ExchangeDEX+
Buy CryptoMarketsSpotFutures500XEarnEvents
More
Gold Bar & BTC Giveaway2000g
The post South Korean Authorities Suspect Lazarus Group in Upbit Solana Wallet Breach appeared on BitcoinEthereumNews.com. South Korean authorities suspect North Korea’s Lazarus Group orchestrated the Upbit breach, stealing around $36 million from Solana hot wallets. Upbit’s parent company, Dunamu, has frozen affected assets, moved funds to cold storage, and pledged full customer reimbursements while cooperating with regulators. Upbit disclosed irregular Solana network withdrawals totaling $36 million on Thursday, affecting multiple tokens. Dunamu confirmed hot wallets were compromised but cold storage remained secure, with all assets transferred offline to halt further losses. Investigators from South Korea plan an on-site probe at Upbit, linking the incident to Lazarus Group’s history of sophisticated crypto thefts, including over $1.4 billion from Bybit in February. Upbit breach by Lazarus Group: Authorities probe $36M Solana hack. Learn how exchanges are responding and what it means for crypto security. Stay informed on regulatory actions and prevention tips today. What is the Upbit Breach Involving Lazarus Group? The Upbit breach involving the Lazarus Group refers to a cyber incident on Thursday where hackers drained approximately $36 million in various tokens from Upbit’s Solana hot wallets. South Korean authorities, as reported by Yonhap on Friday, now suspect the North Korean state-linked Lazarus Group as the perpetrator, prompting an on-site investigation at the exchange. Upbit’s parent company, Dunamu, acted swiftly by freezing impacted wallets, transferring remaining funds to secure cold storage, and committing to reimburse all affected customers, ensuring no losses from cold wallets. How Did the Upbit Hack Unfold and What Measures Were Taken? The Upbit hack began with irregular withdrawals detected on the Solana network, resulting in the theft of roughly $36 million across multiple tokens from hot wallets, according to Dunamu’s disclosure. A spokesperson from Dunamu stated, “The abnormal withdrawals occurred from hot wallets. The cold wallets were not subjected to any breach or theft,” emphasizing that all assets were promptly moved… The post South Korean Authorities Suspect Lazarus Group in Upbit Solana Wallet Breach appeared on BitcoinEthereumNews.com. South Korean authorities suspect North Korea’s Lazarus Group orchestrated the Upbit breach, stealing around $36 million from Solana hot wallets. Upbit’s parent company, Dunamu, has frozen affected assets, moved funds to cold storage, and pledged full customer reimbursements while cooperating with regulators. Upbit disclosed irregular Solana network withdrawals totaling $36 million on Thursday, affecting multiple tokens. Dunamu confirmed hot wallets were compromised but cold storage remained secure, with all assets transferred offline to halt further losses. Investigators from South Korea plan an on-site probe at Upbit, linking the incident to Lazarus Group’s history of sophisticated crypto thefts, including over $1.4 billion from Bybit in February. Upbit breach by Lazarus Group: Authorities probe $36M Solana hack. Learn how exchanges are responding and what it means for crypto security. Stay informed on regulatory actions and prevention tips today. What is the Upbit Breach Involving Lazarus Group? The Upbit breach involving the Lazarus Group refers to a cyber incident on Thursday where hackers drained approximately $36 million in various tokens from Upbit’s Solana hot wallets. South Korean authorities, as reported by Yonhap on Friday, now suspect the North Korean state-linked Lazarus Group as the perpetrator, prompting an on-site investigation at the exchange. Upbit’s parent company, Dunamu, acted swiftly by freezing impacted wallets, transferring remaining funds to secure cold storage, and committing to reimburse all affected customers, ensuring no losses from cold wallets. How Did the Upbit Hack Unfold and What Measures Were Taken? The Upbit hack began with irregular withdrawals detected on the Solana network, resulting in the theft of roughly $36 million across multiple tokens from hot wallets, according to Dunamu’s disclosure. A spokesperson from Dunamu stated, “The abnormal withdrawals occurred from hot wallets. The cold wallets were not subjected to any breach or theft,” emphasizing that all assets were promptly moved…

South Korean Authorities Suspect Lazarus Group in Upbit Solana Wallet Breach

By: BitcoinEthereumNews
2025/11/28 13:52
Ambire Wallet
WALLET$0.01729+1.70%
Holo Token
HOT$0.0005691+0.33%
1
1$0.012259+10.91%
4
4$0.03423+3.63%
Brainedge
LEARN$0.01183+1.11%

South Korean authorities suspect North Korea’s Lazarus Group orchestrated the Upbit breach, stealing around $36 million from Solana hot wallets. Upbit’s parent company, Dunamu, has frozen affected assets, moved funds to cold storage, and pledged full customer reimbursements while cooperating with regulators.

