On July 24, 2025, WOO X suffered a cryptocurrency-theft incident attributed by the exchange to suspected North Korea-linked activity. A developer ran a malicious open-source collaboration project on a company MacBook, giving the actor access through a compromised VPN session into cloud and Kubernetes infrastructure; the actor later changed credentials for nine high-value accounts and initiated about $14 million in unauthorized withdrawals across multiple chains.