TLDR
- Binance froze only 17% of stolen Upbit funds, despite urgent requests from Upbit and local authorities.
- Hackers used complex laundering tactics, moving funds across multiple chains before reaching Binance.
- Binance delayed freezing assets by 15 hours and cited the need for additional verification.
- Experts urge for quicker, coordinated freeze mechanisms between exchanges to reduce losses.
- Upbit moved 99% of its assets to cold storage following the $30 million hack, exceeding South Korea’s legal requirements.
Korean authorities say Binance froze only a small portion of the funds stolen during last month’s Upbit hack. Despite an urgent request from Upbit and local police to halt the movement of illicit assets, Binance took action on only 17% of the stolen funds. This delay has raised concerns about the effectiveness of exchange responses in similar situations.
Binance Freezes Only 17% of Stolen Upbit Funds
According to a local news media report, the hacking group responsible for the breach used complex laundering techniques to move the stolen funds. The assets were split into smaller amounts, passed through multiple chains, and laundered using token bridges and swaps. According to investigators, most of the funds eventually landed in Binance’s service wallets.
Upbit and the police requested an immediate freeze on roughly 470 million won (approximately $370,000) worth of Solana, which had been confirmed on Binance. However, the exchange only froze 80 million won (about $75,000) of the total amount. Binance explained that it needed additional verification before taking further action.
Binance confirmed the freeze around midnight, 15 hours after the initial request. The delay and the limited scope of the freeze have drawn criticism. When asked about the specifics of the freeze, Binance declined to provide detailed comments, citing its policy on active investigations.
Experts Call for Faster, Coordinated Freeze Mechanisms
Security experts in South Korea are calling for quicker, more coordinated responses to prevent further losses in cases like this. Cho Jae-woo, director of Hansung University’s Blockchain Research Institute, stressed the importance of rapid intervention. He said exchanges often cite litigation risks as a reason for hesitating in critical moments.
The hacking group’s actions involved spreading the stolen assets across a large number of wallets. Experts argue that establishing a global emergency hotline or a coordinated body for immediate freezes could help minimize damage. This could be especially effective in crisis situations where time is crucial.
Most of the stolen funds have since been converted from Solana to Ethereum. This move was likely made to improve liquidity, given Ethereum’s larger market depth. Despite these efforts, investigators are still working to track and recover the remaining funds.
Upbit Shifts to Cold Storage After $30M Hack
In response to the breach, a recent Wu Blockchain post on X this week revealed that Upbit has moved 99% of its customer assets into cold storage. This drastic measure comes after the hack that resulted in a loss of 44.5 billion won (about $30 million).
Upbit’s operator, Dunamu, announced plans to further increase cold storage to 99%, far exceeding South Korea’s legal requirement of 80%. This plan follows a recent apology that was made by the Dunamu CEO, as it was reported by Blockonomi.
The exchange had already held over 98% of its assets in cold storage by the end of October. Following the breach, Upbit is making significant changes to its security protocols. South Korean authorities are continuing their investigation into the hack, with early reports linking it to North Korea’s Lazarus Group.
The post Authorities Question Binance’s Response After Partial Freeze of Upbit Hack Funds appeared first on Blockonomi.