Cyber Incident Victim: Youbit

Youbit, a South Korean cryptocurrency exchange previously known as Yapizon, suffered two major cyberattacks within eight months in 2017 that ultimately led to its shutdown. The first breach occurred in April 2017, resulting in the theft of 4,000 bitcoins valued at approximately $73 million at the time of reporting. South Korea's Internet and Security Agency (Kisa) attributed this initial attack to cyber operatives working for North Korea, linking it to broader campaigns targeting cryptocurrency exchanges including Bithumb and Coinis. The exchange rebranded to Youbit following this incident but faced another intrusion in December 2017, during which hackers stole 17% of the company's total assets. While the exact financial value of the second theft remained undisclosed, the cumulative impact proved catastrophic. Kisa initiated an investigation into the December breach but did not publicly attribute responsibility for this subsequent attack at the time of reporting.

The December 2017 attack triggered immediate operational collapse, forcing Youbit to file for bankruptcy and cease operations. Customers were notified they would recover approximately 75% of their deposited cryptocurrency value, with the exchange expressing regret over the shutdown. Security measures including the use of a "cold wallet" – an offline storage system for assets not actively traded – prevented greater losses by safeguarding a portion of digital holdings from the attackers. As one of South Korea's smaller exchanges, Youbit's closure contrasted with market-dominant platforms like Bithumb, which controlled 70% of national Bitcoin trading. The incident underscored escalating threats against cryptocurrency platforms, with cybercriminals increasingly targeting exchanges to steal large volumes of digital assets directly rather than through indirect methods like cryptocurrency-mining malware.