South Korea’s largest cryptocurrency exchange, Upbit, is currently under scrutiny by regulators following a significant hack that led to the unauthorized withdrawal of approximately $36.9 million in assets on the Solana (SOL) network. The breach impacted over 20 different tokens and has prompted Upbit to freeze assets on its platform while an investigation unfolds. Lazarus Group Tied To Upbit Hack Authorities are now investigating the possibility of North Korean involvement in the cyber attack. Reports suggest that a group affiliated with North Korea’s intelligence agency, the notorious Lazarus Group, may have orchestrated the hack, which Upbit has described as an “abnormal withdrawal.” This group has been consistently linked to several high-profile crypto heists in recent years, and the US Federal Bureau of Investigation (FBI) has identified North Korean cyber operations as one of the most sophisticated and persistent threats. Related Reading: Hyperliquid (HYPE) Ready For A Significant Surge To $50: Key Levels Identified The recent attack coincidentally occurred just days before the sixth anniversary of a previous major breach, in which Upbit lost 342,000 Ethereum (ETH) to North Korean hackers. According to an unnamed government official, this latest hack bears similarities to a 2019 incident in which approximately 58 billion won in cryptocurrencies was stolen, also attributed to the Lazarus Group. In response to the attack, the South Korean National Police Agency has launched an investigation into the matter, although officials have not provided further comments on the case. Upbit’s operator, Dunamu, confirmed that an in-depth investigation into the cause and extent of the asset outflow is currently underway. Crypto Exchange Moves Funds To Cold Storage The cryptocurrency exchange’s CEO Oh Kyung-seok stated that as soon as abnormal withdrawal activity was detected, Upbit promptly suspended all deposit and withdrawal services. “We are conducting a comprehensive inspection, prioritizing the protection of member assets,” he said in a notice to users. Following the discovery of the unauthorized transactions, Upbit has taken steps to freeze the affected funds wherever possible. To prevent any further unauthorized transfers, the exchange has shifted all remaining assets to cold storage, ensuring “a secure environment for funds.” Related Reading: Bitcoin Price To Recover $100,000: BTIG Cites Key Reasons For Optimism Upbit is also said to be working with relevant project teams to freeze assets on-chain, having already blocked a portion of the stolen funds related to the cryptocurrency Solayer (LAYER). The exchange has indicated that deposits and withdrawals will only resume once full security checks are completed. Dunamu has vowed to reimburse customers for any losses with business funds as part of its commitment to its users. It remains to be seen what additional information the country’s authorities will release in the coming days, as well as potential refund deadlines for affected individuals. Featured image from DALL-E, chart from TradingView.com
Mysten Labs’ chief cryptographer warns that artificial intelligence, not quantum computing, poses the real near-term threat to blockchain security.
North Korea’s crypto theft spree has already hit a record $2 billion in 2025, nearly triple last year’s total.
The $44 million exploit targeting India-based crypto exchange CoinDCX has been linked to North Korea’s Lazarus Group, according to blockchain security firm Cyvers. In a July 21 statement shared with CryptoSlate, Cyvers CEO Deddy Lavid said the attackers followed a pattern reminiscent of previous Lazarus operations. The tactics included using cross-chain bridges and Tornado Cash […]
The post CoinDCX offers $11 million bounty after Lazarus Group-linked $44 million heist appeared first on CryptoSlate.
