South Korean Cryptocurrency Exchange Hacked By North Korea
The leading intelligence agency in South Korea has information that led them to believe North Korean hackers were responsible for attacking an exchange based in the South of the region.
Bithumb Hack
Officials have estimated that over $7 million worth of cryptocurrency was stolen in this attack, with some people even claiming that this figure is as high as $82.7 million.
Alongside the funds that the culprits stole, about 36,000 users had their personal information taken. The exchange in question is called Bithumb, and it is a platform where users are able to trade bitcoin and ether.
In November and December, there has been a significant spike in the amount of trading volume seen in South Korea, and this has led to Bithumb becoming one of the largest exchanges of its kind in South Korea. It is also one of the top five largest trading platforms in the world.
It is thought that the reason North Korea went after digital currencies was in response to the financial sanctions placed upon them due to their nuclear weapon development and testing.
Attack Vector Specifics
Investigators suspect the attack originated in February after the personal computer of a Bithumb employee had been targeted, but it took until June to discover the offense.
There were also demands made by the hackers for an additional $5.5 million from the exchange in return for their deletion of the personal information they stole from the site.
The National Intelligence Service based in South Korea is responsible for the investigation, and they have reasons to believe that the attack on the Coinis exchange in September 2017 was also carried out by North Korean hackers.
History of Hacks
National agents have documented and thwarted a handful of other attempts to hack into exchanges over the past few months. October saw a significant number of attacks, with ten being reported to the authorities, all of which suspected North Korean attackers of carrying them out through the dissemination of malware-infected emails.
Thankfully these attacks were repelled agents at the Korea Internet Security Agency (KISA).
They managed to identify the threats and pieced together different fragments of information to determine the perpetrators. They uncovered the malware used in the hacks had been created similar to those used in the 2014 attack on Sony Pictures, as well as the hack on the Bangladeshi Central Bank in 2016.
These attacks come at a time when regulation of the sector is a pressing issue, with the relevant authorities in South Korea now focusing on tightening up relevant regulations in the region.
The government fined Bithumb to the tune of $55,000 as a result of their failings in protecting the personal data of their users.