A sophisticated group of hackers tied to North Korea is suspected of being behind the last month's $500 million hack of Japanese cryptocurrency exchange CoinCheck, Bloomberg reported Tuesday - according to a South Korean lawmaker who attended a meeting with the head of the country's intelligence service.
Of course, the CoinCheck hack, which elicited a furious response from Japanese regulators who are reportedly contemplating serious sanctions against the exchange and its senior employees for its inexplicably lax security, isn't the first where North Korea tied groups are suspected of involvement: They are widely believed to have been responsible for the collapse of South Korean exchange YouBit back in December.
The CoinCheck hack -widely believed to be the largest crypto heist in history, eclipsing the nominal value taken from Mt. Gox - is being investigated by the South's National Intelligence Service, which already has its hands full preparing for the Winter Games in PyeongChang, set to begin Friday.
CoinCheck executives answer questions from Japanese regulators.
According to South Korean intelligence, there are unspecified similarities between the Youbit and CoinCheck hacks - though the South Korean spy agency admits it has no direct evidence.
The North is well-known for its hacking prowess. NK-linked hackers are suspected of perpetrating some of the most high-profile hacks of the last five years, including the WannaCry and Petya hacks last spring, and the embarrassing 2014 hack of Sony Pictures. In an interesting innovation, North Korean hackers are suspected of infiltrating systems and installing malware to discreetly mine cryptocurrencies like Monero. Some of these illegal Monero miners have been found in the systems of Russia's largest energy pipeline company.
The National Intelligence Service is investigating last month’s incident - one of the largest cryptocurrency heists in history - based on similarities with past cases associated with its northern neighbor’s cyber-attack apparatus, said the lawmaker, who didn’t want to be identified because of the sensitivity of the information. The South Korean agency is now examining the incident with cooperation from international authorities, the lawmaker added.
Cybersecurity experts say North Korea has master-minded a growing number of crypto-heists in past years, as Kim Jong Un’s hermit regime seeks capital to bankroll its nuclear weapons program and circumvent tough international sanctions. South Korean investigators are already said to be looking into Pyongyang’s involvement in the hack of Seoul-based exchange Youbit, which collapsed in December. In a recent twist, cyber-sleuths say the regime’s attacks have expanded to include hijacking computers to mine digital currencies -- particularly hard-to-trace Monero.
South Korea’s spy agency hasn’t been able to unearth evidence of North Korean involvement in the Coincheck case, but was exploring that avenue based on Pyongyang’s track record and patterns observed in previous attacks, the lawmaker said. Representatives for the NIS and defense ministry weren’t immediately available for comment.
Contrary to crypto enthusiasts' claims that cryptocurrencies are more secure than conventional money, their vulnerability to cybertheft has been widely cited as one of the catalysts for bitcoin's precipitous 60%+ drop from its highs late last year. Furthermore, China's intensifying crackdown - it's now seeking to block Chinese traders from accessing offshore crypto exchanges - and India's revelation that it would do everything in its power to stifle the digital currency market have also rattled investors.
Even US regulators are stepping up their scrutiny: The SEC and CFTC - the two primary federal regulators tasked with overseeing cryptocurrencies - are set to testify before the Senate Banking Committee this morning.
Meanwhile, the rout in crypto land continues Tuesday, with bitcoin trading below $7,000 on GDAX.