South Korea's Crypto Exchange Hacking History: Upbit Once Hacked by North Korean Hackers Stealing 342,000 ETH, Bithumb Also Hacked Multiple Times

November 27th: South Korea's largest cryptocurrency exchange, Upbit, came under attack today. Previously, in November 2019, the exchange was hacked when its hot wallet was breached, and 342,000 ETH was transferred to an unknown address, with a value of approximately $50 million. The mastermind of the attack is suspected to be the North Korean hacker group Lazarus Group. After the theft, Upbit fully compensated its users with its own funds and suspended trading for two weeks. Subsequently, the exchange increased the ratio of cold wallet asset storage to 70%. This morning, Upbit disclosed that it detected unusual withdrawal activity at 4:42 AM. Around 540 billion Korean won (approximately $36 million) of Solana network-related digital assets were moved to an unknown external wallet address. Upbit will cover all customer losses and has suspended Solana network asset deposits and withdrawals. The stolen assets include tokens such as 2Z, ACS, BONK, DOOD, TRUMP, USDC, and W. It is worth noting that yesterday, South Korea's largest web portal, Naver, agreed to acquire Dunamu, the operator of Upbit, South Korea's largest cryptocurrency exchange, through a full stock transaction valued at approximately $10.3 billion. South Korea's second-largest cryptocurrency exchange, Bithumb, has also been a target of multiple cyberattacks. In February 2017, unknown hackers breached an employee's computer, stole user data, and transferred around $7 million in assets. Subsequently, some of Bithumb's user data was leaked, leading to phishing attacks. In June of the same year, the exchange experienced another employee computer breach, exposing the personal information of 31,000 users and resulting in approximately $1 million in stolen funds. On June 20, 2018, Bithumb's hot wallet was compromised, and around $32 million in assets were stolen, with suspicion falling on North Korea's Lazarus Group. Bithumb halted trading, moved its assets to cold wallets, compensated users for half of the funds, and successfully recovered the other half of the stolen funds. On March 29, 2019, Bithumb experienced abnormal withdrawals from its hot wallet, with EOS and XRP being transferred, indicating possible internal assistance. The total loss amounted to around $19 million. Bithumb fully compensated its users, prompting an investigation by the South Korean police.