South Korean law enforcement has uncovered an organized international hacking group consisting of 16 members, specializing in stealing funds from the bank and cryptocurrency accounts of affluent citizens. Among the victims are businessmen, athletes, celebrities, and BTS member Jung Jungkook.
This is reported by Finway
Hacking Methods and Scale of Losses
From July 2023 to April 2024, the hackers operated from China and Thailand. They hacked into the websites of government and financial institutions, gained access to personal data, and created over 100 fake phone accounts. This allowed them to bypass security systems and gain control over the bank and cryptocurrency wallets of their victims.
In total, the criminals stole $28.1 million (39 billion Korean won) from the accounts of 258 influential individuals. The largest single incident in the cryptocurrency sector amounted to $15.4 million. Meanwhile, banks managed to prevent additional losses of about $18 million thanks to timely responses.
Targeted Attacks and Police Response
Among those targeted was Jungkook from BTS: in January, after the artist completed his military service, hackers attempted to withdraw $6.1 million in shares of Hybe Entertainment, but thanks to the vigilance of banking systems and management, the attempt was thwarted.
“This incident highlights a critical reality: international criminal organizations systematically target Korean entities, and most domestic institutions lack adequate protection against their advanced hacking capabilities,” said Rich O., regional manager for APAC at cryptocurrency wallet manufacturer OneKey, in a comment to Decrypt.
The police conducted a detailed investigation into the group’s activities: the hackers gathered data on 258 wealthy individuals, including 28 crypto investors, 75 top executives, 12 celebrities, and 6 athletes. However, actual attacks were carried out against 26 individuals whose accounts held over $39.8 billion.
Part of the stolen funds has been recovered—$9.2 million were frozen and returned to the victims. Two organizers were arrested in Bangkok with the assistance of Interpol, and one has already been extradited to South Korea to face trial on 11 charges, including economic crimes and cybersecurity violations.
Rich O. emphasized that this case indicates a “new level of hacking threat” and requires the implementation of a multi-layered protection strategy, including enhanced identity verification in telecommunications services and close international cooperation among law enforcement agencies.
It is worth noting that in May, a Russian citizen was also arrested in South Korea for cryptocurrency fraud amounting to $728,000.