South Korea’s largest cryptocurrency exchange, Upbit, is currently under scrutiny by regulators following a significant hack that led to the unauthorized withdrawal of approximately $36.9 million in assets on the Solana (SOL) network. The breach impacted over 20 different tokens and has prompted Upbit to freeze assets on its platform while an investigation unfolds. Lazarus Group Tied To Upbit Hack Authorities are now investigating the possibility of North Korean involvement in the cyber attack. Reports suggest that a group affiliated with North Korea’s intelligence agency, the notorious Lazarus Group, may have orchestrated the hack, which Upbit has described as an “abnormal withdrawal.” This group has been consistently linked to several high-profile crypto heists in recent years, and the US Federal Bureau of Investigation (FBI) has identified North Korean cyber operations as one of the most sophisticated and persistent threats. Related Reading: Hyperliquid (HYPE) Ready For A Significant Surge To $50: Key Levels Identified The recent attack coincidentally occurred just days before the sixth anniversary of a previous major breach, in which Upbit lost 342,000 Ethereum (ETH) to North Korean hackers. According to an unnamed government official, this latest hack bears similarities to a 2019 incident in which approximately 58 billion won in cryptocurrencies was stolen, also attributed to the Lazarus Group. In response to the attack, the South Korean National Police Agency has launched an investigation into the matter, although officials have not provided further comments on the case. Upbit’s operator, Dunamu, confirmed that an in-depth investigation into the cause and extent of the asset outflow is currently underway. Crypto Exchange Moves Funds To Cold Storage The cryptocurrency exchange’s CEO Oh Kyung-seok stated that as soon as abnormal withdrawal activity was detected, Upbit promptly suspended all deposit and withdrawal services. “We are conducting a comprehensive inspection, prioritizing the protection of member assets,” he said in a notice to users. Following the discovery of the unauthorized transactions, Upbit has taken steps to freeze the affected funds wherever possible. To prevent any further unauthorized transfers, the exchange has shifted all remaining assets to cold storage, ensuring “a secure environment for funds.” Related Reading: Bitcoin Price To Recover $100,000: BTIG Cites Key Reasons For Optimism Upbit is also said to be working with relevant project teams to freeze assets on-chain, having already blocked a portion of the stolen funds related to the cryptocurrency Solayer (LAYER). The exchange has indicated that deposits and withdrawals will only resume once full security checks are completed. Dunamu has vowed to reimburse customers for any losses with business funds as part of its commitment to its users. It remains to be seen what additional information the country’s authorities will release in the coming days, as well as potential refund deadlines for affected individuals. Featured image from DALL-E, chart from TradingView.com
As the market soars with bullish momentum, crypto theft has also seen a record-breaking performance during the first half of this year. A recent report revealed that stolen funds from services so far have surpassed the numbers from previous years. Related Reading: Crypto Relief: House Advances GENIUS, CLARITY, Anti-CBDC Bills After Narrow Vote Stolen Crypto Service Funds Hit $2B In 6 months On Thursday, Chainalysis shared its “2025 Crypto Crime Mid-Year Update,” revealing that digital assets theft this year has been “more devastating” than the entirety of 2024, with over $2.7 billion worth of funds stolen from crypto services so far. The report noted that, by the end of June, more value had been stolen year-to-date (YTD) than during the same period in 2022, the previous worst year on record, suggesting that theft from crypto services could potentially increase another 60% by year’s end. 2025’s YTD activity shows a significantly steeper trajectory into the end of the first half than any previous year, with an alarming velocity and consistency. 2022 required 214 days to hit the $2 billion mark in value stolen from services, while 2025 reached comparable theft volumes in 142 days. Additionally, 2025 is 17.27% worse than 2022 during the same six-month period, while 2023 and 2024 saw more moderate and steady accumulation patterns. The surge in the cumulative trend value from crypto services theft “paints a stark picture of 2025’s escalating threat environment.” According to the report, “If this trend continues, we could see 2025 end with more than $4.3 billion stolen from services alone.” However, it’s worth noting that the North Korean-linked $1.5 billion hack of Bybit accounts for most of the service losses. The massive breach, which is the largest crypto hack in history, signals a “broader pattern of North Korean cryptocurrency operations, which have become increasingly central to the regime’s sanctions evasion strategies.” Last year, known North Korean-related losses reached their highest number, with the value reaching $1.3 billion. Nonetheless, Bybit’s February hack surpassed it, making 2025 the worst year to date. Personal Wallet Attacks Surge Amid the shifting landscape, the report highlights that the surge in crypto thefts represents an immediate threat to participants. Notably, attackers are increasingly targeting individual users, as personal wallet incidents represent a growing share of total ecosystem theft. YTD, these compromises account for 23.35% of all stolen funds activities in 2025, with Bitcoin (BTC) theft accounting for a substantial share of stolen value. Chainalysis also found that the average loss from compromised personal BTC wallets has increased, suggesting a deliberate target on higher-value individual holdings. Moreover, the number of individual victims on non-Bitcoin and non-EVM chains, like Solana, is increasing. This suggests that Bitcoin holders experience larger losses in terms of value taken, despite being less likely to fall victim to targeted theft. Related Reading: SUI Eyes 140% Move As Price Reclaims $4 – New ATH Imminent? Within the personal wallet incidents, a violent subsection has also seen a dramatic surge this year, showing a correlation with BTC price movements and suggesting opportunistic targeting during high-value periods. The forward-looking implication is that, if the value of native assets increases, the value compromised from personal wallets will also likely rise. Per the report, theft using physical violence or coercion against individuals, also known as “wrench attacks,” could potentially hit twice the number of 2021, the next highest year on record. As of this writing, Bitcoin is trading at $119,807, a 14.8% increase in the monthly timeframe. Featured Image from Unsplash.com, Chart from TradingView.com
A North Korean state-sponsored hacking group, Lazarus, is advancing its tactics with a more polished and deceptive approach. A report by cybersecurity firm Silent Push revealed that the group has set up fake US-based crypto companies to distribute malware disguised as job opportunities. According to the report, a Lazarus subgroup called “Contagious Interview” is behind […]
The post North Korean hackers used fake crypto firms to deliver malware in job scams appeared first on CryptoSlate.
