North Korea has a pot? New research shows that the theft of Coincheck is actually done by Russian hackers.

According to the Asahi Shimbun report today, the personal computer of the Coincheck employee of the Japanese crypto exchange was found to be infected with a virus related to Russian hacking organizations.

In January 2018, Coincheck suffered a hacker attack. The $534 million NEM (new currency) was stolen and the stolen amount was the highest in the history of cryptocurrency.

Earlier reports said that this high-profile attack was initiated by North Korean-related attackers, but the latest research raises questions about this claim.


Experts are currently considering that the crime may have been caused by "a group of unknown hackers."

In a recent survey of Coincheck employees' personal computers, researchers discovered the "Mokes" and "Netwire" viruses. These computers may install and spread the virus in the form of emails, giving them the opportunity to gain unauthorized access to the exchange's private key.

Given that both known viruses have been used by Russian hackers before, an American expert told the media:

"After the analysis of the virus, Eastern Europe and Russia may be related to the criminal group."

According to reports, both viruses allow hackers to take control of infected computers and perform remote operations. In June 2011, Morks was first promoted at a forum in Russia, and it is reported that cybersecurity investigators have known Netwire for 12 years.

Prior to this, several security companies believed that the theft of Coincheck was related to North Korean hackers. Due to sanctions imposed by Western countries, North Korea is considered to conduct normal economic activities through illegal acquisition of cryptocurrencies.

For example, this spring, a South Korean cybersecurity company claimed that North Korean hackers were behind the scenes of phishing scams for UpBit users on the Korean cryptocurrency exchange.

In a report last February, the South Korean National Intelligence Agency said phishing scams and other means have brought tens of billions of won to North Korea. The North Korean authorities are also alleged to be investigating whether the country is behind the scenes of the Coincheck attack.

However, it seems that North Korea has been on the back of Coincheck’s theft.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!


Was this article helpful?

93 out of 132 found this helpful

Discover more


ChainGPT and CoinMarketCap Join Forces for a Whirlwind Airdrop!

Attention Fashionistas! Exciting news for BNB Chain-based AI infrastructure protocol ChainGPT, as they have just anno...


Franklin Templeton’s Unique Approach to Spot Bitcoin ETFs Sets It Apart From Competitors

With the growing popularity of spot Bitcoin ETFs in the market, Franklin Templeton is confident that its offering wil...


The Resurgence of DeFi and Stablecoins: A Look Ahead to 2024 📈💰🚀

According to Fidelity Digital, the stablecoin market is expected to see a significant increase due to the potential i...


JPMorgan CEO Threatens Crypto: A Criminal’s Best Friend or Innovation’s Gateway?

In a recent statement, Dimon expressed his belief that cryptocurrency companies should undergo the same AML regulatio...


Sam Bankman-Fried: From Crypto Billionaire to Mackerel Trader in Prison

Former FTX CEO Sam Bankman-Fried shifts focus to mackerel trading while awaiting trial date.


Bitcoin Takes Off, Leaving Financial Industry Stunned

Bitcoin hits year's peak at $44,000 before dipping back to $43,483.