On November 28th, security firm GoPlus analyzed the Upbit attack and revealed several serious issues: the hot wallet leak points to vulnerabilities in key management and internal network security vulnerabilities. Cold wallets remain secure.

The incident is noteworthy for several reasons: 1. It was an "anniversary attack"—the date coincided with the $50 million hack in 2019 (six years ago); 2. The timing was clever—the attack was launched hours after the announcement of the major merger between Dunamu and Naver; 3. It exhibited typical Lazarus characteristics—the speed, methods, and symbolic significance of the attack; 4. Sophisticated money laundering methods—using multiple DEXs, potentially circumventing regulations (2200 $SOL tokens transferred to Binance).

All these signs indicate that the platform may have been under long-term infiltration by an Advanced Persistent Threat (APT) group. Previously, Upbit disclosed that approximately 54 billion won worth of Solana network assets had been stolen; South Korean authorities suspect that the North Korean hacking group Lazarus was behind the attack.

[PANews]

Source

All You Need to Know in 10s

TermsPrivacy PolicyWhitePaperOfficial VerificationSoDEXSSICookieBlog