For the second time in eight months the South Korean crypto-exchange Youbit has fallen victim to hackers. This time the owners have had to file for bankruptcy and the exchange has been closed, permanently.

Forced into Bankruptcy

The exchange announced the hack this morning on their website, saying that 17% of exchange assets had been taken and that all user-initiated deposits and withdrawals had been halted. Fortunately for the exchange’s customers, Youbit still had most funds under its control as they had been stored in a “cold wallet”, i.e. completely offline and so inaccessible to hackers.

In a statement Youbit stated that they would arrange for “the withdrawal of approximately 75% of the balance” to its customers. There should be a second payment when bankruptcy proceedings are completed.  

Lazarus Group

Though no one has been publicly blamed for the attack, there are similarities with the April breach and other recent attempts on South Korean exchanges. Last week South Korea’s Internet and Security Agency (Kisa) accused the North Korean Lazarus group of repeated attempts to hack exchanges and steal cryptocurrency. Reuters has reported that since the April breach Youbit has been subject to a repeated attacks which use code that has been linked to North Korea.

Cryptocurrencies appeal to the increasingly-isolated North Korean regime as a way around international sanctions. The South Korean National Intelligence Service (NIS) claimed last week that they had managed to thwart a malware attack on 10 exchanges.

The most popular method of spreading the malware appears to be via email. Crypto-workers worldwide were warned last week of a phishing scheme disguised as an advert for a CFO position at a London crypto firm.

Image From Shutterstock