WASHINGTON (US) – A preliminary United Nations inquiry into the theft of $281 million worth of assets from a cryptocurrency exchange last September “strongly suggests” links to North Korea . Industry analysts are also pointing to Seychelles-based KuCoin as the victim of one of the largest reported digital currency heists.
A confidential report by independent sanctions monitors to UN Security Council members said blockchain transactions related to the hack also appeared to be tied to a second hack last October when $23 million was stolen.
“Preliminary analysis, based on the attack vectors and subsequent efforts to launder the illicit proceeds, strongly suggests links to the DPRK,” the monitors wrote, using North Korea’s formal name, the Democratic People’s Republic of Korea. They accuse Pyongyang of using stolen funds to support its nuclear and ballistic missile programs to circumvent sanctions.
While the report did not name the victim of the attack, digital currency exchange KuCoin reported the theft of $281 million in bitcoin and various other tokens on Sept. 25.
“This must be the KuCoin hack,” said Frank van Weert, an analyst with Whale Alert – an Amsterdam-based group which tracks large cryptocurrency movements across the internet. “There were no other significant hacks during that period.”
Industry experts said the hackers were trying to funnel the money through decentralized exchanges – which work by arranging individual-to-individual currency swaps – in a bid to bypass centrally-managed trading platforms, many of which had quickly flagged the stolen money as illicit.
“According to sources familiar with both hacks, the attackers exploited ‘defi’ protocols — i.e., smart contracts that facilitate automated transactions,” the UN report said.
North Korea’s UN mission in New York did not immediately respond to a request for comment on the report.
KuCoin has previously said that it managed to recover more than 80 percent of the digital currency stolen in September thanks in part to the work of other exchanges who froze the funds as they transited through their respective systems.
CEO Lyu has also said that KuCoin had discovered who the hackers were but said that, at the request of law enforcement, it would only be making their identity public “once the case is closed.” In an update posted to Twitter last week, Lyu said that the hunt for the suspects was still in progress.
North Korea has generated an estimated $2 billion using “widespread and increasingly sophisticated” cyberattacks to steal from banks and cryptocurrency exchanges, the monitors reported in 2019.