Buy CryptoMarketsSpotFuturesGOLDEarnEvent Center
More
Gold vs Crypto
The post Upbit uncovers private key vulnerability after $30M hack appeared on BitcoinEthereumNews.com. South Korean crypto exchange Upbit says that there is “no excuse” for the “inadequate security management” that has led to a serious private key vulnerability on its platform. Oh Kyung-seok, the CEO of Upbit’s parent company, Dunamu, issued a statement today that claimed the vulnerability, which could allow would-be hackers to guess another user’s private keys, was discovered during its analysis of public Upbit wallet transactions on the blockchain. Translated from Korean using DeepL, Oh apologized for the 44.5 billion Won ($30 million) theft from the firm’s Solana hot wallet, saying, “This intrusion incident resulted from inadequate security management at Upbit, and there is no excuse for this.” Upbit says attackers might have inferred private keys by analyzing user wallet address patterns. If true, I doubt anyone other than North Korean hackers (Lazarus) could do this. pic.twitter.com/cS4I8okrVb — Ki Young Ju (@ki_young_ju) November 28, 2025 CryptoQuant CEO Ki Young Ju thinks Lazarus might be the culprit of Upbit’s hack. Read more: The solution to crypto’s Lazarus problem could be simpler than expected The CEO revealed that 38.6 billion Won ($26.2 million) consisted of “member losses” and that 2.3 billion Won was frozen. Oh also claimed that the other 5.9 billion Won ($4 million) was made up of company losses.  Oh’s statement claims that Upbit was able to address the private key estimation vulnerability and also fully reimburse user losses with Upbit’s remaining reserves. “To protect member assets, Upbit has suspended digital asset deposits and withdrawals, is tracking digital assets moved outside of Upbit, and is taking freezing measures,” it claimed.  Lazarus suspected of private key exploit South Korean news outlet Yonhap News reported that authorities suspect the hack was the result of North Korea’s Lazarus Group, and that an on-site investigation at Upbit is underway.  Upbit was previosuly targeted by… The post Upbit uncovers private key vulnerability after $30M hack appeared on BitcoinEthereumNews.com. South Korean crypto exchange Upbit says that there is “no excuse” for the “inadequate security management” that has led to a serious private key vulnerability on its platform. Oh Kyung-seok, the CEO of Upbit’s parent company, Dunamu, issued a statement today that claimed the vulnerability, which could allow would-be hackers to guess another user’s private keys, was discovered during its analysis of public Upbit wallet transactions on the blockchain. Translated from Korean using DeepL, Oh apologized for the 44.5 billion Won ($30 million) theft from the firm’s Solana hot wallet, saying, “This intrusion incident resulted from inadequate security management at Upbit, and there is no excuse for this.” Upbit says attackers might have inferred private keys by analyzing user wallet address patterns. If true, I doubt anyone other than North Korean hackers (Lazarus) could do this. pic.twitter.com/cS4I8okrVb — Ki Young Ju (@ki_young_ju) November 28, 2025 CryptoQuant CEO Ki Young Ju thinks Lazarus might be the culprit of Upbit’s hack. Read more: The solution to crypto’s Lazarus problem could be simpler than expected The CEO revealed that 38.6 billion Won ($26.2 million) consisted of “member losses” and that 2.3 billion Won was frozen. Oh also claimed that the other 5.9 billion Won ($4 million) was made up of company losses.  Oh’s statement claims that Upbit was able to address the private key estimation vulnerability and also fully reimburse user losses with Upbit’s remaining reserves. “To protect member assets, Upbit has suspended digital asset deposits and withdrawals, is tracking digital assets moved outside of Upbit, and is taking freezing measures,” it claimed.  Lazarus suspected of private key exploit South Korean news outlet Yonhap News reported that authorities suspect the hack was the result of North Korea’s Lazarus Group, and that an on-site investigation at Upbit is underway.  Upbit was previosuly targeted by…

Upbit uncovers private key vulnerability after $30M hack

Author: BitcoinEthereumNews
Source: BitcoinEthereumNews
2025/11/28 21:24
3 min read
PUBLIC
PUBLIC$0,01536--%
Ambire Wallet
WALLET$0,00999+2,35%
Holo Token
HOT$0,0004492+2,27%
ANyONe Protocol
ANYONE$0,1178+3,51%
Moonveil
MORE$0,0001295-12,20%
For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com

South Korean crypto exchange Upbit says that there is “no excuse” for the “inadequate security management” that has led to a serious private key vulnerability on its platform.

Oh Kyung-seok, the CEO of Upbit’s parent company, Dunamu, issued a statement today that claimed the vulnerability, which could allow would-be hackers to guess another user’s private keys, was discovered during its analysis of public Upbit wallet transactions on the blockchain.

