Cryptocurrency exchange Youbit declares bankruptcy following massive cyber-attack

Cryptocurrency exchange Youbit declares bankruptcy following massive cyber-attack

BitGrail goes bust after losing $170 million to large-scale theft

Suspected hackers forced Youbit, a leading South Korean cryptocurrency exchange, to declare bankruptcy after their latest attack resulted in the loss of 17% of the firm’s total assets.

Youbit suffered two major cyber-attacks in less than ten months which forced it to declare bankruptcy and disburse the cryptocurrency in its possession.

Popular South Korean cryptocurrency exchange Youbit was forced to declare bankruptcy after a major cyber-attack on its servers wiped out 17% of its overall assets. This was the second such cyber-attack the exchange suffered this year and its closure surely doesn’t bode well for other cryptocurrency exchange platforms.

The sudden and unprecedented surge in the value of Bitcoin has tempted hackers to mount repeated cyber-attacks and phishing attacks on cryptocurrency exchanges and marketplaces of late. Last week, Bitfinex, the world’s largest cryptocurrency trading platform, said that it suffered a series of major DDoS attacks that forced it to go offline several times since November.

A week ago, cryptocurrency marketplace NiceHash’s payment servers were compromised, resulting in the loss of Bitcoin wallet value worth millions of dollars. According to CoinDesk, hackers stole as many as 4,736.42 Bitcoin from NiceHash customer wallets which was equivalent to more than $62 million at current rates.

A cyber-attack on Bithumb, South Korea’s largest etherium cryptocurrency exchange, in July also resulted in a loss of over $1 million in digital coins. The hackers also compromised details of 30,000 customers and proceeded to dry up customers’ Bithumb accounts using stolen passwords.

Following the latest cyber-attack on its servers, Youbit announced that it has halted all deposits and withdrawals and that it would disburse all cryptocurrency in its possession.

‘Due to bankruptcy, the settlement of cash and coins will be carried out in accordance with all bankruptcy procedures. However, in order to minimize the damage to our members, we will arrange for the withdrawal of approximately 75% of the balance at 4:00 am on December 19, The rest of the unpaid portion will be paid after the final settlement is completed,’ the exchange said in a statement on its website.

A number of researchers have connected Lazarus Group, an infamous North Korean hacker group, with various cyber-attacks conducted on cryptocurrency marketplaces and exchanges in the recent past. A few days ago, researchers at security firm Secureworks revealed that Lazarus Group sent spearphishing e-mails to executives at several cryptocurrency firms about a vacant CFO position at a leading London-based cryptocurrency firm.

Recipients were asked to apply for the vacant CFO position by downloading Microsoft Word documents attached to the emails which purportedly contained details like job description, responsibilities and eligibility requirements. These attachments in fact contained Remote Access Trojans (RATs) which downloaded additional malware into victims’ systems to help the group steal cryptocurrency from their servers.

It remains to be seen if the Lazarus Group or any other North Korean hacker group is responsible for the cyber-attack on Youbit’s servers that resulted in the loss of cryptocurrency worth millions. The firm has promised to minimise the losses suffered by members by either offering cyber insurance worth 3 billion Won or by selling its operating rights.

‘While the exact details of the attacks on Youbit are unknown, an examination of the other cryptocurrency attacks over the year suggest that organisations need to start with the basics. Firstly, server infrastructure and the applications that host cryptocurrencies need to be seen as a security risk – as this is a vector for attack we have seen time and time again,’ says Leigh-Anne Galloway, Cyber Resilience Lead at

‘No matter how secure a currency is, if the web application, mobile application, server or network the currency operates on is vulnerable, the contents are at risk. Secondly, there needs to be a greater focus on preventing social engineering attacks – protecting against website clones and educating users to avoid malicious websites and apps as quick as possible.

‘If cybersecurity continues to be a second thought, we will continue to see sustained attacks that damage the reputation of virtual currencies as a whole, and ultimately results innocent users losing their money to criminal,’ Galloway adds.

Copyright Lyonsdown Limited 2021

Top Articles

2,500 years of Threat Intelligence

In order for threat intelligence to deliver as promised, we need to heed Sun Tzu and start with a data-driven approach.

Don’t fall foul of homoglyph web domains

Homoglyphs are characters from other scripts, which can look like Latin letters. They are used in domain names and they are very hard to spot.

Cyber attack targeted Spanish beer maker Damm; halted brewery operations

Damm, Spain's second largest beer-making company, suffered a major cyber attack targeting one of its IT systems last week.

Related Articles

[s2Member-Login login_redirect=”” /]