Lazarus Group Apparently Behind Upbit Hack Netting $37 Million

South Korean law enforcement authorities have launched an investigation into the recent hack of crypto exchange Upbit and suspect the notorious Lazarus group as the perpetrator. The attack on the country's largest trading platform resulted in the theft of approximately 54 billion won, equivalent to roughly $36 to $37 million USD.

The attackers' methods show clear parallels to previous operations by the state-sponsored North Korean hacker group. Experts believe that, similar to the major 2019 hack, administrator access credentials were compromised to bypass security protocols—a method that is considered a hallmark of Lazarus.

The subsequent money laundering also supports the suspicion: blockchain analysts observed the stolen cryptocurrencies being funneled through so-called mixing services immediately after the theft. This obfuscation technique is routinely used by North Korean actors to acquire foreign currency for the internationally sanctioned regime.

Upbit assured customers that they will not suffer personal losses. Damages will be compensated from the platform's reserves.