The theft of $ 281 million from a cryptocurrency exchange last September could have been carried out with a high degree of probability by hackers from North Korea, Reuters writes, citing a confidential UN report.
“A preliminary analysis based on attack vectors and subsequent actions to launder illicit proceeds gives strong grounds to assume there are links with the DPRK,” the document says. The UN believes that the stolen cryptocurrency is used to finance the nuclear program of the country under international sanctions.
The report does not indicate the name of the affected platform, but the KuCoin exchange fits the description. At the end of September, she reportedabout the loss of $ 281 million. “It must be a KuCoin hack,” said Frank van Werth, an analyst at Whale Alert. “There were no other significant break-ins at that time.”
In addition, the report refers to a second hack in October 2020, when $ 23 million was stolen. Experts say that hackers tried to launder the stolen cryptocurrency through decentralized exchanges, hoping with their help to avoid blocking applied by centralized platforms. “According to sources familiar with both hacks, their organizers used DeFi-protocols, in essence, smart contracts that carry out automated transactions,” writes the UN.
KuCoin previously reported recovering more than 80% of assets lost during the September attack. The exchange claims to have already identified the hackers, but cannot reveal their identities while the investigation continues. KuCoin CEO Johnny Liu announced last week that the criminals are still at large.
In 2019, the UN reported that North Korean hackers had stolen nearly $ 2 billion in “massive and increasingly advanced” cyber attacks on banks and cryptocurrency exchanges. The latest report says they have continued their malicious activities since then. “According to one of the participating countries, theft of virtual assets of the DPRK from 2019 to November 2020 amounted to about $ 316.4 million,” the UN said.