Report: North Korean Hackers Targeted South Korean Upbit Users

South Korean news correspondents have claimed that hackers from North Korea orchestrated a phishing attempt on users of the South korean crypto exchange Upbit.

According to reports, hackers sent out an email to Upbit users claiming that they need to submit more information in order to become eligible for a prize drawing.

The email reportedly came with malware that, upon activation, gave hackers access to user information as well as control over infected devices.

In analyzing attack tools and malicious codes used by hacker groups, there are unique characteristics we saw,” said Mun Chong Hyun, head of the ESRC Center at East Security, in a report from CoinDesk Korea.

North Korean hacker group identified

East Security, who identified the attack, claims that the characteristics they identified point specifically to North Korean hacker group Kim Soo-Ki. The group had previously very similar malware in an attempt to breach South Korean government agencies.

North Korean hackers have long been thorns in the side of the South Korean crypto industry. For a year and a half in 2017 and 2018, for example, the North Korean government provided direct material support that helped the Lazarus Group steal more than $571 million, most of which were stolen from South Korean crypto exchanges.

East Security seems to have successfully foiled the latest hacking attempt, however. Mun Chong Hyun claimed that, so far, the security firm has not received any reports of damages.

Upbit, meanwhile, is no stranger to fraud and controversy. In December of last year, executives from both Upbit and its parent company Dunamu were indicted for fraud after creating fake trade records worth million of dollars in an effort to inflate Upbit’s volume of business.