Blockchain experts are pointing to hackers linked with North Korea as the probable perpetrators behind the theft of $70 million from Hong Kong-based cryptocurrency exchange, CoinEx. The exchange revealed the cyberintrusion through the social media platform X (formerly Twitter), indicating that its digital asset wallets had been compromised.
Elliptic, a blockchain research organization, carried out an analysis that suggests the Lazarus Group, a hacking collective associated with North Korea, is likely behind the theft. The organization found that a portion of the stolen assets was moved to a cryptocurrency wallet address previously connected to the Lazarus Group’s illegal activities. The group is known to use a blockchain “bridge” to transfer funds onto the Ethereum blockchain.
In addition, Elliptic noted an escalation in the Lazarus Group’s cyber activities, reporting that the collective has stolen roughly $240 million in cryptocurrency through four distinct attacks since June. Another research entity, Chainalysis, expressed “medium-high confidence” in North Korea’s involvement in the CoinEx attack.
The incident is not isolated; North Korea has been linked to multiple crypto heists in recent years. As of 2022, the country is estimated to have stolen about $1.7 billion in cryptocurrency. In a notable case in April, hackers associated with North Korea were implicated in stealing nearly $615 million in cryptocurrency from the Ronin blockchain network, connected to the online game Axie Infinity.