TechFlow, June 19 — According to BitoPro's disclosure, the exchange today released an update regarding the security incident on May 9. Based on the latest forensic report, preliminary findings confirm that the attack was carried out by the North Korean hacker group "Lazarus Group," with no involvement of internal personnel.
The attackers used social engineering techniques against a team member responsible for cloud operations, successfully implanted malicious software, bypassed multi-factor authentication, and launched the attack during a wallet system upgrade. Around 1:00 AM on May 9, hackers activated a malicious script to simulate legitimate transactions and illegally transferred cryptocurrency from hot wallets.
After detecting the anomaly, BitoPro's security team immediately took countermeasures, including shutting down the hot wallet system, rotating encryption keys, and rebuilding affected systems. The incident has been referred to criminal investigation authorities for further investigation.




