Leading South Korean cryptocurrency exchange Upbit announced on November 27 that it experienced a significant hack, resulting in losses estimated at 44.5 billion Korean Won, equivalent to approximately $30 million USD. This breach was characterized as an “abnormal withdrawal situation,” as detailed in a notice posted on Upbit”s website in Korean.
The majority of the stolen assets were Solana-based tokens, specifically including BONK, JUP, PENGU, PYTH, and Solana itself. Other cryptocurrencies involved in the incident included TRUMP and USDC. In response to the security breach, Upbit has temporarily frozen all deposits and withdrawals to prevent any further theft while it assesses the full impact of the hack. Trading continues as usual, but the suspension of deposits and withdrawals remains in effect.
This incident is not the first for Upbit; a similar event occurred exactly six years prior, on November 27, 2019, when the exchange lost over $51 million in Ethereum. At that time, Upbit informed users that deposits and withdrawals would resume in about two weeks, but actual resumption did not occur until January 13, 2020, nearly seven weeks later. The previous hack was linked to the notorious North Korean hacking group, Lazarus Group, and there are suspicions that they may also be behind the most recent breach.
The timing of this hack is particularly unfortunate, as Upbit recently announced a merger with Naver Financial and is preparing for an initial public offering (IPO) on the Nasdaq stock exchange. While the scale of this breach is relatively smaller compared to the past, it raises concerns among investors and emphasizes the need for enhanced security measures to prevent more severe vulnerabilities in the future.
In their official notice, Upbit assured users that all affected individuals would be reimbursed and expressed regret over the incident. The exchange is actively cooperating with law enforcement to track and recover the stolen funds. Upbit has pledged to provide updates regarding the resumption of deposits and withdrawals only after ensuring that safety protocols are firmly in place.
The repeated hacks of Upbit, along with breaches at other major exchanges like Coinbase and Bybit, underscore the vulnerability of centralized exchanges, which remain prime targets for cybercriminals due to the substantial amounts of cryptocurrency they hold. For this reason, it is advisable for investors to consider self-custody options for their digital assets. By using self-custody wallets, like Best Wallet, investors can retain control over their cryptocurrencies, allowing access at any time without relying on exchanges that can impose withdrawal restrictions following security incidents.
Best Wallet not only provides enhanced security features—such as Fireblocks integration, biometric authentication, and two-factor authentication—but also maintains robust functionality for users. It offers a range of services, including secure storage, fiat payments, cross-chain swaps, portfolio management, staking opportunities, and a token launchpad. Experts in the field suggest that Best Wallet could emerge as one of the leading self-custody solutions in the coming years.
