NewsletterUpbit Hack Update: Exchange Identifies Hidden Wallet Flaw As Cause of $30M Exploit
Highlights
- Upbit repaired a major wallet flaw discovered during its probe of the $30M theft.
- Weak signature data in past transactions created risks of partial key exposure.
- The exchange halted services and launched a full review of its security systems.
tform Upbit said it discovered and repaired a critical wallet vulnerability while investigating the $30 million theft that struck the South Korean cryptocurrency exchange this week. The company confirmed the flaw but said it has not established whether the weakness contributed to the breach.
Upbit Flags Wallet Bug Exposing Signature Weakness
In a statement released Friday, Upbit CEO Oh Kyung-seok said investigators identified a defect that could have allowed observers to analyze public blockchain transactions and infer certain private keys. He said the flaw came from Upbit’s internal wallet software, which produced weak signature data under specific conditions.
Private keys are not revealed through normal blockchain activity. They remain hidden by design. However, Upbit said the bug created a rare case where predictable signature patterns appeared in past wallet transactions. The company said those patterns could have made parts of some private keys recoverable through mathematical analysis.
Upbit said the vulnerability surfaced only after the company began a systemwide review. The audit started when the exchange detected irregular withdrawals from Solana ecosystem crypto assets wallets on Nov. 27. Officials said the inspection covered networks, wallet architecture, and internal security tools.
The company said its security team fixed the vulnerability soon after discovery. The exchange launched an emergency plan by shutting down deposits and withdrawals. Oh said the platform will reopen services after conducting one final inspection of all wallet systems and internal infrastructure.
The exchange said it had confirmed losses of around 44.5 billion KRW, or roughly $30 million. Customer assets totaled approximately 38.6 billion KRW (that’s almost $26 million). The platform said it had already suspended 2.3 billion KRW, or about $1.5 million, associated with the unauthorized transactions.
Platform Escalates Security Review
The platform added that it is conducting a more comprehensive investigation into its systems as part of its response. The exchange said it would reimburse all customer losses with its own reserves, and will update as the investigation proceeds.
The exchange suspended withdrawals on Nov. 26 after noticing irregular outflows of Solana-related tokens. The assets of SOL, ORCA, RAY, JUP and a few other tokens were listed on bots. The company swept remaining funds in the exposed wallets to cold storage and started rebuilding parts of its wallet infrastructure a few days later.
Upbit is South Korea’s largest cryptocurrency exchanges by trading volume. It is developed by a leading fintech company, Dunamu. Dunamu is readying for a merger with Naver, Korea’s largest internet conglomerate, as part of an expected public listing. Company said that the breach did not disrupt those plans.
South Korean officials have opened an investigation into the incident. Authorities are reviewing the unauthorized withdrawals and the internal wallet flaw disclosed by the company.
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more… to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
Premium Partners
Delivered every day.
- Insights that move markets
- 100,000 active subscribers
Related Articles
- Crypto Exchange Bitget Donates $1.54M To Hong Kong Fire Victims
- Bitget Launches AI Trading Avatars to Enhance Crypto Trading Strategies
- Bitcoin Price to $100K or $80K as Matrixport Predicts Bulls-Bears Impasse?
- Shiba Inu Launches Major Shibarium Privacy Upgrade Following New AI Gaming Deal
- Bitmine Immersion (BMNR) Buys 14,618 ETH Amid Rising Institutional Interest
- Chainlink Price Outlook as Reserve Nears 1M LINK — Bullish Shift Ahead?
- Solana Price Set for Upside as SOL Hits Record 99% Tokenized Stock Share
- Is XRP Price Gearing Up for a Rally as Reserves Collapse?
- Dogecoin Price Hovers Above $0.15 as Bulls Eye a Fresh Breakout
- Shiba Inu Price Could Rally As SHIB Burn Rate Surges 790% in 24H
- Binance Coin Price Faces Steep Risk as Key BSC Metric Crashes 75%
