BitoPro Statement & Progress Update
Contents
BitoPro Statement & Progress Update: June 19, 2025
This statement provides an update on the security incident that occurred on May 9, 2025. Our internal security team and a third-party professional cybersecurity firm conducted a comprehensive, month-long investigation. Based on the forensic report issued on June 11, 2025, preliminary findings confirm no internal personnel involvement. Furthermore, the attack methodology bears resemblance to patterns observed in multiple past international major incidents, including illicit transfers from global bank SWIFT systems and asset theft incidents from major international cryptocurrency exchanges. These attacks are attributed to the North Korean hacking organization 'Lazarus Group.'
The attackers conducted a social engineering attack on a team member responsible for cloud operations, successfully implanting malware. This allowed them to bypass our antivirus, endpoint protection, and cloud security detection systems. The threat actors then operated stealthily from the employee's computer, observing daily operational behaviors to evade routine security monitoring. They subsequently …
This statement provides an update on the security incident that occurred on May 9, 2025. Our internal security team and a third-party professional cybersecurity firm conducted a comprehensive, month-long investigation. Based on the forensic report issued on June 11, 2025, preliminary findings confirm no internal personnel involvement. Furthermore, the attack methodology bears resemblance to patterns observed in multiple past international major incidents, including illicit transfers from global bank SWIFT systems and asset theft incidents from major international cryptocurrency exchanges. These attacks are attributed to the North Korean hacking organization 'Lazarus Group.'
The attackers conducted a social engineering attack on a team member responsible for cloud operations, successfully implanting malware. This allowed them to bypass our antivirus, endpoint protection, and cloud security detection systems. The threat actors then operated stealthily from the employee's computer, observing daily operational behaviors to evade routine security monitoring. They subsequently …