  • Upbit disclosed irregular Solana network withdrawals totaling $36 million on Thursday, affecting multiple tokens.

  • Dunamu confirmed hot wallets were compromised but cold storage remained secure, with all assets transferred offline to halt further losses.

  • Investigators from South Korea plan an on-site probe at Upbit, linking the incident to Lazarus Group’s history of sophisticated crypto thefts, including over $1.4 billion from Bybit in February.

Upbit breach by Lazarus Group: Authorities probe $36M Solana hack. Learn how exchanges are responding and what it means for crypto security. Stay informed on regulatory actions and prevention tips today.

What is the Upbit Breach Involving Lazarus Group?

The Upbit breach involving the Lazarus Group refers to a cyber incident on Thursday where hackers drained approximately $36 million in various tokens from Upbit’s Solana hot wallets. South Korean authorities, as reported by Yonhap on Friday, now suspect the North Korean state-linked Lazarus Group as the perpetrator, prompting an on-site investigation at the exchange. Upbit’s parent company, Dunamu, acted swiftly by freezing impacted wallets, transferring remaining funds to secure cold storage, and committing to reimburse all affected customers, ensuring no losses from cold wallets.

How Did the Upbit Hack Unfold and What Measures Were Taken?

The Upbit hack began with irregular withdrawals detected on the Solana network, resulting in the theft of roughly $36 million across multiple tokens from hot wallets, according to Dunamu’s disclosure. A spokesperson from Dunamu stated, “The abnormal withdrawals occurred from hot wallets. The cold wallets were not subjected to any breach or theft,” emphasizing that all assets were promptly moved to cold wallets to prevent further unauthorized access. The company also implemented on-chain measures to freeze transactions and reported the incident to relevant authorities in line with local regulations.

Blockchain security firm PeckShield first alerted the public to the anomalous withdrawals on Thursday but declined to comment on the actors involved, citing a lack of concrete evidence at the time. Similarly, CertiK, which monitors Upbit through its Skynet analytics dashboard, tracked over 100 exploiter addresses on Solana and noted that the withdrawal speed and scale echoed previous Lazarus Group operations. A CertiK representative told COINOTAG, “We observed patterns reminiscent of Lazarus-related attacks, though we do not have definitive evidence on the chain yet,” and committed to ongoing surveillance of fund flows for potential ties to known laundering networks.

Regulators in South Korea are now preparing a formal review of Upbit’s systems, with suspicions firmly pointing to the Lazarus Group, a notorious hacking outfit linked to numerous high-profile crypto exploits. This group has a track record of employing advanced tactics, including custom malware, social engineering, and supply chain compromises, to target exchanges and decentralized finance platforms. For instance, in February, blockchain intelligence firm Arkham Intelligence attributed a massive $1.4 billion theft from Bybit to Lazarus, marking it as one of the largest single crypto heists on record. Over the years, Lazarus has laundered stolen funds through mixers, bridges, and cross-chain transfers, amassing billions in illicit gains for North Korean interests.

Upbit’s response highlights the importance of segregated wallet management in the crypto industry. By isolating hot wallets for daily operations and maintaining cold storage for the majority of assets, exchanges can mitigate risks during breaches. Dunamu’s decision to fully reimburse customers underscores a commitment to user trust, a critical factor in the volatile cryptocurrency market where security incidents can erode confidence rapidly. As investigations continue, this event serves as a reminder for all platforms to enhance cybersecurity protocols against state-sponsored threats.

Frequently Asked Questions

What Caused the Upbit Breach and Was It Linked to Lazarus Group?

