North Korea’s notorious Lazarus Group is suspected of carrying out a major cryptocurrency hack, stealing around $30.6 million from South Korea’s largest exchange, Upbit.
Authorities are planning an on-site inspection at the exchange. Yonhap News, citing government and industry sources, believes they may connect the attack to the same group responsible for earlier Lazarus breaches.
The group has been linked to past cryptocurrency thefts intended to generate funds for Pyongyang, which faces ongoing foreign currency shortages.
Upbit suspends withdrawals after 44.5B won breach
Dunamu, the operator of Upbit, confirmed the transfer of Solana-based assets worth 44.5 billion won to an unauthorized wallet on Thursday.
The company stated it would fully reimburse users from its reserves. The company immediately suspended withdrawals and deposits while conducting internal checks.
The breach was similar to the 2019 hack. This breach involved the theft of 58 billion won worth of Ethereum from the same platform, according to investigators.
The officials suspect that the hackers might have circumvented core infrastructure by posing as administrators or hacking the internal accounts to sanction the withdrawal.
Security analysts noted that the stolen money was rapidly transferred to wallets associated with additional sites. This suggests an attempt to conceal a record of the transactions. With the help of laundering techniques that Lazarus used in its earlier activities.
One of the officials stated that their usual method involves scattering tokens across various networks to hinder tracing efforts.
Analysts noted that Lazarus has always chosen major crypto exchanges to boost effectiveness and recognized that this attack may have been planned to occur at a time when scrutiny was at its highest.
Earlier this month, South Korea said that it could rethink its sanctions against North Korea after the new US actions. This implicated the crypto theft activities of the Northern nation in funding its weapon programs.
North Korea’s rising digital threats
Second Vice Foreign Minister Kim Ji-na said that Seoul has reviewed sanctions, stating that it must work closely with Washington to deal with North Korea. This is increasing cyber and digital threats.
Kim also suggested that efforts should be jointly made between the US and South Korea to curb cryptocurrency theft by Pyongyang. The stolen money is usually applied to finance nuclear and missile programs of North Korea. This poses a significant threat to the global digital ecosystem.
The attack came only a day after Naver also announced its intention to purchase Dunamu via a share-swap transaction. Making the acquisition the center of national attention.
Meanwhile, a South Korean tech giant, Naver, has a fintech division called Naver Financial. Will launch a stablecoin wallet in Busan as part of the city’s attempts to build a blockchain-driven local economy.
Naver is reported to have finished the development of the wallet. And is now performing final checks before it is scheduled to be launched next month.
The program is being incubated with existing venture capital company Hashed and the Busan Digital Asset Exchange (BDAN). The organization spearheading the overall strategy of the city regarding digital assets.