RUNE, the native token of the THORChain protocol, remains under significant bearish pressure following a 9.09% price decline in the last week. According to crypto analyst Ali Martinez, RUNE is likely far from a market recovery following a bearish flag pattern on its trading chart. Related Reading: Altcoin Transaction King? TRON Hits 42% Share As USDT, DeFi Explode RUNE Chart Hints At Major Sell-Off Ahead – Details In technical analysis, a bearish flag is a continuation pattern formed after a significant downtrend, followed by a period of consolidation, before another leg downward. This pattern is characterized by parallel or slightly supporting ascending levels thereby giving the shape of a flag. Based on an analysis by Martinez, a bearish flag has now appeared on the RUNE/USDT 12-hour trading chart following its recent consolidation pattern which came after the asset’s decline from mid-January to early February. Interestingly, RUNE has now broken below the lower boundary of the bearish flag at $1.27 reducing any immediate odds of a bullish price reversal. Unless investors can force a price reclaim of this lower boundary, Martinez’s prediction states RUNE could be headed for a price target of $0.38 representing a potential 69% decline on the asset’s current price. Lately, the RUNE market has seen a significant amount of unwanted developments. Aside from its obvious market woes, recent events in the THORChain community have cast more concerns over the asset. In the past week, one of THORChain’s developers nicknamed Pluto(9r) resigned from the decentralized exchange after a controversial decision involving transactions from North Korea. Notably, a vote by Pluto(9r) and two other validators to halt the Ethereum Network from running on THORChain to prevent transactions by North Korean hackers was quickly overturned by other network validators resulting in the resignation of the former. This development comes following the $1.5 billion hack of the Bybit exchange which has so far been linked to popular North Korean Lazarus Group. According to blockchain tracker, Lookonchain, the Bybit hacker laundered $605 million (54%) of the loot using the THORChain network. Related Reading: Dogecoin Demand Slumps—Nearly 70% Drop In Open Interest Raises Concerns RUNE Price Overview At press time, RUNE trades at $1.24 reflecting a 3.00% price fall on the last day. As earlier stated, bearish forces are largely dominant in this asset market as evidenced by the 46.67% overall decline in the past 30 days. Interestingly, the crypto prediction site Coincodex presents an optimistic stance on the RUNE market. Their latest forecasts show a price recovery to $1.40 in 30 days and $1.66 in the next six months. Featured image from iStock, chart from Tradingview
South Korea has announced sanctions against 15 individuals and one entity from North Korea involved in cybercrimes, including large-scale cryptocurrency heists. The move comes amid rising concerns about North Korea’s use of cyber operations to fund its weapons programs and evade international sanctions. Related Reading: South Korea Should ‘Quickly Institutionalize’ Crypto, Stock Exchange Chief Says […]
The sanctioned agents were allegedly generating funds for North Korea’s nuclear weapon development program in Pyongyang.
The vulnerabilities caught the attention of the former CEO of Binance, Changpeng “CZ” Zhao who advised users to update their operating system immediately.
The newly discovered malware is interesting for being the first of its kind detected, but it seems to have been a trial balloon.
According to cybersecurity firm Recorded Future, North Korean hacker groups have stolen approximately $3 billion in funds since 2017.
According to PeckShieldAlert, losses from crypto hacks and exploits accounted for over $120 million in losses during September 2024.
A hacker group is using its signature trojan malware to infect users of web browsers with Chromium engines.
Google Cloud’s report exposes North Korean cybercriminals targeting Brazil’s cryptocurrency and fintech sectors with sophisticated malware and phishing schemes.