NewsletterUpbit Hack Update: Exchange Identifies Hidden Wallet Flaw As Cause of $30M Exploit
Highlights
- Upbit repaired a major wallet flaw discovered during its probe of the $30M theft.
- Weak signature data in past transactions created risks of partial key exposure.
- The exchange halted services and launched a full review of its security systems.
tform Upbit said it discovered and repaired a critical wallet vulnerability while investigating the $30 million theft that struck the South Korean cryptocurrency exchange this week. The company confirmed the flaw but said it has not established whether the weakness contributed to the breach.
Upbit Flags Wallet Bug Exposing Signature Weakness
In a statement released Friday, Upbit CEO Oh Kyung-seok said investigators identified a defect that could have allowed observers to analyze public blockchain transactions and infer certain private keys. He said the flaw came from Upbit’s internal wallet software, which produced weak signature data under specific conditions.
Private keys are not revealed through normal blockchain activity. They remain hidden by design. However, Upbit said the bug created a rare case where predictable signature patterns appeared in past wallet transactions. The company said those patterns could have made parts of some private keys recoverable through mathematical analysis.
Upbit said the vulnerability surfaced only after the company began a systemwide review. The audit started when the exchange detected irregular withdrawals from Solana ecosystem crypto assets wallets on Nov. 27. Officials said the inspection covered networks, wallet architecture, and internal security tools.
The company said its security team fixed the vulnerability soon after discovery. The exchange launched an emergency plan by shutting down deposits and withdrawals. Oh said the platform will reopen services after conducting one final inspection of all wallet systems and internal infrastructure.
The exchange said it had confirmed losses of around 44.5 billion KRW, or roughly $30 million. Customer assets totaled approximately 38.6 billion KRW (that’s almost $26 million). The platform said it had already suspended 2.3 billion KRW, or about $1.5 million, associated with the unauthorized transactions.
Platform Escalates Security Review
The platform added that it is conducting a more comprehensive investigation into its systems as part of its response. The exchange said it would reimburse all customer losses with its own reserves, and will update as the investigation proceeds.
The exchange suspended withdrawals on Nov. 26 after noticing irregular outflows of Solana-related tokens. The assets of SOL, ORCA, RAY, JUP and a few other tokens were listed on bots. The company swept remaining funds in the exposed wallets to cold storage and started rebuilding parts of its wallet infrastructure a few days later.
Upbit is South Korea’s largest cryptocurrency exchanges by trading volume. It is developed by a leading fintech company, Dunamu. Dunamu is readying for a merger with Naver, Korea’s largest internet conglomerate, as part of an expected public listing. Company said that the breach did not disrupt those plans.
South Korean officials have opened an investigation into the incident. Authorities are reviewing the unauthorized withdrawals and the internal wallet flaw disclosed by the company.
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more… to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
Premium Partners
Delivered every day.
- Insights that move markets
- 100,000 active subscribers
Related Articles
- Crypto Hacks 2025: North Korean Hackers Steal over $2B in ETH and SOL This Year
- Universal Exchange Bitget Removes Barriers to Traditional Markets, Offers Forex and Gold Trading to Crypto Users
- Breaking: U.S. CPI Inflation Falls To 2.7% YoY, Bitcoin Price Climbs
- Crypto Market Brace for Volatility Ahead of Today’s U.S. CPI Data Release – What to Expect
- Breaking: Canary Capital Files S-1 for its Staked INJ ETF
- Pi Coin Price Prediction as Expert Warns Bitcoin May Hit $70k After BoJ Rate Hike
- Cardano Price Outlook: Will the NIGHT Token Demand Surge Trigger a Rebound?
- Will Bitcoin Price Crash to $74K as Japan Eyes Rate Hike on December 19?
- Bitwise Predicts Solana Price Will Hit New All-Time Highs in 2026
- Bitcoin Price Outlook: Capriole Founder Warns of a Drop Below $50K by 2028
- XRP Price Rare Pattern Points to a Surge to $3 as ETFs Cross $1B Milestone
