Deep Tide TechFlow news, on June 19, according to BitoPro's disclosure, the exchange today released the latest progress regarding the security incident on May 9. According to the forensic report released on June 11, preliminary investigation results confirm that this attack was carried out by the North Korean hacker organization 'Lazarus Group', with no internal personnel involved.
The attackers used social engineering techniques to target members of the cloud operations team, successfully implanting malware, bypassing multi-factor authentication, and launching the attack during a wallet system upgrade. Around 1 AM on May 9, the hackers activated the malicious script, simulating legitimate transactions to illegally transfer cryptocurrency from the hot wallet.
The BitoPro security team immediately took response measures upon discovering the anomaly, including shutting down the hot wallet system, replacing encryption keys, and rebuilding affected systems. The incident has been handed over to criminal investigation units for further investigation.