The chief executive of a crypto exchange has been arrested in South Korea for allegedly leaking military secrets to North Korea, according to several reports.
The executive is one of two individuals arrested and charged with “violating the national security law,” the AFP reported. Named only as Lee, the 38-year-old is described as a businessman who runs a virtual asset management firm; the other individual arrested is a 29-year-old active army captain.
The two were paid in crypto “at the behest of a North Korean agent,” South Korean police reported. Authorities determined the agent was from North Korea based on statements gathered from the two arrested individuals; the army captain allegedly passed on login information for South Korea’s Joint Command & Control System, a military internal communications network, to the suspected North Korean agent.
The army officer was detained on April 15 and the crypto executive on April 2.
Per the BBC, the agent allegedly paid Lee $600,000 and the army captain roughly $38,000 in cryptocurrencies including Bitcoin. This is reportedly the first time a “civilian and active-duty military captain [have been] caught trying to obtain military secrets” in South Korea, according to officials.
Authorities allege that Lee was approached in July 2021 to “recruit an active-duty officer in order to investigate military secrets.” To that end, he bought a watch containing a hidden camera and passed it on to the army captain. The executive also reportedly created a “Poison Tap” hacking device to access the Joint Command and Control system. When plugged into any computer, a Poison Tap can unlock it.
The army captain allegedly gave the North Korean agent login information to the same communications network.
Following the arrest of these two individuals, authorities reported that the leak was stopped.
North Korea and crypto
This is not the first time North Korea has been connected to high-stakes hacking attempts in another country.
A United Nations report from February indicated that the Hermit Kingdom had financed, in part, its nuclear weapons program using crypto earned through cyberattacks.
“According to a member state, DPRK cyber actors stole more than $50 million between 2020 and mid-2021 from at least three cryptocurrency exchanges in North America, Europe and Asia,” the report said.
More recently, the United States government pinned an Ethereum address used to nab $622 million from the popular crypto game Axie Infinity on the North Korean hacking group Lazarus. The address has been added to the Department of Treasury’s sanctions list.
The best of Decrypt straight to your inbox.
Get the top stories curated daily, weekly roundups & deep dives straight to your inbox.