The Upbit breach stemmed from unauthorized withdrawals on the Solana network, totaling about $36 million from hot wallets, as confirmed by Dunamu. South Korean authorities suspect the Lazarus Group, a North Korean hacking entity known for crypto thefts, based on Yonhap’s Friday report. No direct confirmation from Upbit exists yet, but patterns match Lazarus tactics like rapid fund extractions seen in prior attacks.

How Is Upbit Ensuring Customer Funds After the Hack?

Upbit’s parent, Dunamu, froze suspicious wallets, shifted all assets to secure cold storage, and pledged to reimburse affected customers fully. They are investigating the breach’s cause while cooperating with authorities. This approach protects users from losses, with hot wallets impacted but cold storage untouched, maintaining overall platform integrity for everyday trading needs.

Key Takeaways

  • Swift Incident Response: Dunamu’s immediate freezing of wallets and fund transfers to cold storage prevented additional losses, demonstrating effective crisis management in the Upbit breach.
  • Lazarus Group’s Persistent Threat: The suspected involvement highlights the group’s evolution in tactics, from exchange hacks to sophisticated laundering, with past incidents like the $1.4 billion Bybit theft underscoring the need for vigilant defenses.
  • Regulatory Scrutiny and Reimbursements: South Korean probes will review Upbit’s systems, while full customer reimbursements reinforce trust—users should enable two-factor authentication and monitor accounts closely.

Conclusion

The Upbit breach by the suspected Lazarus Group represents a stark reminder of the cybersecurity challenges facing cryptocurrency exchanges, with $36 million stolen from Solana hot wallets prompting rigorous investigations and swift protective actions. As authorities delve deeper into the incident and blockchain firms like CertiK track fund movements, the crypto community must prioritize robust security measures against state-sponsored threats. Looking ahead, enhanced collaboration between exchanges, regulators, and security experts will be essential to safeguard assets and foster sustainable growth in the digital finance landscape—stay proactive by reviewing your wallet security today.

Source: https://en.coinotag.com/south-korean-authorities-suspect-lazarus-group-in-upbit-solana-wallet-breach

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

The Channel Factories We’ve Been Waiting For

The Channel Factories We’ve Been Waiting For

The post The Channel Factories We’ve Been Waiting For appeared on BitcoinEthereumNews.com. Visions of future technology are often prescient about the broad strokes while flubbing the details. The tablets in “2001: A Space Odyssey” do indeed look like iPads, but you never see the astronauts paying for subscriptions or wasting hours on Candy Crush.  Channel factories are one vision that arose early in the history of the Lightning Network to address some challenges that Lightning has faced from the beginning. Despite having grown to become Bitcoin’s most successful layer-2 scaling solution, with instant and low-fee payments, Lightning’s scale is limited by its reliance on payment channels. Although Lightning shifts most transactions off-chain, each payment channel still requires an on-chain transaction to open and (usually) another to close. As adoption grows, pressure on the blockchain grows with it. The need for a more scalable approach to managing channels is clear. Channel factories were supposed to meet this need, but where are they? In 2025, subnetworks are emerging that revive the impetus of channel factories with some new details that vastly increase their potential. They are natively interoperable with Lightning and achieve greater scale by allowing a group of participants to open a shared multisig UTXO and create multiple bilateral channels, which reduces the number of on-chain transactions and improves capital efficiency. Achieving greater scale by reducing complexity, Ark and Spark perform the same function as traditional channel factories with new designs and additional capabilities based on shared UTXOs.  Channel Factories 101 Channel factories have been around since the inception of Lightning. A factory is a multiparty contract where multiple users (not just two, as in a Dryja-Poon channel) cooperatively lock funds in a single multisig UTXO. They can open, close and update channels off-chain without updating the blockchain for each operation. Only when participants leave or the factory dissolves is an on-chain transaction…
Moonveil
MORE$0.005842+8.99%
COM
COM$0.006603-0.48%
Wink
LIKE$0.003893+2.07%
Share
BitcoinEthereumNews2025/09/18 00:09
BitMine koopt $44 miljoen aan ETH

