South Korean authorities suspect that the North Korean hacker group Lazarus was behind yesterday's Upbit hack.
TechFlowNov 28, 2025On November 28, according to Yonhap News Agency, regarding the 44.5 billion won (Upbit's official disclosure is 54 billion won) worth of virtual assets stolen from Upbit, South Korea's largest virtual asset exchange, authorities are focusing on suspecting the North Korean Reconnaissance General Bureau's hacker group Lazarus as the mastermind behind the incident.The attack occurred in a hot wallet, using the same method as the 58 billion won Ethereum theft from Upbit in 2019. Government officials stated that the attackers may have transferred funds by stealing administrator accounts or impersonating administrators.Security experts pointed out that the hackers transferred funds to other exchange wallets and performed coin mixing operations after the attack, which is a typical method of the Lazarus organization. Since countries that have joined the Financial Action Task Force on Money Laundering cannot conduct coin mixing operations, North Korea is highly likely to be the perpetrator.It is worth noting that this incident happened to occur on the same day as the press conference related to the merger of Naver Financial and Dunamu. Experts believe that this may reflect the hackers' mentality of showing off. Currently, the Financial Supervisory Service, the Korea Internet & Security Agency, and other institutions are conducting on-site inspections of Upbit.[Techflow]
Source
Powered by ChatGPT
All You Need to Know in 10s
Your One-Stop Crypto Investment Powerhouse
South Korean authorities suspect that the North Korean hacker group Lazarus was behind yesterday's Upbit hack.
TechFlowNov 28, 2025On November 28, according to Yonhap News Agency, regarding the 44.5 billion won (Upbit's official disclosure is 54 billion won) worth of virtual assets stolen from Upbit, South Korea's largest virtual asset exchange, authorities are focusing on suspecting the North Korean Reconnaissance General Bureau's hacker group Lazarus as the mastermind behind the incident.The attack occurred in a hot wallet, using the same method as the 58 billion won Ethereum theft from Upbit in 2019. Government officials stated that the attackers may have transferred funds by stealing administrator accounts or impersonating administrators.Security experts pointed out that the hackers transferred funds to other exchange wallets and performed coin mixing operations after the attack, which is a typical method of the Lazarus organization. Since countries that have joined the Financial Action Task Force on Money Laundering cannot conduct coin mixing operations, North Korea is highly likely to be the perpetrator.It is worth noting that this incident happened to occur on the same day as the press conference related to the merger of Naver Financial and Dunamu. Experts believe that this may reflect the hackers' mentality of showing off. Currently, the Financial Supervisory Service, the Korea Internet & Security Agency, and other institutions are conducting on-site inspections of Upbit.[Techflow]
Powered by ChatGPT
Scan QR Code to Explore more key information
One-stop financial research platform for Crypto Investors
00:00 / 00:00
00:0000:0000:00