The popular South Korean cryptocurrency exchange UPbit has suffered a massive hack attack in which hackers have stolen 342,000 Ethereum (ETH) which at the time of publishing this article amounts to $51 million.
The stolen amount was moved from Upbit’s ETH hot wallet to the following address: 0xa09871AEadF4994Ca12f5c0b6056BBd1d343c029.
As a result, Upbit has suspended all crypto-asset deposits/withdrawals and has also transferred all crypto-assets from its hot wallet to a cold wallet.
Additionally, Upbit said it will cover the losses from its own funds and will resume operation in approx 2 weeks.
Since the hack, people are sending a small ETH amount of transactions to the hacker’s wallet. Some of these transactions have private notes included – maybe asking to share the ETH with them or to return the stolen funds.
The incident has ignited a series of reactions from industry bigwigs mainly blaming the company’s employees for the unfortunate incident.
As noted by Joseph Young, Cointelegraph’s contributor, the timing of UPbit hack raises alarms that a company employee might be involved in the hacking.
“The ‘hacker’ timed when UPbit was making crypto transfers to its cold wallet (other alts like TRON, etc.). Hence, I think the probability of it being an inside job is higher than external breach” tweeted Young.
UPbit already confirmed the security breach with an official statement released on Wednesday. The company stated that 342,000 ETH was transferred from its Hot Wallet (address) to an unknown, unauthorized wallet.
“At 1:06 PM on November 27, 2019, 342,000 ETH (approximately 58 billion won) were transferred from the Upbeat Ethereum Hot Wallet to an unknown wallet,” the company said on November 27th.
Resultantly, UPbit has transferred all the stored cryptocurrencies and tokens including Tron (TRX) and BitTorrent (BTT) to a cold wallet, a common practice to freeze crypto when there is a threat of cyberattack.
However, initially, people suspected that these transactions were also part of the hack attack but the exchange clarified in an updated statement that just the Ether wallets were affected in the hack and the subsequent transactions were enabled to transfer funds to cold wallets as a precautionary measure.
UPbit transferred Stellar (XLM), EOS, and OMG to another crypto exchange Bittrex.
Moreover, the company promised its customers to cover the losses using the company’s assets.
Before making the announcement, the exchange suspended all of its operations and notified customers that deposit and withdrawal services will resume after at least two weeks.
CEO of Binance, Changpeng Zhao tweeted that his exchange will cooperate with UPbit to immediately freeze hacked funds if they are transferred to Binance.
UPbit is the eighth exchange to get hacked this year, which brings the total amount of cryptocurrency hackers have managed to steal this year at a whopping $1.44 billion.
