Upbit

Main article: Cryptocurrency exchanges

History

2025: Closure due to money laundering

On January 16, 2025, the Financial Intelligence Unit (FIU) of the Financial Services Commission of South Korea ordered the country's largest crypto exchange Upbit to stop operations. The reason is non-compliance with anti-money laundering requirements.

It is said that in November 2024, FIU conducted an audit of the crypto exchange that was required to renew the company's license. The regulator identified about 700 thousand cases when Upbit failed to properly implement Know Your Client (KYC) procedures, which are critical to preventing money laundering and other financial crimes.

𝓲

Фото: Freepik

Upbit, which accounts for more than 70% of the domestic market, is to provide FIU with explanations and comments. After that, the regulator will make a final decision on fines and sanctions against the crypto exchange. If the ban is approved, Upbit will lose the ability to attract new customers for up to six months. In addition, certain restrictions on customer withdrawals may be imposed.

In accordance with the legislation in force in South Korea, a fine of up to 100 million won (about $68.6 thousand at the exchange rate as of January 17, 2025) can be issued for each violation of the company. Thus, if all 700 thousand violations identified are taken into account, the total amount of recovery can be up to $48 billion.

It is noted that the actions of the FIU are part of a broader effort to ensure compliance with the rules for combating money laundering and the financing of terrorism. The law obliges financial institutions, including virtual asset exchanges, to implement strict KYC procedures. In general, the regulatory environment in South Korea is gradually tightening, due to the desire to ensure transparency, protect investors and prevent illegal activities in the cryptocurrency market.^[1]

2019: Hacker attack and kidnapping over $1 billion

On November 21, 2024, the National Directorate of Investigation of South Korea reported that North Korean hackers were behind the hacking of the local cryptocurrency exchange Upbit. Damage from a cyber attack as of this date is estimated at more than $1 billion.

It is clarified that the attack was committed back in 2019. Then the attackers managed to steal 342 thousand. Ethereum (ETH), which at the time of the hack was equivalent to about $50 million. In prices as of November 22, 2024, the value of such assets in ETH is $ 1 141 531 481.

𝓲

Фото: Freepik

For several years, as noted, it was not clear who exactly carried out the attack on Upbit. But a long investigation conducted by South Korean specialists with the support of the FBI and the Swiss authorities made it possible to get on the trail of cybercriminals. It is alleged that the hacking of the Upbit crypto exchange was carried out by hackers from the Lazarus and Andariel groups, which are associated with North Korea. Attackers used advanced methods to carefully plan and implement the attack. The analyzed suspicious cryptocurrency transactions, tracked IP addresses and identified patterns directly indicate that the hack was carried out by North Korean criminals, it said.

After the invasion and theft of funds, hackers used complex laundering methods, which makes it almost impossible to return the stolen assets. Roughly 57% of the stolen Ethereum cryptocurrency was found to have been sold on black market platforms, some of which are reportedly linked to North Korea. The remaining funds, as noted by the Coinpedia.org resource, were redirected through 51 foreign exchanges. To further complicate asset tracking, cybercriminals converted part of Ethereum to Bitcoin, often at low prices.^[2]

Notes