Translated from Korean using DeepL, Oh apologized for the 44.5 billion Won ($30 million) theft from the firm’s Solana hot wallet, saying, “This intrusion incident resulted from inadequate security management at Upbit, and there is no excuse for this.”

CryptoQuant CEO Ki Young Ju thinks Lazarus might be the culprit of Upbit’s hack.

Read more: The solution to crypto’s Lazarus problem could be simpler than expected

The CEO revealed that 38.6 billion Won ($26.2 million) consisted of “member losses” and that 2.3 billion Won was frozen. Oh also claimed that the other 5.9 billion Won ($4 million) was made up of company losses. 

Oh’s statement claims that Upbit was able to address the private key estimation vulnerability and also fully reimburse user losses with Upbit’s remaining reserves.

“To protect member assets, Upbit has suspended digital asset deposits and withdrawals, is tracking digital assets moved outside of Upbit, and is taking freezing measures,” it claimed. 

Lazarus suspected of private key exploit

South Korean news outlet Yonhap News reported that authorities suspect the hack was the result of North Korea’s Lazarus Group, and that an on-site investigation at Upbit is underway. 

Upbit was previosuly targeted by the group six years ago when it stole $50 million worth of ether in 2019. 

The crypto exchange said today that “Upbit has consistently strived to safeguard member assets, but this incident has once again made us realize that there is no such thing as perfect security preparedness.”

Read more: OpenAI, CoinTracker user data leaked after third-party hacked via SMS

Crypto security firm CertiK has warned in a report this year about the potential for hackers to predict, or even reconstruct, the private keys of crypto wallets. 

It highlights how the private key generator Profanity could be exploited via a brute force attack, and was likely the source of a private key leak that led to the $160 million hack of the market maker Wintermute.  

Because Profanity’s address generator only has “2^32 possible initial key pairs and each iteration is reversible, attackers could recover any Profanity-generated private key from its corresponding public key,” CertiK claimed.

Got a tip? Send us an email securely via Protos Leaks. For more informed news, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.

Source: https://protos.com/upbit-uncovers-private-key-vulnerability-after-30m-hack/

Market Opportunity
PUBLIC Logo
PUBLIC Price(PUBLIC)
$0,01536
$0,01536$0,01536
-0,06%
USD
PUBLIC (PUBLIC) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

Pundit: Every XRP Holder Needs to Understand What’s Happening Right Now

Pundit: Every XRP Holder Needs to Understand What’s Happening Right Now

Rising geopolitical tension often exposes the hidden cracks in global finance, and few regions demonstrate this more clearly than the Strait of Hormuz. As a critical
Share
Timestabloid2026/03/24 04:05
US Dollar and Oil fall as Trump signals Iran de-escalation

US Dollar and Oil fall as Trump signals Iran de-escalation

The post US Dollar and Oil fall as Trump signals Iran de-escalation appeared on BitcoinEthereumNews.com. Here is what you need to know for Tuesday, March 24: The
Share
BitcoinEthereumNews2026/03/24 04:06
Adoption Leads Traders to Snorter Token

Adoption Leads Traders to Snorter Token

The post Adoption Leads Traders to Snorter Token appeared on BitcoinEthereumNews.com. Largest Bank in Spain Launches Crypto Service: Adoption Leads Traders to Snorter Token Sign Up for Our Newsletter! For updates and exclusive offers enter your email. Leah is a British journalist with a BA in Journalism, Media, and Communications and nearly a decade of content writing experience. Over the last four years, her focus has primarily been on Web3 technologies, driven by her genuine enthusiasm for decentralization and the latest technological advancements. She has contributed to leading crypto and NFT publications – Cointelegraph, Coinbound, Crypto News, NFT Plazas, Bitcolumnist, Techreport, and NFT Lately – which has elevated her to a senior role in crypto journalism. Whether crafting breaking news or in-depth reviews, she strives to engage her readers with the latest insights and information. Her articles often span the hottest cryptos, exchanges, and evolving regulations. As part of her ploy to attract crypto newbies into Web3, she explains even the most complex topics in an easily understandable and engaging way. Further underscoring her dynamic journalism background, she has written for various sectors, including software testing (TEST Magazine), travel (Travel Off Path), and music (Mixmag). When she’s not deep into a crypto rabbit hole, she’s probably island-hopping (with the Galapagos and Hainan being her go-to’s). Or perhaps sketching chalk pencil drawings while listening to the Pixies, her all-time favorite band. This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Center or Cookie Policy. I Agree Source: https://bitcoinist.com/banco-santander-and-snorter-token-crypto-services/
Share
BitcoinEthereumNews2025/09/17 23:45