BusinessPostCorner.com
No Result
View All Result
Friday, July 17, 2026
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
BusinessPostCorner.com
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
No Result
View All Result
BusinessPostCorner.com
No Result
View All Result

Upbit Finds Critical Wallet Flaw Amid Probe Into $30M Hack

November 29, 2025
in Crypto News
Reading Time: 4 mins read
A A
0
Upbit Finds Critical Wallet Flaw Amid Probe Into M Hack
ShareShareShareShareShare

Crypto Journalist

Amin Ayan

Crypto Journalist

Amin Ayan

About Author

Amin Ayan is a crypto journalist with over four years of experience in the industry. He has contributed to leading publications such as Cryptonews, Investing.com, 99Bitcoins, and 24/7 Wall St. He has…

Share

Last updated: 

November 29, 2025

Upbit Finds Critical Wallet Flaw Amid Probe Into M Hack

South Korea’s largest cryptocurrency exchange, Upbit, said it uncovered and repaired a serious flaw in its internal wallet system while investigating the recent $30 million theft from the platform.

Key Takeaways:

  • Upbit found and fixed a wallet flaw that could have exposed private keys, but has not confirmed it caused the $30M hack.
  • The breach drained about 44.5 billion won, while roughly 2.3 billion won has already been frozen.
  • The exchange halted activity, moved funds to cold storage, and pledged full reimbursement.

In a statement released Friday, Upbit CEO Oh Kyung-seok disclosed that engineers identified a weakness in the exchange’s wallet software that could have allowed attackers to infer private keys by studying publicly available blockchain data.

However, the crypto firm has not confirmed whether the vulnerability played a role in the breach.

Upbit Says Internal Wallet Bug May Have Exposed Private Keys

The flaw did not stem from the blockchains themselves but from how Upbit’s wallet software generated cryptographic signatures.

According to the exchange, the issue may have produced weak or predictable signing data, creating the possibility that a sophisticated attacker could mathematically reconstruct wallet keys by analyzing historical transactions.

“We identified and addressed the vulnerability during a comprehensive inspection of all related networks and wallet systems,” Oh said, adding that the company activated emergency response protocols and halted all withdrawals and deposits until systems were verified as secure.

Upbit stopped onchain activity on November 26 after detecting abnormal outflows from its Solana-based hot wallets.

Tokens impacted included SOL, ORCA, RAY and JUP, the exchange said. Assets were quickly transferred to cold storage while forensic reviews began.

Losses totaled an estimated 44.5 billion won ($30 million), including about 38.6 billion won ($26 million) in customer holdings.

Upbit says attackers might have inferred private keys by analyzing user wallet address patterns. If true, I doubt anyone other than North Korean hackers (Lazarus) could do this. pic.twitter.com/cS4I8okrVb

— Ki Young Ju (@ki_young_ju) November 28, 2025

The exchange confirmed that approximately 2.3 billion won ($1.5 million) in funds have already been frozen through coordination with external parties.

Upbit emphasized that it has not established a direct link between the wallet vulnerability and the theft. The issue was discovered only during an internal audit triggered by the incident.

“No security system can ever be considered perfect,” Oh said, pledging infrastructure upgrades and continued transparency as investigations continue.

The company said all affected users would be reimbursed in full using internal reserves. Withdrawals and deposits will remain suspended until final security inspections are completed.

South Korean Probe Points to North Korea’s Lazarus Group in Upbit Hack

South Korean authorities have launched an investigation, and local reports have cited early intelligence assessments that allegedly connect the intrusion to North Korea’s Lazarus Group.

The group has previously been linked to crypto thefts aimed at generating revenue for Pyongyang amid persistent foreign currency shortages.

Officials believe this time the hackers may have bypassed core infrastructure by impersonating administrators or compromising internal accounts to authorize the withdrawal.

Upbit continues to work with law enforcement agencies and blockchain projects to freeze and recover assets where possible, the exchange said.

The incident comes at a sensitive moment for Upbit’s parent company, Dunamu, which is preparing for a merger with South Korean internet giant Naver ahead of a potential public listing.



Credit: Source link

ShareTweetSendPinShare
Previous Post

Bitcoin Signals “COVID-Era” Risk-Reward Setup Again: Bitwise Analyst

Next Post

Flights resume as normal after software update warning

Next Post
Flights resume as normal after software update warning

Flights resume as normal after software update warning

Dimon pressed over whether he lobbied UK government on Epstein’s advice

Dimon pressed over whether he lobbied UK government on Epstein’s advice

July 13, 2026
Invisible Learning: Building Skills at the Pace of Work

Invisible Learning: Building Skills at the Pace of Work

July 16, 2026
FASB chair plans for new standards, semiannual reporting

FASB chair plans for new standards, semiannual reporting

July 16, 2026
Tax Fraud Blotter: Win some, lose some

Tax Fraud Blotter: Win some, lose some

July 17, 2026
The ‘facade’ of the U.S.-Iran ceasefire crumbles after after largest round of fighting in months

The ‘facade’ of the U.S.-Iran ceasefire crumbles after after largest round of fighting in months

July 12, 2026
Claude AI Model Fable 5 Predicts Bitcoin Price Target For 2026

Claude AI Model Fable 5 Predicts Bitcoin Price Target For 2026

July 14, 2026
BusinessPostCorner.com

BusinessPostCorner.com is an online news portal that aims to share the latest news about following topics: Accounting, Tax, Business, Finance, Crypto, Management, Human resources and Marketing. Feel free to get in touch with us!

Recent News

Tax Fraud Blotter: Win some, lose some

Tax Fraud Blotter: Win some, lose some

July 17, 2026
Moonshot’s Kimi K3 pushes Chinese AI into Fable-level territory

Moonshot’s Kimi K3 pushes Chinese AI into Fable-level territory

July 17, 2026

Our Newsletter!

Loading
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA

© 2023 businesspostcorner.com - All Rights Reserved!

No Result
View All Result
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources

© 2023 businesspostcorner.com - All Rights Reserved!