Police have launched an investigation into a virtual asset hacking incident worth 44.5 billion won that occurred at Upbit, Korea's largest virtual asset exchange, last month.
According to police and others on the 5th, the Cyber Terror Investigation Unit of the Korean National Police Agency National Office of Investigation (NOI) has converted the Upbit case, which it had been conducting a preliminary probe on, into a formal investigation. The stage shifts from a preliminary probe to a formal investigation when criminal suspicions are objectively substantiated and the need for an investigation is recognized.
Police, who became aware of the hacking through media reports on the day of the incident on the 27th last month, immediately prepared for an investigation, including conducting an on-site inspection of Dunamu headquarters.
According to the information and communications technology (ICT) industry and government authorities, this incident is being strongly discussed as likely the work of Lazarus, a hacking group under North Korea's Reconnaissance General Bureau. However, as it is the initial stage of the investigation, the suspect has not been identified.
The National Office of Investigation (NOI) also investigated a 2019 case six years ago in which 58 billion won worth of virtual currency kept by Upbit was stolen and determined it was the work of North Korea. After about five years of investigation, last year the National Office of Investigation (NOI) said that two groups—"Lazarus" and "Andariel," both under the Reconnaissance General Bureau—participated in the crime at the time.