Upbit Hack: Stolen ETH Worth Millions on the Move to Unknown Wallets
One of the addresses involved in last week’s theft from South Korean crypto exchange Upbit has successfully moved 10,000 Ether (~$1.5 million) to an unknown wallet.
The transaction was preceded by a smaller transfer — of 1,001 ETH, worth roughly $150,000 — five minutes earlier, from the same address.
Transactions flagged on Etherscan
The theft occurred at a time when the exchange was allegedly moving assets between hot and cold storage facilities, leading some to speculate that the incident may have been an inside job rather than an external breach.
Industry members — including Binance CEO Changpeng Zhao — had immediately pledged to ensure that the stolen funds would not be transacted via their platforms.
Today’s transfers have been flagged as associated with the “Upbit Hack,” but — as direct wallet-to-wallet transfers — were successfully confirmed on the network.
Transactions screenshot, Dec. 3. Source: EtherScan
Upbit has pledged to reimburse affected users
Since the theft, Upbit’s operator has promised to compensate all stolen funds from their corporate funds.
The exchange is one of the four largest platforms in South Korea — alongside Korbit, Bithumb and Coinone — and was the only major domestic platform to post a profit in 2018.
It is a member of the Korean Blockchain Association, a domestic alliance comprised of 14 crypto trading platforms. Members are committed to meeting five key requirements, including managing clients’ coins separately from their own, holding minimum equity of 2 billion won ($1.8 million), and publishing regular audit and financial reports.
In January 2018, South Korea’s top four exchanges created a hotline for major exchanges to ensure suspicious transactions could be detected and frozen immediately after being disclosed.