As the market soars with bullish momentum, crypto theft has also seen a record-breaking performance during the first half of this year. A recent report revealed that stolen funds from services so far have surpassed the numbers from previous years. Related Reading: Crypto Relief: House Advances GENIUS, CLARITY, Anti-CBDC Bills After Narrow Vote Stolen Crypto Service Funds Hit $2B In 6 months On Thursday, Chainalysis shared its “2025 Crypto Crime Mid-Year Update,” revealing that digital assets theft this year has been “more devastating” than the entirety of 2024, with over $2.7 billion worth of funds stolen from crypto services so far. The report noted that, by the end of June, more value had been stolen year-to-date (YTD) than during the same period in 2022, the previous worst year on record, suggesting that theft from crypto services could potentially increase another 60% by year’s end. 2025’s YTD activity shows a significantly steeper trajectory into the end of the first half than any previous year, with an alarming velocity and consistency. 2022 required 214 days to hit the $2 billion mark in value stolen from services, while 2025 reached comparable theft volumes in 142 days. Additionally, 2025 is 17.27% worse than 2022 during the same six-month period, while 2023 and 2024 saw more moderate and steady accumulation patterns. The surge in the cumulative trend value from crypto services theft “paints a stark picture of 2025’s escalating threat environment.” According to the report, “If this trend continues, we could see 2025 end with more than $4.3 billion stolen from services alone.” However, it’s worth noting that the North Korean-linked $1.5 billion hack of Bybit accounts for most of the service losses. The massive breach, which is the largest crypto hack in history, signals a “broader pattern of North Korean cryptocurrency operations, which have become increasingly central to the regime’s sanctions evasion strategies.” Last year, known North Korean-related losses reached their highest number, with the value reaching $1.3 billion. Nonetheless, Bybit’s February hack surpassed it, making 2025 the worst year to date. Personal Wallet Attacks Surge Amid the shifting landscape, the report highlights that the surge in crypto thefts represents an immediate threat to participants. Notably, attackers are increasingly targeting individual users, as personal wallet incidents represent a growing share of total ecosystem theft. YTD, these compromises account for 23.35% of all stolen funds activities in 2025, with Bitcoin (BTC) theft accounting for a substantial share of stolen value. Chainalysis also found that the average loss from compromised personal BTC wallets has increased, suggesting a deliberate target on higher-value individual holdings. Moreover, the number of individual victims on non-Bitcoin and non-EVM chains, like Solana, is increasing. This suggests that Bitcoin holders experience larger losses in terms of value taken, despite being less likely to fall victim to targeted theft. Related Reading: SUI Eyes 140% Move As Price Reclaims $4 – New ATH Imminent? Within the personal wallet incidents, a violent subsection has also seen a dramatic surge this year, showing a correlation with BTC price movements and suggesting opportunistic targeting during high-value periods. The forward-looking implication is that, if the value of native assets increases, the value compromised from personal wallets will also likely rise. Per the report, theft using physical violence or coercion against individuals, also known as “wrench attacks,” could potentially hit twice the number of 2021, the next highest year on record. As of this writing, Bitcoin is trading at $119,807, a 14.8% increase in the monthly timeframe. Featured Image from Unsplash.com, Chart from TradingView.com
Creditors were banking on a promise to have their funds distributed in April 2025. That shifted further and now looks to be in indefinite territory again.
An analyst has suggested that Monero (XMR) could repeat its 2021 cycle-high amid its recent price jump. However, a renowned on-chain sleuth has linked the surge to suspicious Bitcoin (BTC) transactions. Related Reading: XRP Price Shoots For 20% Surge To $2.51 Amid Pullback To Breakout Zone Monero Soars After $330 Million BTC Theft Privacy and security-focused token Monero saw its price soar 52% to a four-year high on Monday. The cryptocurrency surged from its recently reclaimed $220-$230 support toward the $340 resistance, hitting $347 in the early hours of Monday. Amid the massive surge, on-chain detective ZachXBT has linked the pump to a “suspicious transfer” from a potential victim of social engineering. The crypto sleuth explained that a suspicious transfer of 3,520 BTC, worth around $330.7 million, was made on Sunday night. According to the post, the funds were laundered via more than 6 instant exchanges shortly after the initial transfer, being swapped for XMR, seemingly based on timing analysis and the Monero price jump. An X user suggested the stolen Bitcoin was “likely from the Bitstamp hack that occurred in 2014.” The internet detective denied the