Earlier this week, CCN reported on the bankruptcy filing of a company that operates South Korean cryptocurrency exchange Youbit, after it got hacked and saw 17 percent of its total assets get stolen. Youbit revealed that 83 percent of its funds were safely stored in a cold wallet, and that users would be allowed to immediately withdraw their holdings, at 75 percent of their market value.
The exchange had notably suffered another hack this year, back in April, when nearly 4,000 bitcoins were taken. Per South Korean authorities, the attack was perpetrated by North Korean hackers.
This last attack seemingly leads to North Korea as well, as according to the Wall Street Journal, investigators have reason to believe the North Korean regime is behind it. To back up their claim, they point to “telltale signs and historical evidence,” presumably referring to April’s attack. The Wall Street Journal’s report reads:
“The bitcoin heist follows similar suspected Pyongyang-directed offensives against other South Korean cryptocurrency exchanges — and an increasing number of attempts to steal from individual investors.”
Investigators are still analyzing the malware that was used to compromise the exchange, and results may take several weeks to come. This means that the investigation is still in its early stages.
North Korea has, in the past, targeted bitcoin exchanges. As a FireEye report pointed out, earlier this year the regime engaged in a state-sponsored campaign to steal bitcoin from the South’s cryptocurrency exchanges in order to evade sanctions and gain funds. Moreover, the Republic of Korea’s National Police Agency (NPA) confirmed the regime attacked exchanges through phishing attempts.
North Korean hackers have been getting a lot of attention recently, as the U.S. government formally blamed them for carrying out a massive ransomware campaign using the WannaCry malware, which netted its operators hundreds of thousands worth of bitcoin at today’s rates.
South Korea’s cryptocurrency scene has been rapidly growing, making it the perfect target for the regime’s hackers, as they aren’t just targeting their longtime adversaries, they’re also targeting exchanges overwhelmed with new users who may be having a hard time focusing on security.
Estimates suggest Kim Jong-Un’s regime has a cyber army with over 1,700 hackers in it, aided by over 5,000 support staff. It’s difficult to know how accurate these estimates are, as no one outside of the regime – or with advanced intel – can really be sure.
Potential international incident
Notably, the alleged North’s hit on Youbit can lead to an international conflict, as earlier this year a NATO-sponsored think tank issued a statement noting that a state-sponsored malware attack can be considered an act of war. This, in turn, would trigger Article 5 of the North Atlantic Treaty, potentially leading to a military response, Gizmodo notes.
Although South Korea isn’t a NATO member per se, over recent years the organization has been developing relations outside the Euro-Atlantic area, given key strategic concerns and values. If Youbit’s hack is considered an act of war, tensions between the U.S. and North Korea may once again rise to new heights.