09-04-2025 
|
Getting your Trinity Audio player ready...
|
Seoul police in South Korea have taken down an international hacking organization that stole KRW39 billion ($28.1 million) in assets, including stocks and digital assets, by stealing the personal information of 258 wealthy individuals, including K-pop star Jungkook, several large corporation CEOs, and 28 digital asset investors.
On August 28, the Seoul Metropolitan Police Agency’s Cyber Investigation Unit announced the arrest of 16 suspects, including the hacking group’s two Chinese ringleaders, who allegedly traveled between China and Thailand from July 2023 to April 2025 to organize the criminal enterprise, according to a report by local outlet Korea Joongang Daily.
The perpetrators allegedly hacked six websites with weak security, including those of government and public institutions, IT platform companies, and financial institutions, to steal the victims’ personal information.
“We have arrested a total of 16 people, including two leaders of an international hacking organization and domestic and foreign members who hacked into government and public/private organization websites, stole financial information from wealthy individuals, and then used methods such as illegally opening cheap phone accounts to steal their assets,” said the Seoul Metropolitan Police Agency’s Cyber Investigation Unit.
The local report further noted that the attackers exploited loopholes in the mobile phone subscription process to open 118 SIM cards in the names of 89 of the victims, giving them a fraudulent means of identity verification. They then used these mobile phones to defraud KRW39 billion ($28.1 million) from the financial and digital assets of 16 victims; the largest single loss was KRW21.3 billion ($15.2 million) in digital assets from one victim.
In the case of Korean singer and pop star Jungkook, known as a member of South Korean pop group BTS, the attackers allegedly attempted to steal KRW8.4 billion ($6 million) worth of HIVE Digital Technologies (NASDAQ: HIVE) stock, but the financial institution reportedly flagged it as an unusual transaction, ultimately preventing any losses.
One of the heads of the hacking group, just known as “Chinese national A (34),” was identified earlier last month and on August 22, “forcibly repatriated from Thailand” by the South Korean Ministry of Justice, as reported by local outlet Yonhap News.The alleged second in command, known as “Mr. B (40),” is reportedly also being prepared for extradition.
The head of the 2nd Cyber Investigation Unit of the Seoul Metropolitan Police Agency, Oh Gyu-sik, told Joongang Daily that “this incident of bypassing the non-face-to-face authentication system is unprecedented, and the large amount of money in the accounts they accessed could have easily led to an even bigger crime.”
He added that the agency would “continue to swiftly activate the response system of relevant organizations to minimize further damage and do our best to protect citizens’ property and personal information.”
Watch | Certihash Sentinel Node: Improving cybersecurity with blockchain
Recommended for you