idea, stating that the victim was likely an OG Bitcoiner. Meanwhile, others questioned whether the wallet owner made the transactions or if it was a theft. ZachXBT detailed multiple factors that led him to believe it was likely a theft, including the wallet being a longtime BTC holder and a Gemini, River, and Coinbase user. Additionally, he noted that the $330 million in Bitcoin was suddenly moved and transferred in small increments to instant exchanges, creating hundreds of orders. This would make the owner lose multiple 7-figures to fees, making it inefficient for a normal person. The crypto sleuth also considers that the theft isn’t likely related to North Korea’s Lazarus Group, which recently stole $1.5 billion worth of Ethereum (ETH) from crypto exchange Bybit. Is XMR Near A Breakout? Since the pump, Monero has retraced around 25% from today’s high to trade between the $250-$260 range. Crypto analyst Rekt Capital noted that XMR has successfully retested its $214 range’s low as support amid the market recovery. Notably, the cryptocurrency has been moving within the $112-$214 price range since 2022, surging above the range’s resistance line amid the November post-US elections breakout. After the Q3 2024 rally, Monero entered its key $214-286 range, which has previously worked as a key support and resistance area. After breaking out of the range’s upper boundary, the cryptocurrency rallied to its 2018 all-time high (ATH) of $542 and its 2021 high of $480. During the Q1 2025 retraces, the XMR dropped below the $214 mark, testing the $200 area as support before bouncing. Similarly, the early April pullback sent the cryptocurrency toward this level, finally reclaiming it two weeks ago. Since then, the cryptocurrency has rallied toward the $220-$230 range, fueled by the ongoing market recovery, but was ultimately rejected at the key resistance level. Today’s recent pump has seen Monero break above the $230 mark for the first time since February. Related Reading: Cardano (ADA) Bulls Push for Breakout — Is a Sharp Rally Next? Despite the alleged laundering-driven surge, the analyst affirmed that the cryptocurrency has now “repeated early 2021 history,” where the token reclaimed its current range and retested its lower boundary before breaking out to cycle highs. If history repeats and XMR’s price holds its current range, it could position itself for a surge above the $300 barrier. Featured Image from Unsplash.com, Chart from TradingView.com
A North Korean state-sponsored hacking group, Lazarus, is advancing its tactics with a more polished and deceptive approach. A report by cybersecurity firm Silent Push revealed that the group has set up fake US-based crypto companies to distribute malware disguised as job opportunities. According to the report, a Lazarus subgroup called “Contagious Interview” is behind […]
The post North Korean hackers used fake crypto firms to deliver malware in job scams appeared first on CryptoSlate.
Blockchain intelligence platform SpotOnChain reported that North Korea’s state-backed hacking group, Lazarus, has pocketed over $2.5 million in profit from a recent sale of wrapped Bitcoin (WBTC). On April 3, the group sold 40.78 WBTC for 1,857 ETH, worth roughly $3.51 million. The sale marks a sharp return on their February 2023 investment, when they […]
The post North Korean hackers net $2.5 million profit after WBTC sales appeared first on CryptoSlate.
The apparent stand-off mirrors that of WazirX and Liminal Custody, which blamed each other following a $230 million exploit last July.
The exchange is offering a 5% bounty for submissions that could lead to stolen funds being frozen.
The North Korean-linked Lazarus Group has adopted a new method of breaching crypto firms: sending cryptocurrency to their targets as part of an elaborate social engineering scheme. According to 23pds, the pseudonymous Chief Information Security Officer (CISO) at Web3 security firm SlowMist, this tactic aims to gain the victim’s trust before deploying malicious code. 23pds […]
The post North Korea’s Lazarus Group now using crypto gifts to breach security defenses appeared first on CryptoSlate.
In a significant blow to the cryptocurrency industry, Bybit, one of the leading crypto exchanges, has confirmed a major security breach involving its Ethereum cold wallet. The incident, reported on Friday by Bitcoinist, marks one of the largest cryptocurrency hacks in history, with losses estimated at over $1.5 billion. Bybit Hack Linked To North Korea’s Lazarus Group According to Bybit, the breach occurred during a transfer from their ETH multisig cold wallet to a warm wallet. The exchange revealed on social media platform X (formerly Twitter) that the attack was executed through a “sophisticated manipulation” of the transaction process. This manipulation allowed the hacker to mask the signing interface, which displayed the correct wallet address while altering the underlying smart contract logic. Related Reading: Coinbase CEO’s Hot Take: Bitcoin Is Basically A ‘Meme Coin’ Subsequently, on-chain market intelligence firm Arkham Intelligence revealed that crypto sleuth ZachXBT has