ExchangeDEX+

Buy Crypto Markets Spot FuturesBTC Earn Event Center

PANews reported on November 28th that security firm GoPlus analyzed the Upbit attack and revealed several serious issues: the hot wallet leak points to vulnerabilities in key management and internal network security vulnerabilities. Cold wallets remain secure. The incident is noteworthy for several reasons: 1. It was an "anniversary attack"—the date coincided with the $50 million hack in 2019 (six years ago); 2. The timing was clever—the attack was launched hours after the announcement of the major merger between Dunamu and Naver; 3. It exhibited typical Lazarus characteristics—the speed, methods, and symbolic significance of the attack; 4. Sophisticated money laundering methods—using multiple DEXs, potentially circumventing regulations (2200 SOL tokens transferred to Binance). All these signs indicate that the platform may have been under long-term infiltration by an Advanced Persistent Threat (APT) group. Previously, Upbit disclosed that approximately 54 billion won worth of Solana network assets had been stolen ; South Korean authorities suspect that the North Korean hacking group Lazarus was behind the attack .PANews reported on November 28th that security firm GoPlus analyzed the Upbit attack and revealed several serious issues: the hot wallet leak points to vulnerabilities in key management and internal network security vulnerabilities. Cold wallets remain secure. The incident is noteworthy for several reasons: 1. It was an "anniversary attack"—the date coincided with the $50 million hack in 2019 (six years ago); 2. The timing was clever—the attack was launched hours after the announcement of the major merger between Dunamu and Naver; 3. It exhibited typical Lazarus characteristics—the speed, methods, and symbolic significance of the attack; 4. Sophisticated money laundering methods—using multiple DEXs, potentially circumventing regulations (2200 SOL tokens transferred to Binance). All these signs indicate that the platform may have been under long-term infiltration by an Advanced Persistent Threat (APT) group. Previously, Upbit disclosed that approximately 54 billion won worth of Solana network assets had been stolen ; South Korean authorities suspect that the North Korean hacking group Lazarus was behind the attack .

Analysis: Upbit may have been subjected to long-term infiltration by an advanced persistent threat organization.

2025/11/28 13:26

Previously, Upbit disclosed that approximately 54 billion won worth of Solana network assets had been stolen ; South Korean authorities suspect that the North Korean hacking group Lazarus was behind the attack .

Market Opportunity

MAY Price(MAY)

$0.01361

$0.01361$0.01361

-1.73%

USD

MAY (MAY) Live Price Chart

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.