North Korea Said To Orchestrate Largest Crypto Heist Of All Time

A sophisticated group of hackers tied to North Korea is suspected of being behind the last month's $500 million hack of Japanese cryptocurrency exchange CoinCheck, Bloomberg reported Tuesday - according to a South Korean lawmaker who attended a meeting with the head of the country's intelligence service.

Of course, the CoinCheck hack, which elicited a furious response from Japanese regulators who are reportedly contemplating serious sanctions against the exchange and its senior employees for its inexplicably lax security, isn't the first where North Korea tied groups are suspected of involvement: They are widely believed to have been responsible for the collapse of South Korean exchange YouBit back in December.

The CoinCheck hack -widely believed to be the largest crypto heist in history, eclipsing the nominal value taken from Mt. Gox - is being investigated by the South's National Intelligence Service, which already has its hands full preparing for the Winter Games in PyeongChang, set to begin Friday.


CoinCheck executives answer questions from Japanese regulators.

According to South Korean intelligence, there are unspecified similarities between the Youbit and CoinCheck hacks - though the South Korean spy agency admits it has no direct evidence.

The North is well-known for its hacking prowess. NK-linked hackers are suspected of perpetrating some of the most high-profile hacks of the last five years, including the WannaCry and Petya hacks last spring, and the embarrassing 2014 hack of Sony Pictures. In an interesting innovation, North Korean hackers are suspected of infiltrating systems and installing malware to discreetly mine cryptocurrencies like Monero. Some of these illegal Monero miners have been found in the systems of Russia's largest energy pipeline company.

The National Intelligence Service is investigating last month’s incident - one of the largest cryptocurrency heists in history - based on similarities with past cases associated with its northern neighbor’s cyber-attack apparatus, said the lawmaker, who didn’t want to be identified because of the sensitivity of the information. The South Korean agency is now examining the incident with cooperation from international authorities, the lawmaker added.

Cybersecurity experts say North Korea has master-minded a growing number of crypto-heists in past years, as Kim Jong Un’s hermit regime seeks capital to bankroll its nuclear weapons program and circumvent tough international sanctions. South Korean investigators are already said to be looking into Pyongyang’s involvement in the hack of Seoul-based exchange Youbit, which collapsed in December. In a recent twist, cyber-sleuths say the regime’s attacks have expanded to include hijacking computers to mine digital currencies -- particularly hard-to-trace Monero.

South Korea’s spy agency hasn’t been able to unearth evidence of North Korean involvement in the Coincheck case, but was exploring that avenue based on Pyongyang’s track record and patterns observed in previous attacks, the lawmaker said. Representatives for the NIS and defense ministry weren’t immediately available for comment.

Contrary to crypto enthusiasts' claims that cryptocurrencies are more secure than conventional money, their vulnerability to cybertheft has been widely cited as one of the catalysts for bitcoin's precipitous 60%+ drop from its highs late last year. Furthermore, China's intensifying crackdown - it's now seeking to block Chinese traders from accessing offshore crypto exchanges - and India's revelation that it would do everything in its power to stifle the digital currency market have also rattled investors.

Even US regulators are stepping up their scrutiny: The SEC and CFTC - the two primary federal regulators tasked with overseeing cryptocurrencies - are set to testify before the Senate Banking Committee this morning.

Meanwhile, the rout in crypto land continues Tuesday, with bitcoin trading below $7,000 on GDAX.






J S Bach Juggernaut x2 Tue, 02/06/2018 - 13:09 Permalink

How can anyone "hack" into such a sound idea as a cryptocurrency? I refuse to believe it.

"Hello, VISA?  Yes, I'd like to max-out my $20,000 credit line for some more Bitcoin.  Yes, you heard me correctly.   No, no... don't worry, I'll be making the next monthly payment IN FULL.  Okay... thank you."


(heh heh)

In reply to by Juggernaut x2

Laowei Gweilo skbull44 Tue, 02/06/2018 - 13:39 Permalink

actually, whether it's real or a false flag, their only real opportunity to efficiently launder that much XEM would probably have to be on an exchange with a shit load on an anon altcoin and not give two shits about Western regulation.

which is why it works as the latter haha 


*[Insert boogeyman here]

In reply to by skbull44

Laowei Gweilo I woke up Tue, 02/06/2018 - 13:13 Permalink

It's actually a flawed enough plan that it's probably real.

The stolen XEM went directly into just a small number of addresses and were not traded before NEM was able to flag the XEM.

By the time the hackers tried to start transferring the XEM to exchanges to presumably launder through something like Monera, XEM was already helping the exchanges blacklist the addresses.

So, you know, lol, good luck unloading $500m in XEM that are flagged both in the actual output (the transaction outputs) and the output (by any exchange that doesn't wanna get fucked by regulators, ever, in history, for being incompetent). Maybe they can unload them on a Venezuelan exchange for the Petro coin =p


makes you wonder why'd they just leave 'em at those addresses until NEM could react tho... no way to instantly flush them through other cryptos?

a $500m hack that can't ever be unloaded or spent ... and the hack targets are all getting refunded too .... 

a hyperbolic news item + a rather large lack of actual benefit AND harm from the hack = suuuuuuure seems like a convenient boogeyman.


In reply to by I woke up

TheWholeYearInn topspinslicer Tue, 02/06/2018 - 13:23 Permalink

FISA memo was made public on Friday. Since then?


- DOW down 666 on Friday

- SuperBowl

- DOW/S&P bloodbath on Monday

- VIX explodes

- Look squirrel! (Norks hacked a crypto exchange with their left hand while choking babies in incubators with their right hand)


Sessions appears to have slept through the whole thing.





In reply to by topspinslicer

BarkingCat Rick Cerone Tue, 02/06/2018 - 13:06 Permalink

So North Korea is that magical place that is both, a backwater shithole with decrepit infrastructure and lacking modern technology and yet fully capable of penetrating most advanced nations' computer networks. 


Now, can you tell me about the Amish who broke into MacDill Airforce base and took the F35 for a joy ride. They know it was an Amish man because they found a straw hat in the hangar.

In reply to by Rick Cerone

overbet Tue, 02/06/2018 - 12:55 Permalink

Kim with the big order to convert. Thought he mastered the art of the $100 bill counterfeit. Whats he need cryptos for? Buying stolen tech on the dark net?