Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

N. Korean Hacking Group Lazarus Suspected Behind Recent Crypto Hacking: Sources

North Korea-linked Lazarus group suspected of stealing $30.6 million in Solana assets; Upbit will cover losses as authorities plan an on-site probe.

  • On Nov. 28, authorities said North Korean hacking group Lazarus is suspected in a breach that took around 45 billion won from Upbit, and Dunamu confirmed 44.5 billion won in Solana‑affiliated assets moved to an unauthorized wallet address.
  • Authorities said the methods used resemble the 2019 Upbit theft of 58 billion won, and a security official said, 'It is the tactic of Lazarus to transfer crypto to wallets at other exchanges and attempt money laundering.'
  • A government official said hackers may have compromised administrators' accounts instead of attacking servers, and others suggested Thursday was chosen as Naver Corp. announced acquiring Dunamu the day before.
  • Authorities will carry out an on-site investigation at the exchange, and Dunamu said it plans to cover the full amount with company assets.
  • Experts noted Pyongyang is seeking to raise money amid foreign currency shortages, while a security official said 'hackers have a strong tendency toward self-display', influencing Lazarus's methods.
Insights by Ground AI

39 Articles

読売新聞オンライン読売新聞オンライン
Lean Right

North Korean Hackers Suspected in Massive Crypto Theft in South Korea, Methods Follow Similar Pattern to 2019 Case

SEOUL — South Korea’s largest cryptocurrency exchange Upbit suffered a massive cryptocurrency theft on Thursday, which the South Korean government believes was carried out by North Korean hackers, according to Yonhap News Agency.

·Japan
Read Full Article
OKDIARIOOKDIARIO
Right

South Korea Accuses Kim Jong One Hackers of Stealing 26 Million Euros in Cryptocurrencies · Global Voices

South Korea has accused the North Korean hacker group known as Lazarus of stealing 44.5 billion won (26.2 million euros) in cryptocurrencies from the Upbit platform, the country’s largest cryptocurrencies exchange application. South Korean authorities will register the cryptocurrencies platform facilities to finish clarifying whether hackers in the service of North Korean dictator Kim Jong Un have effectively been behind the attack, according to…

Read Full Article
unchainedcrypto.comunchainedcrypto.com
Center

Lazarus Group Linked to $30 Million Upbit Hack: Report

South Korean investigators say the $30 million Upbit exploit bears Lazarus Group’s signature, prompting an on-site probe and a full reimbursement pledge from the exchange.

Read Full Article
Anadolu AjansıAnadolu Ajansı
Right

North Korean hacker group allegedly behind $30M crypto theft from South Korea: report

Sources say hacking comes as Pyongyang seeks to generate funds amid foreign currency shortage - Anadolu Ajansı

·Ankara, Türkiye
Read Full Article
Coin DeskCoin Desk
Center

South Korea Suspects North Korea-Linked Lazarus Behind $36M Upbit Hack

·Manila, Philippines (the)
Read Full Article
DevdiscourseDevdiscourse
Center

Cryptocurrency Heist Strikes South Korean Exchange Upbit

Read more about Cryptocurrency Heist Strikes South Korean Exchange Upbit on Devdiscourse.

·India
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 45% of the sources are Center, 44% of the sources lean Right
45% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

UPI broke the news in Washington, United States on Thursday, November 27, 2025.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Hacking icon

Hacking

Military icon

Military

Asia icon

Asia

Cryptocurrency Exchange icon

Cryptocurrency Exchange

Cybercrimes icon

Cybercrimes

Cryptocurrency icon

Cryptocurrency

Blockchain icon

Blockchain

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal