South Korean authorities suspect that the mastermind behind yesterday's Upbit attack was the North Korean hacker group Lazarus.
OdailyNov 28, 2025Yesterday, the South Korean crypto exchange Upbit was attacked by hackers, and virtual assets worth 44.50 billion Korean won were stolen. Yonhap News Agency learned from the information and communication technology (ICT) industry and relevant South Korean government departments that, given the strong suspicion that the Lazarus Group, a hacker organization under the North Korean Reconnaissance General Bureau, committed the crime, the authorities are conducting on-site inspections of Upbit.The hacker organization was previously accused of participating in the 2019 theft of 58.00 billion Korean won worth of Ethereum from Upbit. A government official said, "This attack is unlikely to be targeted at the server. It is more likely that the administrator account was stolen, or the funds were transferred by disguising as an administrator."He also said, "Based on the current situation, the hackers used this method to carry out the attack 6 years ago, so it is speculated that the same method was used this time."[Odaily星球日报]
Source
Powered by ChatGPT
All You Need to Know in 10s
Your One-Stop Crypto Investment Powerhouse
South Korean authorities suspect that the mastermind behind yesterday's Upbit attack was the North Korean hacker group Lazarus.
OdailyNov 28, 2025Yesterday, the South Korean crypto exchange Upbit was attacked by hackers, and virtual assets worth 44.50 billion Korean won were stolen. Yonhap News Agency learned from the information and communication technology (ICT) industry and relevant South Korean government departments that, given the strong suspicion that the Lazarus Group, a hacker organization under the North Korean Reconnaissance General Bureau, committed the crime, the authorities are conducting on-site inspections of Upbit.The hacker organization was previously accused of participating in the 2019 theft of 58.00 billion Korean won worth of Ethereum from Upbit. A government official said, "This attack is unlikely to be targeted at the server. It is more likely that the administrator account was stolen, or the funds were transferred by disguising as an administrator."He also said, "Based on the current situation, the hackers used this method to carry out the attack 6 years ago, so it is speculated that the same method was used this time."[Odaily星球日报]
Powered by ChatGPT
Scan QR Code to Explore more key information
One-stop financial research platform for Crypto Investors
00:00 / 00:00
00:0000:0000:00