Seoul, Nov 6 South Korea's financial watchdog on Thursday slapped a fine of 35.2 billion won ($24.3 million) on Dunamu, the operator of the country's top cryptocurrency exchange, Upbit, for violating customer identification obligations.
The Financial Intelligence Unit (FIU) under the Financial Services Commission said Dunamu did not comply with its obligations to verify the identities of users in about 5.3 million cases and committed other violations, including failing to report 15 suspicious transactions, reports Yonhap news agency.
In particular, the company accepted photocopies or re-photographed image files of user portraits, in which their identities could not be fully verified, instead of requiring original documents.
There were also cases in which the address field of the customer identification documents was left blank or contained inaccurate or irrelevant information, according to the FIU.
In addition, Dunamu violated its obligation to restrict transactions by users whose verification process had not been completed in 3.3 million cases.
"We have completed protective measures for investors and will make efforts to prevent a recurrence of such violations," Dunamu said in a release.
The FIU will give Dunamu 10 days to submit its opinion before finalising the fine.
Earlier in the day, KT Corp., South Korea's second-largest mobile carrier, was found to have concealed critical malware infections and failed to report the security breaches that led to a recent hacking and data theft incident, a government-led investigation revealed.
The joint government-private investigation team, which is examining KT's recent cyberattack linked to illegal micro base stations, said the company learned between March and July of 2024 that 43 of its servers had been infected with so-called BPFDoor malware and other malicious code.
Despite detecting the infections, which exposed customer data, the company did not notify authorities and instead attempted to handle the issue internally, according to the team.
BPFDoor malware enables remote attackers to bypass firewalls and maintain long-term access to compromised systems. It was also used in a separate hacking case involving industry leader SK Telecom Co. reported earlier this year.
Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor