UpBit Exchange Phishing Email Scam Came From North Korea, Source Claims
A security firm analyzing the content of the emails believes a Pyongyang hacker group masterminded the scheme.
According to findings by local cybersecurity firm East Security, the scam came in the form of an email sent to UpBit users requesting account information.
The pretence was a fake giveaway, with the emails also containing a file called “Event Winner Personal Information Collection and Usage Agreement.hwp,” which would run malicious code when opened.
UpBit had alerted traders a day before, warning anyone receiving an email from the address “events@UpBit.co.kr” to discard it.
“Please note that this mail is not an email sent from UpBit,” a rough translation of a statement released at the time reads. It continues:
“If you receive an email with an attachment with a similar title that impersonates UpBit in future, please do not download the file attached to the email and delete the email immediately.”
According to East Security, the emails were the work of North Korean hacker group Kim Soo-Ki.
As Cointelegraph reported, North Korea continues to target the cryptocurrency industry worldwide, with United States FBI officials this week claiming such activity was a direct response to sanctions placed on its economy.
“Sanctions are having an economic impact, so cyber operations are a means to make money, whether it’s through cryptocurrency mining or bank theft,” a senior FBI official warned.