a series of attacks in April and September.  In April, Youbit, formerly Yapizon, had its own exchange compromised, and Coinis faced hacking attacks in September.

As a result of these attacks, hackers ran off with a cumulative 7.6bln won ($6.99mln) in cryptocurrencies.  Today, these stolen funds are valued at 90bln won ($82.7mln).  If you can believe it, though, it could have been worse, as the Korean Internet Security Agency thwarted an attempted hack on 10 Korean exchanges back in October.

Justifying their findings, the NIS said that the emails used in the hacks came from North Korean IP addresses.  Additionally, the agency discovered that the hackers used the same malware employed for the attacks on Sony Pictures  in 2014 and the Bangladeshi central bank in 2016.

Ramifications Going Forward

Conspirators, watchdogs, and analysts have long suspected that North Korean hackers have been lurking in cryptocurrency’s shadows.  Some analysts have argued that these attacks are a means for North Korea to circumvent financial sanctions brought on by its nuclear development.

Back in South Korea, the wake of the attack has exchanges feeling regulatory as well as financial repercussions.  According to Chosun Ilbo, the Korean Communications Commission came down on BTC Korea.com, the media company that owns Bithumb, with $55,000 worth of fines.  These fines are in direct response to the hackings from earlier this year, as Bithumb “failed to protect the information of users by not encrypting private data,” according to the KCC.

The news of North Korea’s involvement in these attacks follows a month of legislative efforts by the South’s regulatory agencies to extend their reach into cryptocurrency markets.  This development will no doubt drive officials to hasten their plans for legislation regarding cryptocurrency exchanges and strengthen what little regulatory framework they currently have in place.

“We are seeing continued problems with cryptocurrency speculation and hacking attacks against online exchanges,” KCC Chairman Lee Hyo-seong said in a statement to Chosun Ilbo. “We will bolster regulations until separate laws for cryptocurrency exchanges are drafted.”