The South Korean cryptocurrency exchange Youbit was hacked and robbed of an undisclosed quantity of cryptocurrency on December 18.
A memorandum published on the homepage of the marketplace's website explains that the platform will file for bankruptcy, as well as suspend users' abilities to trade cryptocurrencies and withdraw holdings. (By press time, both of these functions were disabled.) In the letter, Yapian Co., Ltd., which operates Youbit, explains that an early morning attack deprived the exchange of "about 17% of [its] total assets."
The platform, formerly known as Yapizon, was first hacked in April 2017, at which time it was reportedly relieved of almost 4,000 bitcoin. Anonymous sources told Reuters that the December hack bore similarities to the one perpetuated in April, which was linked to North Korea, and that ever since the first incident, the exchange has endured a slew of attacks involving code previously used by North Korean agents.
On December 18, a Youbit spokesperson had denied that the exchange had been a target of North Korean hacking.
That same day, the White House officially named North Korea as the culprit behind the May 2017 WannaCry attacks that disrupted computer systems worldwide. George Kurtz, CEO of the cybersecurity firm CrowdStrike, has speculated that the politically isolated nation, which was subjected to sanctions following a 2014 hack of Sony Pictures, may be stockpiling bitcoin to finance future attacks.
South Korean police, as well as the Korea Internet and Security Agency – a government body tasked with responding to cyberattacks – are apparently investigating the episode.
The memo on Youbit's site relates that the recent theft was smaller than the previous one. Clients will be partially reimbursed for their holdings, it says, and thanks to "various measures," including a "comprehensive insurance" policy worth some $2.75 million, the exchange expects that each customer's loss will amount to less than 17 percent of their assets on the platform.
The letter attempted to frame the exchange as a responsible actor, noting that after the April hack, Youbit "made every effort to strengthen security" and "recruit personnel," and that it successfully reduced its "hot-wallet retention rate." During the latest hack, the digital assets housed "in the cold wallet" were not affected.