The North Korea-linked Lazarus Group is suspected to be behind the approximately 44.5 billion won ($30.4 million) cyberattack targeting South Korea’s largest cryptocurrency exchange, Upbit.
Lazarus Group May Be Behind $30 Million Hack on Upbit
According to local media reports, government and industry sources say the attack methods and on-chain movements are similar to Lazarus’ past operations.
Officials speaking to Yonhap News Agency said that field inspections of Upbit were being prepared amid growing suspicions. The exchange announced Thursday morning that it had detected abnormal outflows of some crypto assets on the Solana network and immediately halted all deposits and withdrawals.
Upbit initially announced losses of 54 billion won ($36.8 million), but later revised that figure down to 44.5 billion won. Authorities noted that the methods used in the attack were similar to the 2019 Upbit hack, further bolstering suspicions of Lazarus. South Korean police confirmed last year that Lazarus was behind the 342,000 ETH stolen from Upbit in 2019.
Authorities say that instead of attacking servers directly, hackers may have taken over administrator accounts or impersonated administrators to approve transfers.
According to data from blockchain analyst Dethective, the wallet associated with the attack began converting SOL holdings into USDC and bridging them to the Ethereum network. This development comes just a day after Naver Financial announced its decision to fully acquire Dunamu, the operator of Upbit.
*This is not investment advice.
Source: https://en.bitcoinsistemi.com/prime-suspect-in-upbit-hacker-attack-revealed-details-here/