North Korea Possibly Behind Coincheck Hack, Says South Korea’s Intelligence Agency

Recently, Coincheck, one of Japan’s and Asia’s largest cryptocurrency exchange, was hit by the biggest hack in the history of cryptocurrency in which 58 billion Yen ($534 million) worth of the virtual currency “NEM (Nemu)” was stolen from its digital wallets.

While no one has taken responsibility for the hack, South Korea’s National Intelligence Service (NIS) claims that North Korea is likely behind the Coincheck cryptocurrency heist. Although the NIS didn’t have evidence to support this claim, the people who had knowledge of parliament’s intelligence committee proceedings told Reuters, “It’s a possibility that North Korea could be behind the theft.”

Kim Byung-kee, a member of South Korea’s Parliament’s intelligence committee, recalled similar past incidents in which North Korea attacked exchanges in the country.

Last year, tens of billions of won in cryptocurrency were stolen from South Korea cryptocurrency exchanges through North Korean cyberattacks, which partly involved the sending of hacking emails to members of the exchanges, according to parliamentary sources.

“North Korea sent emails that could hack into cryptocurrency exchanges and their customers’ private information and stole [cryptocurrency] worth billions of won,” Kim said.

Following the Coincheck hack on January 26, the Japanese exchange temporarily halted its operations. It later announced a compensation policy designed to return more than 260,000 users who were affected by the breach.

Meanwhile, the NIS has informed the National Assembly that it is investigating whether North Korea was behind the Coincheck hack that took place last month.

This is not the first time that North Korea is being held responsible for a huge cyberattack. The United States has publicly accused the world’s most isolated country for carrying out the WannaCry ransomware cyberattack that affected companies, banks, hospitals, and other services in 2017.

Tara O, an adjunct fellow at the Pacific Forum CSIS based in Washington, said North Korea’s attempts to hack digital currencies, including Bitcoin, are happening on a large scale.

“North Korea continuously seeks ways to bring in hard currency, and one way is to steal or demand payment in Bitcoin or other cryptocurrency, which can later be changed into dollars or yen or renminbi,” O told The Korea Times.

One good example, she said, is “Lazarus Group’s WannaCry malware, a malicious ransomware,” that targeted businesses and governments in 150 countries, with over 200,000 victims, in May 2017.

“Lazarus Group, also known as Hidden Cobra and Guardians of Peace, used WannaCry to exploit a flaw in Windows operating systems to lock files on computers and demand a ransom, payable in Bitcoin,” she said.