Upbit Cryptocurrency Exchange Breach: North Korean Hackers Suspected

Upbit has become the focus of an extensive investigation by South Korean authorities following a significant breach involving the unauthorised withdrawal of 44.5 billion won worth of digital assets. Suspicions are rising that a North Korean hacking unit may be linked to this serious incident.

According to Yonhap News Agency, investigators are scrutinising evidence that suggests the involvement of the Lazarus Group, a notorious hacking collective that has connections to North Korea’s intelligence service. This group has been associated with numerous high-value crypto thefts over the years and is recognised as one of the most advanced cyber threats worldwide. The U.S. Federal Bureau of Investigation has previously identified North Korea’s cyber activities as “one of the most advanced persistent threats.”

The recent incident, which Upbit has characterised as “an abnormal withdrawal,” shows parallels to the 2019 heist where 58 billion won was stolen, a crime also attributed to the Lazarus Group, according to a source from the government cited by Yonhap.

Investigation Underway by Authorities

An official from the cyber crime team of the National Police Agency has confirmed that an investigation is currently ongoing but refrained from providing additional details. The National Intelligence Service could not be reached for comment.

Dunamu, the entity that operates Upbit, has stated that it is “currently investigating the cause and scale of the asset outflow.”

This incident has remarkable timing, occurring just hours before South Korean internet giant Naver declared its intention to acquire Dunamu. Upbit continues to hold the title of the largest cryptocurrency exchange in South Korea.