North Korean Hackers Threatened Bithumb Exchange With a $16M Ransom Amid the 2017 Data Breach, Says Report

A new report commissioned by the U.S. secret services unveiled what happened behind the attack launched by North Korean hackers against a South Korean crypto exchange. The case is about a breach on June 29, 2017, which exposed data tied to over 30,000 customers stemming from Bithumb.

Hackers Threatened to ‘Destroy’ Data and Cryptos Stolen

According to Maeil Kyungjae, the U.S. authorities found that North Korean hackers got access to personal data and funds from customers then demanded a ransom payment afterward. The blackmailers targeted the crypto exchange Bithumb by asking them for 20 billion won ($16 million).

Moreover, threat actors are also accused of sending malicious code through fake job applications to Bithumb employees. It was done reportedly during a hiring season that the company had over that year.

The Federal Bureau of Investigation (FBI) collaborated with the South Korean authorities in making the correspondent inquiries on the case. On the ransom note, hackers threatened Bithumb to “sell or destroy the customer’s virtual currency unless a certain amount is given.”

Although the name of the cybercriminals wasn’t specified in the U.S. security report, Lazarus Group could likely be the masterminds of the attack.

In fact, the local media outlet related them with past significant cyberattacks, whose authorships are attributed in the indictments filed by the U.S. Department of Justice (DOJ) to hackers “belonging to the North Korean Reconnaissance Office,” which are more specifically Lazarus Group.

Lazarus Group Responsible for Major Cyber-Heists Against Crypto Exchanges Globally

Recently, as Bitcoin.com News reported in February 2021, the U.S. DOJ unsealed new charges against the North Korean state-sponsored hackers.

The hackers are allegedly responsible for stealing over $1.3 billion in cryptocurrencies and fiat during coordinated cyber-heists over the last few years.

Law enforcement revealed a case related to an unnamed Slovenian crypto company. Per the court documents, the hackers participated in the theft of $75 million from such a firm in December 2017.

They were also involved in a $24.9 million theft of another crypto business in September 2018, but this time in Indonesia.

What are your thoughts on the U.S. authorities’ report on Bithumb’s data breach in 2017? Let us know in the comments section below.

About Author


Deprecated: Directive 'allow_url_include' is deprecated in Unknown on line 0