The recent $27 million hack on crypto exchange CoinEx was executed by the North Korean Lazarus Group, according to blockchain security firm SlowMist. This revelation was further supported by ZachXBT, a well-known on-chain investigator, who discovered that the same group was responsible for the $41 million Stake hack on Optimism and Polygon. SlowMist provided an explanation of how it arrived at this conclusion by investigating the addresses involved in previous exploits.
The U.S. Federal Bureau of Investigation (FBI) had previously connected the $41 million exploit of crypto gambling site Stake to North Korean state-backed actors. In an official notice, it was revealed that the hackers have already stolen over $200 million from various crypto projects, including Atomic Wallet and Alphapo. This reaffirms the growing concern over North Korea’s involvement in illicit activities.
CoinEx, the targeted exchange, confirmed on September 12 that it had fallen victim to an undisclosed amount of unauthorized withdrawals from its hot wallets. Leading blockchain analysts estimated that the attack resulted in a loss of over $27 million in various cryptocurrencies such as Ethereum, Tron, and ERC-20 tokens. Following the confirmation, CoinEx identified additional suspicious wallet addresses connected to the hack and assured that it was actively working to trace the hackers’ identities.
Despite facing economic sanctions imposed by Western countries and their allies, North Korea has increasingly relied on illicit crypto activities to fund its weapons program. Notably, the nation has consistently denied any involvement in sponsoring hackers, despite the mounting evidence presented by leading organizations like the United Nations. This persistent denial raises concerns about the effectiveness of international efforts to curb North Korea’s illicit activities.
In response to North Korea’s crypto-related theft, South Korea has announced its intention to draft a bill that will enable the tracking and freezing of stolen crypto assets. This proposed legislation aims to protect against further illicit funding of North Korea’s weapons program and strengthen the country’s ability to respond to such cyber attacks.
The recent hack on CoinEx has been attributed to the Lazarus Group, a North Korean state-backed hacking organization. This revelation was further supported by the FBI’s earlier confirmation connecting North Korea to a series of crypto exploits. While North Korea continues to deny its involvement, the mounting evidence suggests otherwise. This incident highlights the need for increased international cooperation and regulations to combat the growing threat of state-sponsored hacking and the illicit funding of weapons programs through cryptocurrencies. South Korea’s proposed bill represents a step towards strengthening countermeasures against North Korea’s cyber activities.