Highlights: Upbit has uncovered a critical wallet flaw enabling private key exposure during an emergency investigation. The exchange confirmed $30 million in total losses, with $26 million affecting customer holdings. Security overhaul and law enforcement cooperation continue as Upbit pledges full compensation. Upbit CEO Oh Kyung-seok announced today that the exchange had discovered and patched a critical weakness in its internal wallet system. The discovery was made in an emergency audit after irregular Solana wallet outflows on November 27. The audit found that the system created weak signature patterns that might allow attackers to recreate the private keys through the on-chain data. Under normal situations, blockchain transactions do not reveal any private keys. However, the wallet implementation of Upbit generated predictable signature data, which enabled a mathematical loophole. Although the company has not verified whether this vulnerability was the direct cause of the hack, it admitted that the problem occurred during the post-incident investigation. On November 27, Upbit halted deposits and withdrawals following the identification of suspicious activity. The firm launched a company-wide emergency response by locking down affected systems and starting a complete audit of wallet infrastructure. Efforts aimed at the prevention of additional leaks and the protection of user funds. UPBIT AUDIT FINDS INTERNAL WALLET FLAW THAT COULD EXPOSE PRIVATE KEYS Upbit says its emergency investigation into the recent $30 million hack uncovered a critical internal wallet vulnerability that may have allowed attackers to derive private keys. The discovery raises major… pic.twitter.com/jeRSyUamxW — Crypto Town Hall (@Crypto_TownHall) November 28, 2025 Losses, Recovery, and Customer Compensation The firm reported losses amounting to 44.5 billion KRW, or approximately $30 million. Users accounted for about 38.6 billion KRW, and the company reserves were 5.9 billion KRW. Upbit reassured the customers that it had paid all the customer losses out of its own funds. The exchange successfully froze 2.3 billion KRW worth of stolen funds within hours of the breach with the assistance of its partners. It also moved the rest of the funds to cold storage wallets to ensure greater security. Solana-based tokens such as SOL, ORCA, RAY, and JUP were affected. CEO Oh Kyung-seok noted that the breach was caused by a failure of security management. He, however, apologized and highlighted that Upbit would provide complete transparency in the recovery process. He further emphasized that the exchange would not spare its resources to strengthen its security systems in the future. The critical wallet vulnerability could have jeopardized previous wallet transactions. Although the vulnerability was not directly related to the theft of $30 million, its discovery was a concern regarding internal cryptography activities. The exchange is currently redesigning its key management infrastructure. Security Upgrades Underway Amid Corporate Changes Upbit is still improving its systems and has suspended its transactions until security is fully verified. There is currently a broader audit to check wallet logic, key generation, and transaction signature methods. Moreover, the exchange is collaborating with law enforcement to trace and recover lost assets. According to reports, the breach could be attributed to the Lazarus Group of North Korea, but an official attribution has not been made. Upbit is actively collaborating with blockchain companies to trace the flow of the stolen money through chains. BREAKING: North Korea’s Lazarus Group is suspected to be behind the $30 million hack on South Korea’s Upbit exchange. This marks yet another attack by the notorious hacking group, which has now stolen over $6 BILLION in cryptocurrency since 2017 In 2025 alone, Lazarus has… https://t.co/bF3KqLmaQz pic.twitter.com/uMnY1dKfQj — Budhil Vyas (@BudhilVyas) November 28, 2025 The incident came a day following the internet giant Naver’s acquisition of the parent company of Upbit, Dunamu, through a share-swap merger. The acquisition subjects the firm to further scrutiny as it gears up for a public listing. Meanwhile, Naver Financial plans to introduce a stablecoin wallet next month in Busan. The company has committed to providing frequent updates and completing its overhaul before it reopens the platform. Upbit’s uncovering of a critical wallet flaw marks a turning point for the firm, strengthening the need to enhance the security of wallets throughout the exchange. eToro Platform Best Crypto Exchange Over 90 top cryptos to trade Regulated by top-tier entities User-friendly trading app 30+ million users 9.9 Visit eToro eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong. Highlights: Upbit has uncovered a critical wallet flaw enabling private key exposure during an emergency investigation. The exchange confirmed $30 million in total losses, with $26 million affecting customer holdings. Security overhaul and law enforcement cooperation continue as Upbit pledges full compensation. Upbit CEO Oh Kyung-seok announced today that the exchange had discovered and patched a critical weakness in its internal wallet system. The discovery was made in an emergency audit after irregular Solana wallet outflows on November 27. The audit found that the system created weak signature patterns that might allow attackers to recreate the private keys through the on-chain data. Under normal situations, blockchain transactions do not reveal any private keys. However, the wallet implementation of Upbit generated predictable signature data, which enabled a mathematical loophole. Although the company has not verified whether this vulnerability was the direct cause of the hack, it admitted that the problem occurred during the post-incident investigation. On November 27, Upbit halted deposits and withdrawals following the identification of suspicious activity. The firm launched a company-wide emergency response by locking down affected systems and starting a complete audit of wallet infrastructure. Efforts aimed at the prevention of additional leaks and the protection of user funds. UPBIT AUDIT FINDS INTERNAL WALLET FLAW THAT COULD EXPOSE PRIVATE KEYS Upbit says its emergency investigation into the recent $30 million hack uncovered a critical internal wallet vulnerability that may have allowed attackers to derive private keys. The discovery raises major… pic.twitter.com/jeRSyUamxW — Crypto Town Hall (@Crypto_TownHall) November 28, 2025 Losses, Recovery, and Customer Compensation The firm reported losses amounting to 44.5 billion KRW, or approximately $30 million. Users accounted for about 38.6 billion KRW, and the company reserves were 5.9 billion KRW. Upbit reassured the customers that it had paid all the customer losses out of its own funds. The exchange successfully froze 2.3 billion KRW worth of stolen funds within hours of the breach with the assistance of its partners. It also moved the rest of the funds to cold storage wallets to ensure greater security. Solana-based tokens such as SOL, ORCA, RAY, and JUP were affected. CEO Oh Kyung-seok noted that the breach was caused by a failure of security management. He, however, apologized and highlighted that Upbit would provide complete transparency in the recovery process. He further emphasized that the exchange would not spare its resources to strengthen its security systems in the future. The critical wallet vulnerability could have jeopardized previous wallet transactions. Although the vulnerability was not directly related to the theft of $30 million, its discovery was a concern regarding internal cryptography activities. The exchange is currently redesigning its key management infrastructure. Security Upgrades Underway Amid Corporate Changes Upbit is still improving its systems and has suspended its transactions until security is fully verified. There is currently a broader audit to check wallet logic, key generation, and transaction signature methods. Moreover, the exchange is collaborating with law enforcement to trace and recover lost assets. According to reports, the breach could be attributed to the Lazarus Group of North Korea, but an official attribution has not been made. Upbit is actively collaborating with blockchain companies to trace the flow of the stolen money through chains. BREAKING: North Korea’s Lazarus Group is suspected to be behind the $30 million hack on South Korea’s Upbit exchange. This marks yet another attack by the notorious hacking group, which has now stolen over $6 BILLION in cryptocurrency since 2017 In 2025 alone, Lazarus has… https://t.co/bF3KqLmaQz pic.twitter.com/uMnY1dKfQj — Budhil Vyas (@BudhilVyas) November 28, 2025 The incident came a day following the internet giant Naver’s acquisition of the parent company of Upbit, Dunamu, through a share-swap merger. The acquisition subjects the firm to further scrutiny as it gears up for a public listing. Meanwhile, Naver Financial plans to introduce a stablecoin wallet next month in Busan. The company has committed to providing frequent updates and completing its overhaul before it reopens the platform. Upbit’s uncovering of a critical wallet flaw marks a turning point for the firm, strengthening the need to enhance the security of wallets throughout the exchange. eToro Platform Best Crypto Exchange Over 90 top cryptos to trade Regulated by top-tier entities User-friendly trading app 30+ million users 9.9 Visit eToro eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.

