Seoul police dismantled an international hacking ring that stole $28.1 million from bank and crypto accounts, arresting 16 suspects including two alleged ringleaders; the group used breached government and telecom data to create fraudulent phone accounts and bypass security systems, targeting high‑net‑worth Koreans including BTS’s Jungkook.
-
16 suspects arrested, $28.1M stolen
-
Attackers exploited breached government and financial data to create over 100 fraudulent phone accounts.
-
Authorities froze and recovered $9.2M; banks blocked an additional $18M in attempted thefts.
Meta description: Seoul crypto hacking ring stole $28.1M from wealthy Koreans including Jungkook; reads like a briefing — learn arrests, losses, and protection steps.
What happened in the Seoul crypto hacking ring case?
Seoul police announced arrests in an international hacking ring that stole $28.1 million from victims’ bank and crypto accounts. The Cyber Investigation Unit says 16 suspects were detained after an operation run from China and Thailand exploited breached institutional data to create fraudulent mobile accounts and access funds.
How did the attackers bypass security to steal crypto and bank funds?
The group systematically harvested personal data from breached government and financial institution websites to profile wealthy targets. They created over 100 fraudulent phone accounts to bypass non-face-to-face authentication and then attempted unauthorized transfers from bank and crypto wallets.
| Category | Amount (USD) | Notes |
|---|---|---|
| Stolen | $28.1 million | 16 confirmed victims |
| Largest single crypto theft | $15.4 million | One incident among the thefts |
| Blocked attempts | $18 million | Banks prevented transfers to 10 victims |
| Frozen & returned | $9.2 million | Recovered through rapid response |
Who were targeted and how widespread was the profiling?
Police say attackers harvested data on 258 high-profile individuals: 28 crypto investors, 75 executives, 12 celebrities and 6 athletes. While the ring collected information broadly, theft attempts were made against 26 people whose combined reported balances equaled $39.8 billion.
Why was Jungkook targeted and what happened in his case?
BTS member Jungkook was among the high-profile targets. Attackers attempted to drain approximately $6.1 million in Hybe stock holdings after his military enlistment. Banking alerts and management intervention blocked the transfers; the incident underscores the risks faced by celebrity investors.
What law enforcement actions followed the arrests?
Seoul Metropolitan Police Agency’s Cyber Investigation Unit arrested 16 suspects and, with Interpol assistance, detained two alleged Chinese ringleaders in Bangkok. One suspect has been extradited to Korea and faces multiple charges including network and economic crimes, according to police statements.
How can crypto holders and wealthy individuals protect themselves?
Protective steps include multi-layered identity verification for telecom services, strict account monitoring, and using hardware wallets or multi-signature custody for large crypto holdings. Experts emphasize international law enforcement coordination to dismantle cross-border criminal operations.
- Enable hardware wallets and multi-signature custody for high-value crypto holdings.
- Require multi-factor authentication tied to secure, registered devices rather than SMS-only verification.
- Audit and limit third-party data exposures and conduct regular account activity monitoring with immediate freeze protocols.
Frequently Asked Questions
Who led the hacking operation and where did it operate from?
Police allege two Chinese ringleaders directed the operation from China and Thailand between July 2023 and April 2024, coordinating international breaches and fraudulent account creation.
What role did banks and telecoms play in stopping losses?
Banks flagged unusual transactions and blocked transfers, and telecom authentication flags prevented some fraud. Authorities credited rapid freezing measures for returning $9.2 million to victims.
Key Takeaways
- Major breach and recoveries: $28.1M stolen, $9.2M recovered, $18M blocked.
- Systematic profiling: Attackers breached institutional websites to harvest data and create fraudulent mobile accounts.
- Defense steps: Strong identity verification, hardware wallets, and international enforcement coordination are essential.
How to reduce the risk of similar attacks?
Adopt multi-signature custody for significant crypto holdings, require non-SMS-based authentication, and maintain rapid response agreements with banks and exchanges to freeze suspicious transfers.
Conclusion
This Seoul crypto hacking ring case demonstrates how sophisticated cross-border groups can exploit institutional weaknesses to target wealthy individuals, including celebrities like Jungkook. Strengthening telecom identity verification, adopting hardware wallets, and enhancing international law enforcement cooperation are immediate priorities to reduce future losses.