BitMine koopt $44 miljoen aan ETH

De grootste Ethereum (ETH) treasury ter wereld, BitMine Immersion Technologies, heeft weer toegeslagen op de crypto markt. Uit on-chain data blijkt dat BitMine, ook bekend onder het ticker symbool BMNR, voor $44 miljoen aan ETH munten heeft gekocht. Wat betekent dit voor de grootste altcoin? Check onze Discord Connect met "like-minded" crypto enthousiastelingen Leer gratis de basis van Bitcoin & trading - stap voor stap, zonder voorkennis. Krijg duidelijke uitleg & charts van ervaren analisten. Sluit je aan bij een community die samen groeit. Nu naar Discord BitMine verdubbelt inzet op Ethereum Om precies te zijn koopt BitMine 14.618 ETH munten erbij, goed voor dus $44 miljoen. Zo blijkt uit on-chain gegevens gedeeld door Lookonchain op X. Daarmee tilt de grote Ethereum treasury zijn voorraad naar maar liefst 3,63 miljoen ETH ter waarde van ruim $11 miljard, aldus data van StrategicETHReserve. Daarmee controleert het bedrijf nu 3% van alle Ethereum in omloop. Tom Lee(@fundstrat)’s #Bitmine just bought another 14,618 $ETH($44.34M) 4 hours ago.https://t.co/P684j5Yil8 pic.twitter.com/LHOpDto1R5 — Lookonchain (@lookonchain) November 28, 2025 De ambities liggen desondanks een stuk hoger: BitMine wil uiteindelijk 5% van de volledige ETH voorraad bezitten. Oftewel, we kunnen nog flink wat Ethereum aankopen verwachten van het bedrijf in de komende maanden. Door de aggresssieve ETH strategie van het bedrijf zijn ze bij uitstek de grootste Ethereum reserve. De nummer twee, SharpLink Gaming, bezit ongeveer 859.400 ETH munten ter waarde van zo’n $2,62 miljard. Deze agressieve uitbreiding volgt een duidelijke strategie. BitMine verwacht dat Ethereum een grotere rol in de tokenisatie. Bedrijven bezitten samen al bijna 5,01% van alle ETH, een signaal dat corporates zich voorbereiden op een toekomst waarin Ethereum een basislaag wordt voor financiële infrastructuur. Waarom BitMine zijn treasury blijft uitbreiden BitMine bouwt zijn treasury verder uit omdat het een dominante positie in het Ethereum netwerk wil innemen. Meer ETH geeft BitMine straks hogere staking-opbrengsten en meer invloed op de liquiditeit binnen het netwerk. Ook gelooft BMNR sterk in de rol van Ethereum in de toekomst van financiële infrastructuur. Bestuurslid Tom Lee verwacht dat ETH een dominante speler zal zijn in de stablecoin en tokenisatie markt. Beide sectoren zijn hard aan het groeien, mede dankzij duidelijke wet- en regelgeving onder de Trump administratie zoals de GENIUS Act. Daarnaast gelooft Tom Lee in een zogeheten supercycle voor ETH. Volgens de bekende top analist kan de grootste altcoin zelfs Bitcoin (BTC) voorbijstreven, allemaal dankzij grootschalige adoptie door tokenisatie. Als Ethereum de huidige marketcap van BTC wil evenaren dan zou de ETH koers al op ruim $15.000 komen. ETH en BMNR krabbelen langzaam op uit diepe dip De ethereum prijs reageerde vandaag beperkt op het nieuws. De altcoin steeg over de afgelopen 24 uur met 0,8% tot een huidige koers van $3.050. Daarmee zet de munt samen met de rest van de crypto markt een stijgende trend voort. Na een heftige crash in de afgelopen weken zakte de ETH koers vorige week vrijdag tot onder de $2.700. Ook het BMNR aandeel is langzaam aan het terugkrabbelen. Het ETH treasury bedrijf zakte vorige week tot $26. Een flinke crash ten opzichte van de all time high van $135 dat het bedrijf in juli van dit jaar nog wist te realiseren. De sterke daling van het BMNR aandeel valt samen met een algehele neerwaartse trend onder crypto treasury bedrijven. Ook Strategy, de grootste publieke Bitcoin houder, is ook flink lager aan het handelen vanaf zijn all time. Zo staat het MSTR aandeel momenteel op $175 tegenover een prijs record van $457 in juli. Ethereum (ETH) kopen op Bitvavo Bitvavo - grootste crypto exchange in Nederland Meer dan 340 beschikbare cryptocurrencies Lage transactiekosten Gemakkelijk via iDeal geld storten Professionele traders dashboard Bitvavo review Koop ETH op Bitvavo Let op: cryptocurrency is een zeer volatiele en ongereguleerde investering. Doe je eigen onderzoek. Het bericht BitMine koopt $44 miljoen aan ETH is geschreven door Thomas van Welsenes en verscheen als eerst op Bitcoinmagazine.nl.
Ethereum
ETH$3,081.73+2.55%
OP
OP$0.3381+0.26%
Checkmate
CHECK$0.016786-44.00%
Share
Coinstats2025/11/28 20:31
Upbit hack sparks altcoin season in Korea? Thailand targets WLD