Upbit Uncovers Critical Wallet Flaw Following $30M Security Breach

2025/11/29 00:36
4 min read
For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com

Highlights:

  • Upbit has uncovered a critical wallet flaw enabling private key exposure during an emergency investigation.
  • The exchange confirmed $30 million in total losses, with $26 million affecting customer holdings.
  • Security overhaul and law enforcement cooperation continue as Upbit pledges full compensation.

Upbit CEO Oh Kyung-seok announced today that the exchange had discovered and patched a critical weakness in its internal wallet system. The discovery was made in an emergency audit after irregular Solana wallet outflows on November 27. The audit found that the system created weak signature patterns that might allow attackers to recreate the private keys through the on-chain data.

Under normal situations, blockchain transactions do not reveal any private keys. However, the wallet implementation of Upbit generated predictable signature data, which enabled a mathematical loophole. Although the company has not verified whether this vulnerability was the direct cause of the hack, it admitted that the problem occurred during the post-incident investigation.

On November 27, Upbit halted deposits and withdrawals following the identification of suspicious activity. The firm launched a company-wide emergency response by locking down affected systems and starting a complete audit of wallet infrastructure. Efforts aimed at the prevention of additional leaks and the protection of user funds.

Losses, Recovery, and Customer Compensation

The firm reported losses amounting to 44.5 billion KRW, or approximately $30 million. Users accounted for about 38.6 billion KRW, and the company reserves were 5.9 billion KRW. Upbit reassured the customers that it had paid all the customer losses out of its own funds.

