South Korean Crypto Exchange UPbit Admits 342K ETH (~$50M) Theft

UPbit, South Korean cryptocurrency exchange, has recently posted a statement on its official website, confirming a cyberattack that resulted in the robbery of approximately $50 million in virtual assets. The statement was posted on 27th November, when UPbit informed users about the suspension of its services related to deposit and withdrawal of cryptocurrency.

The crypto exchange also revealed in the post that over 342,000 of Ethereum (ETH)trade was seized and stolen from Upbeat’s Ethereum hot wallets, and transferred to a previously unidentified wallet address. The hackers’ haul turned out to be massive: 342,000 Ether coins, which add up to over $51 million at the current Ethereum price.

Chief Executive of Dunamu, the parent company of UPbit and head of its operations, Lee Seok-woo, stated in the statement that the attack took place at 1:06 pm on South Korea’s local time on November 27th. The original wallet address that was suspected of the attack carried out multiple transactions to at least 3 other addresses (2, 3, 4) in what appears to be an attempt to move the stolen ETH quickly.

Furthermore, Lee Seok-woo promised the customers of UPbit that any damages to their wallets caused due to stolen funds will be compensated. He stated that the company will need an expected two-week timeframe to resume its regular services for withdrawal and deposits.

Currently, all the cryptocurrencies remaining in the exchange provider’s hot wallet have been transferred to cold wallet storage structure that is based in hardware and is not connected to the internet in order to avoid any further damages to the wallets of users or cryptocurrency on the platform.

The recently unveiled cyberattack has become a cause of concern for the cryptocurrency community. Users are worried that crypto service providers are keeping large amounts of virtual assets on hot storage, which could potentially increase the threat of such attacks against digital currency exchange platforms. Furthermore, the company has not disclosed information about how the alleged cyberattack took place and caused the damage.

Cryptocurrency communities on social media platforms such as Reddit, have put forth theories about the authenticity of the claims about the hack. Cryptocurrency exchanges have previously also used the excuse of a cyberattack to obscure the consumers and gotten away with exit scams.

Although there is no concrete proof that UPbit’s losses were orchestrated from inside the company or are a part of exit scam, the list of cases preceding the recent update about UPbit’s cyberattack have included BitConnect, Benebit and LoopX in the community and has caused consumers to be hesitant.