Upbit hack sparks altcoin season in Korea? Thailand targets WLD

The post Upbit hack sparks altcoin season in Korea? Thailand targets WLD appeared on BitcoinEthereumNews.com. Korean crypto bros are pumping altcoins after Upbit’s $36M exploit Korean crypto traders are having an outsize effect on local altcoin prices following a major hack at South Korean exchange Upbit, according to CryptoQuant CEO Ki Young Ju. (Ki Young Ju) “Upbit got hacked and paused withdrawals, but Koreans are pumping alts since arbitrage bots are no longer running,” Ju said in an X post on Thursday, shortly after the exchange halted transaction activity after detecting an “abnormal transaction” with a value of around $36 million. With arbitrage activity suspended, local buy orders are having more significant pressure on prices, allowing Korean-listed altcoins to surge, as the selling pressure that typically puts a ceiling on price increases has disappeared. Crypto trader R2D2 said, “Unbelievable scenes here.” Crypto analyst A79 said, “Hack happens, and Koreans just flip it into a rally.” Upbit announced on Thursday that it had suspended deposits and withdrawals after identifying an unauthorized transaction worth approximately 54 billion won ($36 million), involving mainly Solana-based assets that were transferred to an unidentified wallet address. Assets reportedly affected by the hack include BONK (BONK), Official Trump (TRUMP), MOODENG (MOODENG), and Render (RENDER). Upbit to cover loss to prevent “any damage” to user assets The exchange clarified that while the hot wallet was impacted, its cold wallets — where the majority of user funds are stored — were not compromised. Dunamu CEO Oh Kyung-seok said: “We immediately identified the extent of the digital asset outflow caused by the abnormal withdrawals and will cover the entire amount with Upbit assets to prevent any damage to our members’ assets.” Some industry participants were confused by the fact that all the red numbers Ju shared were positive. StarkWare ecosystem lead Brother Odin was quick to ask the obvious question, before Ju explained that red…
Worldcoin
WLD$0.6626+1.68%
Effect AI
EFFECT$0.005211+0.26%
Major
MAJOR$0.09781-3.91%
Share
BitcoinEthereumNews2025/11/28 21:20

Trending News

More

The Channel Factories We’ve Been Waiting For

BitMine koopt $44 miljoen aan ETH

Upbit hack sparks altcoin season in Korea? Thailand targets WLD

IOG, Emurgo & CF Unite on 70M ADA Plan to Power Cardano

Countdown to Crypto Glory: 2025’s 10 Rising Stars Set to Ignite the Market with Apeing’s Upcoming Meme Coin Presale

Quick Reads

More

Beeg Blue Whale (BEEG) Community Culture & Meme Economics Deep Analysis

Beeg Blue Whale (BEEG) Price Prediction 2025-2030: Worth Investing?

Beeg Blue Whale (BEEG) Complete Beginner's Buying Guide: Investing in BEEG from Scratch

2026 Meme Coin Investment Strategy Complete Guide: Beeg Blue Whale (BEEG) Case Study

Sui Ecosystem & Beeg Blue Whale (BEEG) Development Prospects: In-Depth Analysis

Crypto Prices

mc_price_img_alt

Bitcoin

BTC

$92,674.23
$92,674.23$92,674.23

+1.88%

mc_price_img_alt

Ethereum

ETH

$3,083.47
$3,083.47$3,083.47

+2.40%

mc_price_img_alt

Solana

SOL

$142.70
$142.70$142.70

+0.38%

mc_price_img_alt

XRP

XRP

$2.2620
$2.2620$2.2620

+2.69%

mc_price_img_alt

DOGE

DOGE

$0.15508
$0.15508$0.15508

+0.70%