South Korean authorities are investigating a recent security breach at the cryptocurrency exchange Upbit. The breach involved the unauthorized withdrawal of digital assets worth 44.5 billion won. There are suspicions that a North Korean hacking unit may have been behind it.
Yonhap News Agency reported that investigators are focusing on signs that could link the attack to the Lazarus Group. This group is connected to North Korea’s intelligence agency and has been involved in several major crypto thefts in recent years. It is considered one of the most advanced cyber threats in the world. The U.S. Federal Bureau of Investigation has called North Korea’s cyber operations “one of the most advanced persistent threats.”
Upbit described the attack as an “abnormal withdrawal.” Officials noted that it looks similar to a 58 billion won crypto theft in 2019, which was also linked to Lazarus.
A cyber crime official from South Korea’s National Police Agency confirmed that an investigation is ongoing but did not provide more details. The National Intelligence Service could not be reached for comment.
Dunamu, the company that runs Upbit, said they are investigating the cause and size of the asset loss.
The breach happened just hours before South Korean internet company Naver announced it would acquire Dunamu. Upbit continues to be the country’s largest cryptocurrency exchange.