The exchange successfully froze 2.3 billion KRW worth of stolen funds within hours of the breach with the assistance of its partners. It also moved the rest of the funds to cold storage wallets to ensure greater security. Solana-based tokens such as SOL, ORCA, RAY, and JUP were affected.

CEO Oh Kyung-seok noted that the breach was caused by a failure of security management. He, however, apologized and highlighted that Upbit would provide complete transparency in the recovery process. He further emphasized that the exchange would not spare its resources to strengthen its security systems in the future.

The critical wallet vulnerability could have jeopardized previous wallet transactions. Although the vulnerability was not directly related to the theft of $30 million, its discovery was a concern regarding internal cryptography activities. The exchange is currently redesigning its key management infrastructure.

Security Upgrades Underway Amid Corporate Changes

Upbit is still improving its systems and has suspended its transactions until security is fully verified. There is currently a broader audit to check wallet logic, key generation, and transaction signature methods. Moreover, the exchange is collaborating with law enforcement to trace and recover lost assets.

According to reports, the breach could be attributed to the Lazarus Group of North Korea, but an official attribution has not been made. Upbit is actively collaborating with blockchain companies to trace the flow of the stolen money through chains.

The incident came a day following the internet giant Naver’s acquisition of the parent company of Upbit, Dunamu, through a share-swap merger. The acquisition subjects the firm to further scrutiny as it gears up for a public listing. Meanwhile, Naver Financial plans to introduce a stablecoin wallet next month in Busan.

The company has committed to providing frequent updates and completing its overhaul before it reopens the platform. Upbit’s uncovering of a critical wallet flaw marks a turning point for the firm, strengthening the need to enhance the security of wallets throughout the exchange.

eToro Platform

Best Crypto Exchange

  • Over 90 top cryptos to trade
  • Regulated by top-tier entities
  • User-friendly trading app
  • 30+ million users
9.9
Visit eToro

eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.

Market Opportunity
Notcoin Logo
Notcoin Price(NOT)
$0.0003796
$0.0003796$0.0003796
+0.02%
USD
Notcoin (NOT) Live Price Chart

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

The changing face of elder care in Malaysia — Sayed Mohammad Reza Yamani Sayed Umar

The changing face of elder care in Malaysia — Sayed Mohammad Reza Yamani Sayed Umar

JULY 10 — An elderly society is becoming increasingly prevalent in Malaysia at present. It is projected that the p...
Share
Malaymail2026/07/10 15:24
Not a loophole: Singapore AI export controls let China tap US AI legally

Not a loophole: Singapore AI export controls let China tap US AI legally

American AI technology is reaching Chinese tech giants through a route that US export controls were never designed to close: Singapore. The city-state sits outside
Share
The Cryptonomist2026/07/10 14:46
CME Group to launch Solana and XRP futures options in October

CME Group to launch Solana and XRP futures options in October

The post CME Group to launch Solana and XRP futures options in October appeared on BitcoinEthereumNews.com. CME Group is preparing to launch options on SOL and XRP futures next month, giving traders new ways to manage exposure to the two assets.  The contracts are set to go live on October 13, pending regulatory approval, and will come in both standard and micro sizes with expiries offered daily, monthly and quarterly. The new listings mark a major step for CME, which first brought bitcoin futures to market in 2017 and added ether contracts in 2021. Solana and XRP futures have quickly gained traction since their debut earlier this year. CME says more than 540,000 Solana contracts (worth about $22.3 billion), and 370,000 XRP contracts (worth $16.2 billion), have already been traded. Both products hit record trading activity and open interest in August. Market makers including Cumberland and FalconX plan to support the new contracts, arguing that institutional investors want hedging tools beyond bitcoin and ether. CME’s move also highlights the growing demand for regulated ways to access a broader set of digital assets. The launch, which still needs the green light from regulators, follows the end of XRP’s years-long legal fight with the US Securities and Exchange Commission. A federal court ruling in 2023 found that institutional sales of XRP violated securities laws, but programmatic exchange sales did not. The case officially closed in August 2025 after Ripple agreed to pay a $125 million fine, removing one of the biggest uncertainties hanging over the token. This is a developing story. This article was generated with the assistance of AI and reviewed by editor Jeffrey Albus before publication. Get the news in your inbox. Explore Blockworks newsletters: Source: https://blockworks.co/news/cme-group-solana-xrp-futures
Share
BitcoinEthereumNews2025/09/17 23:55

Activate to Enjoy Special Perks

Activate to Enjoy Special PerksActivate to Enjoy Special Perks

Access 0 fees, premium support, and loss coverage.