Recently, the South-Korean crypto exchange UpBit has faced a phishing attack. It was carried out using e-mail which stated UpBit requires more info about customer’s financial sweepstakes payment. However, the security firm East security claims this mail never came from UpBit’s official server.

The security firm further explains the modus operandi. The email consisted of a payout document. Though it appeared normal, it ran malicious code in the background. Then it would transfer the info about user’s device, private keys and login credentials to the hackers. After that hackers would get access to the user’s machine through a command and control system. The hackers have named the malicious file as UPBIT to avoid detection from Anti-virus tools.

The security organization believes that hackers are based out of North Korea and go by the moniker Kim Soo-ki. East Security has noticed traits in the current attack which were also present in a previous malware attack, Operation Fake Striker targeting government firms.

The security firm mentions no report of any substantial loss due to hacking. However, it advises dealing carefully with unsolicited e-mails and files. Users should be cautious while opening suspicious emails and files attachments.

The crypto exchange hacks are happening on a regular basis. Recently, popular exchange Binance got hacked. The crackers made away with 7,000 Bitcoins. Also, back in January, Cryptopia was hacked. Earlier this month the firm declared itself liquidated. Again, there was another incident where hackers used Microsoft email accounts to steal crypto from victims.