Suspicions took their root in South Korea about North’s hand in recent crypto-currency hacking.
South Korea's spy agency suspects that North Korea might have hacked on a crypto-currency exchange, sources told the BBC.
At least $7m (£5.25m) in digital money was stolen in the hacks - although the money is now said to have ballooned in value to $82.7m.
The thieves also stole the personal information of some 30,000 people.
They were trading the virtual currencies Bitcoin and Ethereum on the Bithumb crypto-currency exchange.
Based on recent trading volumes, Bithumb is South Korea's biggest and one of the five largest in the world.
Analysts say North Korean hackers may have targeted crypto-currencies in order to evade the financial sanctions imposed as punishment for the North's development of nuclear weapons.
This attack is said to date back to February, when a Bithumb employee's home PC was targeted - though it was only discovered in June.
The hackers also demanded a further $5.5m from Bithumb in exchange for deleting traders' personal information, said reports.
The sources in the spy agency, the National Intelligence Service, similarly suspect the North of being behind the hacking of another exchange, Coinis, in September, South Korean news agency Yonhap says.
But a further attempt in October was thwarted, reports said.
Evidence has now been passed to prosecutors.
At present, virtual currencies are not regulated by South Korea's financial authorities but they are now vowing to toughen up regulation.
Three days ago the government imposed fines totalling $55,000 on Bithumb over its failure to protect users' information.