South Korean Upbit Users Targeted by Hackers Author: Ali Raza Last Updated: 03 August 2020 According to recent reports, hackers believed to have ties to North Korea are now targeting users of South Korea-based cryptocurrency exchange known as Upbit. Hackers were reportedly conducting phishing attacks, in an attempt to trick those engaging in online crypto trading and steal their credentials, and in extent — funds. New wave of hacking attacks against crypto traders emerges The reports of the attacks originally emerged a few days ago, on May 29th, with details of the attacks. The reports claim that hackers would send emails to numerous crypto traders, with claims that they need to submit additional information in order to become participants in a sort of prize drawing. Upon opening the emails, which contained information about the fake contest promising large payouts, a hidden attached malware would activate. Hackers can then use it to steal user information, and allegedly, even gain control of the users’ devices. This would allow the attackers to gain access to the devices immediately, or later, as per their desire. Buying cryptocurrencies is once again on the rise around the world, as the improving prices have attracted old and new traders and investors alike. With the return of traders, however, the hackers found it is the right time for their return as well. According to the head of the ESRC Center at East Security, Mun Chong Hyun, who identified the attack, the analysis of the tools and codes used by the hackers has led to interesting conclusions. Particularly, the codes malicious codes and attack tools used by the hacking group led to the identification of some unique characteristics. These led to a conclusion that the responsible party is a North Korean hacking group, known as Kim Soo-Ki. The group was reportedly using a very similar malware in the past when it was targeting South Korean government agencies. Hackers from North Korea also developed an interest in online crypto trading a while back, and have been meddling in the crypto space of South Korea for years, now. One major example is the Lazarus Group, which managed to stole around $571 million within only a year and a half. The group’s activity was recorded between 2017 and 2018, with South Korean exchanges being their prime targets. It is also known that the North Korean government was providing material support to the hackers during this period. Upbit traders beware When it comes to the new wave of attacks, they were, luckily, interrupted by the East Security’s team. So far, there were no reports of any actual damage, according to Mun Chong Hyun. However, Upbit may still suffer damage, at least when it comes to its reputation. This is far from the first time that the exchange got wrapped up in online scams and fraud. Many still remember the incident in December, when Upbit and Dunamu, Upbit’s parent company, got indicted due to fraudulent creation of fake records for financial trades worth millions of US dollars. The goal then was to try and persuade customers that buying cryptocurrency on the exchange is safe, and a good idea. The exchange aimed to increase its business volume but was eventually discovered. This was not enough for it to go out of business, however, but the incidents regarding online crypto trading continue to pile up.