Upbit uncovers private key vulnerability after $30M hack

The post Upbit uncovers private key vulnerability after $30M hack appeared on BitcoinEthereumNews.com.

South Korean crypto exchange Upbit says that there is “no excuse” for the “inadequate security management” that has led to a serious private key vulnerability on its platform. Oh Kyung-seok, the CEO of Upbit’s parent company, Dunamu, issued a statement today that claimed the vulnerability, which could allow would-be hackers to guess another user’s private keys, was discovered during its analysis of public Upbit wallet transactions on the blockchain. Translated from Korean using DeepL, Oh apologized for the 44.5 billion Won ($30 million) theft from the firm’s Solana hot wallet, saying, “This intrusion incident resulted from inadequate security management at Upbit, and there is no excuse for this.” Upbit says attackers might have inferred private keys by analyzing user wallet address patterns. If true, I doubt anyone other than North Korean hackers (Lazarus) could do this. pic.twitter.com/cS4I8okrVb — Ki Young Ju (@ki_young_ju) November 28, 2025 CryptoQuant CEO Ki Young Ju thinks Lazarus might be the culprit of Upbit’s hack. Read more: The solution to crypto’s Lazarus problem could be simpler than expected The CEO revealed that 38.6 billion Won ($26.2 million) consisted of “member losses” and that 2.3 billion Won was frozen. Oh also claimed that the other 5.9 billion Won ($4 million) was made up of company losses.  Oh’s statement claims that Upbit was able to address the private key estimation vulnerability and also fully reimburse user losses with Upbit’s remaining reserves. “To protect member assets, Upbit has suspended digital asset deposits and withdrawals, is tracking digital assets moved outside of Upbit, and is taking freezing measures,” it claimed.  Lazarus suspected of private key exploit South Korean news outlet Yonhap News reported that authorities suspect the hack was the result of North Korea’s Lazarus Group, and that an on-site investigation at Upbit is underway.  Upbit was previosuly targeted by…

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ November 28, 2025 1:24 pm