- South Korean officials point the finger at North Korean hackers.
- Hackers stole $36 million from Upbit.
- Upbit says it has reimbursed affected users.
South Korean investigators suspect North Korean hackers are behind the heist against Upbit that drained $36 million from the crypto exchange.
The timing of the attack, which unfolded amid Naver’s $10 billion takeover of Dunamu, Upbit’s parent company, has heightened suspicions of North Korean involvement, according to Yonhap.
There’s precedence for such suspicions. In 2019, hackers linked to the infamous Lazarus Group, a cybercrime syndicate widely believed to be state actors under Pyongyang’s direction, stole $41 million in Ethereum from Upbit.
If the suspicions prove to be true, it risks reviving a long-running digital confrontation between the two countries. While North Korean hackers are a menace to the industry as a whole, South Korean platforms have repeatedly been in the line of fire.
Apart from Upbit, Bithumb, another major South Korean exchange, has also suffered several breaches linked to North Korean hackers.
In 2025, North Korean hackers are estimated to have stolen $2 billion in cryptocurrency. The bulk of that sum comes from the $1.5 billion in Bybit funds stolen in February, the largest ever cryptocurrency exchange heist.
Data from blockchain analytics firm Elliptic pegs the total haul from North Korean hackers at $6 billion. Proceeds from the massive cryptocurrency crime campaign are used to support Pyongyang’s nuclear weapons programme.
Earlier in November, Pablo Sabatella, founder of blockchain security auditor opsek, told DL News, that the threat posed by North Korean hackers “is much worse than everybody thinks.”
Sabatella said cybercriminals linked to the regime had infiltrated up to 20% of all crypto companies.
On Friday, Upbit announced that it lost $4 million of its own funds in the hack, but that affected customers had been reimbursed.
The attack targeted Solana-based tokens held in one of the platform’s hot wallets.
The Upbit incident adds to a record-setting year of losses from crypto hacks and exploits.
Cybercriminals have syphoned more than $2.4 billion through attacks on cryptocurrency exchanges and DeFi protocols. Physical attacks against crypto holders have also increased this year.
Osato Avan-Nomayo is our Nigeria-based DeFi correspondent. He covers DeFi and tech. Got a tip? Please contact him at osato@dlnews.com.
