South Korea’s chief intelligence agency suspects that North Korean hackers are behind attacks on the country’s most-trafficked bitcoin exchange.

According to a report this week by the BBC, the National Intelligence Service (NIS) has officially passed evidence of the allegations to prosecutors that would affirm attacks on a Bithumb employee’s home computer dating back to February amount to a kind of espionage.

Around 7.6 billion won ($6.99 million) worth of cryptocurrencies was stolen at the time, along with the personal information of some 30,000 people. First reported in July, the data leak is believed to have led to the draining of funds from an unknown number of accounts.

The BBC report goes on to state that the hackers demanded a ransom of 6 billion won ($5.5 million) in exchange for the destruction of leaked information.

Still, while investigations are ongoing, it’s far from an isolated incident. In October, officials from South Korea’s National Police Agency confirmed 25 employees at four different exchanges were targeted in 10 separate “spear phishing” attempts this year.

The NIS also suspects North Korea was involved in an attack on another South Korean cryptocurrency exchange, Coinis, in September, and believes both incidents may be part of a coordinated effort to avoid sanctions.

North Korean flag image via Shutterstock