South Korean authorities suspect a North Korean hacking group behind the theft of $30.4 million from the cryptocurrency exchange Upbit. The incident involved an unauthorized withdrawal of 44.5 billion won, prompting an ongoing investigation. This comes amid the exchange's acquisition by internet giant Naver.
On Thursday, Upbit, South Korea's largest cryptocurrency exchange, experienced what it described as an 'abnormal withdrawal' leading to the loss of 44.5 billion won, equivalent to $30.4 million, in cryptocurrencies. The hack occurred just hours before Naver, a major South Korean internet company, acquired Dunamu, the operator of Upbit.
Authorities in Seoul are examining Upbit's systems and believe the Lazarus Group, a hacking team linked to North Korea's spy agency, may be responsible. An unnamed government official told Yonhap News Agency that the attack bears similarities to a 2019 incident where Lazarus stole 58 billion won from the same exchange.
The Lazarus Group has a history of targeting cryptocurrency platforms, with the US Federal Bureau of Investigation labeling North Korea's cyber operations as one of the most advanced persistent threats. South Korea's National Police Agency has initiated an investigation into the cyber crime but offered no additional details. The National Intelligence Service was unavailable for comment.
Dunamu issued a statement saying, 'We are currently investigating the cause and scale of the asset outflow.' This event underscores ongoing concerns about state-sponsored cyber threats in the cryptocurrency sector, particularly from North Korea.