2019-07

Bitpoint

Bitpoint halted services after detecting suspicious Ripple remittance activity and later determined that attackers had stolen cryptocurrency from both customer and company holdings across Bitcoin, Bitcoin Cash, Litecoin, Ethereum, and XRP. The Japan-based…

🇯🇵 Japan

2019-07

CoinTiger

CoinTiger is linked in U.S. virtual-currency forfeiture and UN Panel reporting to 2019 cryptocurrency-laundering activity connected to funds stolen from exchanges and other hacks. The available evidence places the Singapore-based exchange in the broader D…

🇸🇬 Singapore

2019-03

Bithumb#4

Bithumb detected an abnormal withdrawal of company-owned cryptocurrency through its monitoring system on March 29, 2019, then blocked deposits and withdrawals while moving remaining assets into cold wallets. The exchange stated that member assets were pro…

🇰🇷 Korea, Republic of

2019-03

Kuwait Bank

Kuwait Bank is included in UN Panel of Experts reporting on DPRK cyber operations against financial institutions and cryptocurrency exchanges for revenue generation and sanctions evasion. The linked evidence does not describe the bank-specific intrusion c…

🇰🇼 Kuwait

2019-03

BiKi

🇸🇬 Singapore

2019-03

CoinBene

CoinBene was reported to have suffered a March 2019 cryptocurrency theft involving 107 ERC-20-based assets, with blockchain analysis tracing stolen funds through attacker wallets, intermediary sweeping addresses, and exchanges including Huobi, EtherDelta,…

🇯🇵 Japan

2019-03

DragonEx

DragonEx reported that attackers stole more than 20 cryptocurrencies from the exchange on March 24, 2019, prompting external tracing of roughly $6 million in digital-asset movements. Chainalysis later described the compromise as a Lazarus operation that u…

🇸🇬 Singapore

2019-03

Gambian Financial Institution

The UN Panel of Experts listed the Gambian financial institution case among DPRK cyber-enabled financial theft activity used to generate and launder revenue outside the traditional banking system. The incident fits the report's broader sanctions-evasion f…

🇬🇲 Gambia

2019-03

Nigerian Financial Institution

A Nigerian financial institution is listed in UN Panel of Experts reporting on DPRK cyber operations used to steal and launder funds from financial institutions and cryptocurrency exchanges. The available linked evidence does not provide Nigerian institut…

🇳🇬 Nigeria

2019-02

Spanish Financial Institution

The UN Panel of Experts listed the Spanish financial institution case among DPRK cyber-enabled financial theft activity targeting banks and cryptocurrency exchanges for sanctions-evasion revenue. The available evidence does not provide operational details…

🇪🇸 Spain

2019-02

Bank of Valletta

Bank of Valletta was identified in UN and U.S. law-enforcement reporting as a 2019 Maltese bank cyber-heist tied to North Korean cyber-enabled financial crime. The linked evidence places the case within DPRK/RGB-directed operations involving SWIFT-enabled…

🇲🇹 Malta

2019-01

Cryptopia

Cryptopia disclosed a January 2019 cryptocurrency exchange breach in New Zealand that triggered a police investigation and community blockchain tracing of stolen assets while key loss details were still emerging. Subsequent blockchain analysis tracked sto…

🇳🇿 New Zealand

2018-12

GBNKCenter

In late 2018, a Gyeongbuk Hana Center employee’s PC in South Korea was infected through a malicious email, exposing files containing personal information for 997 North Korean defectors. The leaked data included names, birth dates, and addresses, while con…

🇰🇷 Korea, Republic of

2018-12

Thailand Financial Institute

UN Panel evidence lists a Thailand-linked financial-institution case in its annex of suspected DPRK cyber attacks on banks and cryptocurrency exchanges. The excerpt places the case among SWIFT-style attempted thefts and records a USD 100 million attempted…

🇹🇭 Thailand

2018-12

RedBanc

RedBanc, a Chilean financial network, was tied in linked reporting to a Lazarus-associated intrusion after disclosure of malware and tooling overlaps with other financial-sector activity. QuoScient reported that a Lazarus-linked tool observed in the RedBa…

🇨🇱 Chile