Upbit found a wallet vulnerability during its $30 million crypto heist probe. The bug, now patched, might not be linked to the breach.
Upbit said it uncovered and patched a serious vulnerability. This was in its internal wallet system, which occurred while conducting an emergency investigation. This investigation was regarding the $30 million crypto heist. The theft was made on the South Korean exchange earlier this week. However, it is still not clear whether the flaw was linked to the hack or not.
Upbit Discovers Critical Wallet Vulnerability
According to a translation of a company statement on Friday, CEO Oh Kyung-seok had spoken. The exchange found “a security vulnerability in our system.” This may have enabled “someone analyzing publicly visible transactions to and from a wallet on Upbit at a public blockchain to deduce private keys.” Where he mentioned the cryptographic credentials. These control the access to the funds.
Meanwhile, North Korea’s Lazarus Group is suspected. They carried out the recent heist of about 44.5 billion won ($ 30.4 million). This crypto has been hacked from Upbit. Upbit is the largest crypto exchange in South Korea.
Related Reading: Upbit Heist: Lazarus Linked to $30M Upbit Crypto Heist | Live Bitcoin News
Upbit first reported that it lost 54 billion won ($36.8 million). However, it later changed the number down. The new figure is nearly 44.5 billion won ($30.4 million). It had the meaning of anonymous government and industry sources. Moreover, authorities gear up to inspect Upbit on the spot.
Upbit is reporting the cyber breach to the concerned authorities. This is within the context of the relevant laws and regulations. It is investigating the cause and magnitude of the incident. Upbit went through a thorough inspection. This was of the relevant network and wallet system. It happened right after detecting an abnormal withdrawal of its Solana wallet.
Enhanced Security Measures Implemented Post-Hack
In the process, Upbit discovered and fixed a security vulnerability. This led to the deduction of private keys. These are passwords which provide access to blockchain wallet addresses and assets. And this was possible through the analysis of several transactions within the Upbit wallet.
Moreover, Upbit will keep working closely with relevant authorities. It will let members know transparently of any disclosures. To protect member assets, Upbit has frozen the deposit and withdrawal of digital assets. In addition, it is tracking and freezing any digital assets that have moved out of Upbit.
On the other hand, Upbit has estimated that there are about 44.5 billion won in damages in assets. Members’ assets that were affected by the incident totaled about 38.6 billion won. Of this, some 2.3 billion won has been frozen. Upbit’s own assets impacted by the case were around 5.9 billion won. In addition, Upbit reiterates that all affected assets have been fully compensated.
Upbit is currently revamping its wallet system completely. It would resume digital asset deposits and withdrawals as soon as stability was confirmed. Moreover, Upbit has put a company-wide emergency response system in operation. It is taking a look at its entire security system in response to this incident.
Ultimately, Upbit has done its best to safeguard member assets. However, it has been realized that there is no such thing as perfect security. It promises to take advantage of this incident. This is to further boost company-wide security efforts. In addition, it will commit itself to the development of overall security measures. These will be preventative for future occurrences.