Hot Wallet of Upbit Ransacked, $48.5 Million worth ETH Stolen

latest cyber threats 5/5 (1)

The hot wallet of Upbit was ransacked by hackers stealing 342,000 Etherium (ETH) worth $48.5 million in cryptocurrency.


Upbit is a South Korean cryptocurrency exchange initially launched as a partnership between Bittrex and South Korean app maker Dunamu. Upbit ranked third globally and first in Korea in April Market Surveillance report published by Blockchain Transparency Institute on April 12, 2019.

Upbit cyberattack

“At 1:06 PM on 27 November 2019, 342,000 ETH(approximately 58 billion won) were transferred from the Upbeat Ethereum Hot Wallet to an unknown wallet. Unknown wallet address is 0xa09871AEadF4994Ca12f5c0b6056BBd1d343c029” reads the data breach notification published by the company.

The attackers did a total of 40 transactions for a total amount of 342,000 ETH worth of cryptocurrency that were stored in the main hot wallet of the exchange.

What did the company do as soon as cyberattack took place?

As the company curtailed its deposits and withdrawals on Wednesday, the  customers we’re not able to operate with their wallets. Lee Seok-woo, chief executive of Doo-myeon that operates the Upbit exchange, promised that the company will completely cover the stolen funds and it will restore normal operations in a couple of weeks. The exchange said the loss will be covered by it’s own assets.

The users are urged to avoid sending any cryptocurrency to the platform before they’re advised to.

The exchange has moved all it’s remaining crypto currency in the exchange’s Hot Wallet to the Cold Wallet that is not connected to the internet and said it will cover the losses via it’s assets. 

Hot wallet and cold wallet

Hot wallet refers to any cryptocurrency wallet that is connected to the internet. Cold wallet refers to any crypto currency wallet that is not connected to the Internet. Cold storage is more secure, but they don’t accept many cryptocurrencies as do many of the hot wallets.

The massive withdrawal alerts did raise suspicions, with several people on social media calling it a hack. On Reddit, some users have questioned the authenticity of the hack claim, which is no surprise given how often exchanges will say they have suffered a cyberattack, only to perform an exit scam.

For the latest cyber threats and the latest hacking news please follow us on FacebookLinkedin, and Twitter.

You may be interested in reading: Click2Mail Suffers Data Breach


Please rate this content