Seoul, Nov 30 (IANS) North Korean hacking group Lazarus is suspected to have been behind at least 31 cyberattacks over the past year, a report showed on Sunday, amid mounting speculation that the group was responsible for a recent massive cryptocurrency breach at South Korean crypto exchange Upbit.

AhnLab Inc., a local software security firm, made the assessment in its latest report, saying Lazarus topped the list of advanced persistent threat (APT) groups with 31 incidents from October 2024 to September this year.

Another North Korea-backed group, Kimsuky, followed with 27 cases, the same data showed.

By country, North Korea accounted for 86 hacking incidents, followed by China at 27, Russia and India at 18 each, and Pakistan with 17.

AhnLab noted that the actual number of attacks could be higher than disclosed due to the sophisticated methods used by APT groups.

The report comes amid suspicions that Lazarus was behind a breach that drained around 45 billion won (US$30.6 million) worth of cryptocurrency from Upbit last week.

Authorities said the techniques used in the latest heist were similar to those employed in a 2019 attack in which the group allegedly stole 58 billion won worth of Ethereum from Upbit.

Lazarus is also suspected to be behind a recent breach of around 45 billion won ($30.6 million) worth of cryptocurrency from South Korea’s largest crypto exchange Upbit.

According to government and business sources, authorities plan to carry out an on-site investigation at the crypto exchange with a belief that Lazarus was behind the hacking.

Dunamu, which operates Upbit, said on Thursday it confirmed the transfer of 44.5 billion won worth of Solana-affiliated assets to an unauthorized wallet address and plans to cover the full amount with assets the company owns.

The hacking group had been suspected of stealing 58 billion won worth of Ethereum from Upbit in 2019.

Authorities said the methods used in the latest incident resembled those of the 2019 theft.

—IANS

na/