North Korean Hackers Suspected in Major Cyberattack on South Korea’s Upbit Cryptocurrency Exchange

South Korea Investigates Major Cyberattack on Upbit, Suspects North Korean Hackers

In a shocking turn of events, South Korea’s largest cryptocurrency exchange, Upbit, has fallen victim to a significant cyberattack, leading to the unauthorized withdrawal of approximately 44.5 billion won ($30.4 million) in cryptocurrencies. Authorities suspect that the notorious Lazarus Group, a hacking team linked to North Korea’s spy agency, may be behind the breach, according to reports from the Yonhap News Agency.

Ongoing Investigation into the Hack

The cyberattack, described by Upbit as an “abnormal withdrawal,” has prompted South Korean authorities to launch a thorough investigation into the exchange’s systems. An unnamed government official noted that the recent attack bears striking similarities to a 2019 heist that resulted in the theft of 58 billion won, also attributed to the Lazarus Group.

A representative from South Korea’s National Police Agency confirmed to Reuters that a probe is underway, although further details remain undisclosed. Meanwhile, Dunamu, the operator of Upbit, stated, “We are currently investigating the cause and scale of the asset outflow,” as the company works to assess the situation.

Upbit Suspends Operations

In the wake of the attack, Upbit has temporarily suspended all deposits and withdrawals on its platform. The exchange reported that a portion of Solana network-based assets, valued at around 44.5 billion won, was transferred to an unauthorized external wallet on November 27. Initially estimated at 54 billion won, the stolen amount was later adjusted to reflect the asset prices at the time of the exploit, as reported by Bloomberg.

Rising Cases of Cyberattacks on Crypto Exchanges

This incident is part of a troubling trend, as cryptocurrency exchanges have increasingly become targets for cybercriminals. In recent months, several high-profile hacks have underscored the vulnerabilities in securing digital assets. Earlier this year, the Lazarus Group allegedly stole $1.5 billion in Ethereum tokens from the Dubai-based exchange ByBit. Additionally, in June, CoinDCX, one of India’s largest crypto exchanges, confirmed a major security breach that resulted in the theft of around $44 million.

North Korean Hackers’ Record of Theft

The Lazarus Group’s activities are not new; hackers linked to the North Korean government have reportedly stolen over $2 billion in cryptocurrency this year alone, according to a blog post by blockchain analysis firm Elliptic. This figure surpasses the previous record of $1.35 billion stolen in 2022. Elliptic estimates that since 2017, North Korea has pilfered at least $6 billion in cryptocurrency, although this number may still be an underestimate.

As the investigation unfolds, the implications of this cyberattack extend beyond financial losses, raising concerns about the security of digital assets and the persistent threat posed by state-sponsored hacking groups. The situation remains fluid, and further updates are expected as authorities continue to probe the incident.