Korea's Telecom Giant: Country's Biggest Crypto Exchange Hack Caused by APT

For the third time in two years, Bithumb, South Korea's biggest crypto exchange, was hacked in June 2018.

SK, the country's telecom giant, stated that the hack was likely caused by APT attacks.

"The Bithumb crypto exchange hack is currently being invested by local financial authorities and the exact reason for the hack has not been revealed by investigators. But, here at SK Infosec, we suspect that the exchange hack was highly likely caused by an APT attack, either by a way of infiltrating into the computers of employees or the internal system of the exchange."

Given that SK already invested in Korbit, the third biggest crypto exchange in South Korea and disclosed intent to integrate cryptocurrencies on OKCashBag, SK Infosec's extensive evaluation of the Bithumb breach can be attributed to the conglomerate's deep-rooted interests in the crypto sector.

Hackers gained access to the internal server by targeting an employee with a phishing attack called spearphishing and then directly installing malware onto the employee computer.

Direct attack on the internal server by initiating an APT attack.

Researchers at SK Infosec emphasized that the second scenario, involving sophisticated APT attacks, is most likely to be the culprit since Bithumb already experienced two hacks based on the first scenario.

Chosun, a leading mainstream media outlet in South Korea, reported in June that Bithumb had knowledge of suspicious activities four days before the hacking attack occurred.

Local publications including Chosun reported that the criticism towards Bithumb and other crypto exchanges continued throughout the past 12 months.

With the government drafting a new crypto regulatory framework it is possible that the government of South Korea may require crypto exchanges to spend a portion of their funds and capital in improving their security measures.