Travel News

North Korean hackers have been accused of a £17m Bitcoin heist that brought down a UK-based cryptocurrency company.

Lazarus, the hermit kingdom’s notorious cyber gang, has been identified as the potential culprit behind the theft of cryptocurrency from Lykke, a trading platform incorporated in Britain.

If confirmed, it would be North Korea’s biggest-known cryptocurrency heist to target Britain. The pariah state has made billions in recent years stealing cryptocurrency to fund its military and nuclear programmes.

Lykke was founded in 2015 and operated from Switzerland but was registered in the UK. The company said last year that it had lost $22.8m (£16.8m) in Bitcoin, Ethereum and other cryptocurrencies, forcing it to halt operations.

In March a judge ordered the company to be liquidated after a legal campaign from more than 70 affected users.

North Korea was named as the potential hacker in a recent report by the Office of Financial Sanctions Implementation (OFSI), a branch of the Treasury.

“The attack has been attributed to malicious Democratic People’s Republic of Korea cyberactors, who stole funds on both the Bitcoin and Ethereum networks,” it said.

The Treasury said the OFSI did not reveal the sources of its information but that it worked closely with law enforcement.

Lazarus had been separately blamed for the attack on Lykke by Whitestream, an Israeli cryptocurrency research company.

It said the attackers had laundered the stolen funds through two other cryptocurrency companies notorious for allowing users to hide their tracks, and thus avoid money-laundering controls.

Other researchers have disagreed with the conclusions, saying it is not currently possible to determine who hacked the exchange.

Lykke was founded by Richard Olsen, a great-grandson of the Swiss banking patriarch Julius Baer, and offered cryptocurrency trading without transaction fees.

The company was run out of Zug in Switzerland’s so-called “crypto valley” but its corporate entity was registered in Britain.

In 2023, the Financial Conduct Authority issued a warning about the company, saying it was not registered or authorised to offer financial services for consumers in Britain.

Despite saying it would be able to return customers’ funds, it froze trading after the hack and officially shut down last December.

The company was liquidated in March following a winding up petition in the UK courts brought by a group of customers, who say they have lost £5.7m as a result of the company shutting down.

Interpath Advisory has been appointed to distribute the remaining funds to those who lost money. Its Swiss parent was placed into liquidation last year.

Mr Olsen was declared bankrupt in January and is the subject of criminal investigations in Switzerland, according to British legal filings. He did not respond to requests for comment.