provided compelling evidence linking the hack to the notorious Lazarus Group, a North Korea-backed hacker organization. In his detailed analysis, ZachXBT reportedly submitted findings that included test transactions, associated wallets, forensic charts, and timing analyses. This information has been shared with Bybit to assist in its ongoing investigation. $1.44 Billion In Misappropriated Assets The scale of the breach is staggering. Estimates suggest that approximately 401,347 ETH, valued at around $1.12 billion, were withdrawn. Additionally, other assets lost in the hack include 90,376 stETH worth $253.16 million, 15,000 cmETH valued at $44.13 million, and 8,000 mETH totaling $23 million. The total estimated loss stands at approximately $1.44 billion. In light of this incident, Bybit has activated its security team and is collaborating with leading blockchain forensic experts to conduct a thorough investigation. Related Reading: Ethereum Price Prediction: Extremely Strong Support And Monthly 55 EMA Says ETH Is Headed For $4,867 The exchange has also reached out to other teams with expertise in blockchain analytics and fund recovery, inviting them to assist in tracing the misappropriated assets. It remains to be seen what further action Bybit will take with the information provided by ZachXBT and how the case will unfold regarding the misappropriated customer funds. As for ETH’s price, the second largest cryptocurrency on the market has seen a 4% retracement towards $2,640 just hours after the security breach. Featured image from DALL-E, chart from TradingView.com
The United States, Japan, and South Korea have joined together to warn the industry about the ongoing hacking threats by North Korean actors after observing “aggressive” targeting of the crypto industry. Related Reading: US Supreme Court Rejects Binance’s Appeal In Revived Crypto Investors Lawsuit US, Japan, South Korea Send Warning In a joint statement, the […]
North Korea-affiliated hackers stole at least $1.34 billion worth of digital assets in 2024.
The sanctioned agents were allegedly generating funds for North Korea’s nuclear weapon development program in Pyongyang.
The FBI, Japan’s National Police Agency, and the Department of Defense Cyber Crime Center have confirmed that North Korean-linked hackers orchestrated the May 2024 $305 million breach of the Japanese crypto exchange DMM Bitcoin. A joint statement issued on Dec. 23 attributed the attack to TraderTraitor threat actors, also known as Jade Sleet, UNC4899, and […]
The post FBI reveals North Korea used LinkedIn to steal $305 million from Japan’s DMM Bitcoin appeared first on CryptoSlate.
The wallet service provider was subjected to a more than $100 million hack in 2023.
A North Korean threat actor was behind the $50 million attack on Radiant Capital in October and spoofed being an ex-contractor, the DeFi platform said.
The government of North Korea (DPRK) has reportedly employed various hacking groups, most notably the Lazarus Group, to seal crypto in recent years.
According to cybersecurity firm Recorded Future, North Korean hacker groups have stolen approximately $3 billion in funds since 2017.
A cybersecurity firm yesterday reported that a group of notorious hackers from North Korea was able to steal $3 billion worth of cryptocurrency from users by devising a fake blockchain game. Kaspersky Lab said that the Lazarus Group took advantage of a key vulnerability in the Google Chrome browser that allowed them to drain the […]
Cosmos’ co-founder and core contributors were previously unaware of the North Korean link, which could lead to the removal of the Liquid Staking Module.
According to PeckShieldAlert, losses from crypto hacks and exploits accounted for over $120 million in losses during September 2024.
Blockchain sleuth ZachXBT suggested that North Korea-backed Lazarus Group orchestrated the $305 million hack of the Japan-based DMM Bitcoin exchange. In a social media post on July 14, ZachXBT pointed out the similarities in the “laundering techniques and off-chain indicators” used by the Lazarus Group and those seen in the movement of funds by the […]
The post North Korea’s Lazarus Group tied to $305 million crypto breach of Japan’s DMM exchange appeared first on CryptoSlate.
Over $35 million in funds from a cryptocurrency exchange hack in May has reportedly been moved to the online marketplace “Huione Guarantee” this month.
ZachXBT flagged seven wallet addresses with $61 million in Bitcoin connected to the Lazarus hacking group.
The state-backed North Korean hacking group Kimsuky reportedly used a new malware variant to target at least two South Korean crypto firms.
The co-founder of Tornado Cash, Roman Storm, has filed a motion to dismiss the charges levied against him by the US Department of Justice (DOJ), Southern District of New York. In a petition submitted on March 29, Storm’s lawyers have laid out several arguments to secure the freedom of the client, including invoking the First […]
Notorious North Korean hackers Lazarus Group has returned to sanctioned coin mixing service Tornado Cash to launder $12 million worth of ether {{ETH}}.