Regulators are presently looking into Upbit, the biggest cryptocurrency exchange in South Korea, after verifying a significant attack on the Solana network that cost over $36.9 million.
Over 20 tokens were impacted by the action, leading to a general asset freeze on the platform while the inquiry continues.
Upbit hack details
Upbit announced on Thursday, November 27, that many tokens had been moved to an unidentified external wallet, characterising the move as “abnormal withdrawal activity.”
The incident happened a few days prior to the sixth anniversary of the exchange’s massive 2019 hack, in which North Korean hackers stole 342,000 ETH.
Also Read: Upbit Announces $CYBER Korean Won And USDT Trading Pairs Listing Driving A 78% Surge in Price
Oh Kyung-seok, CEO of Upbit operator Dunamu, stated that the exchange stopped operations as soon as it became aware of the behaviour.
“Upbit immediately suspended deposit/withdrawal services and conducted a comprehensive inspection, prioritising the protection of member assets,” he said
The affected tokens
According to Upbit’s release, the impacted tokens include SOL, 2Z, ACS, BONK, DOOD, DRIFT, HUMA, IO, JTO, JUP, LAYER, ME, MEW, MOODENG, ORCA, PENGU, PYTH, RAY, RENDER, SONIC, SOON, TRUMP, USDC, and W.
It stated that the network has successfully frozen $8.18 million worth of LAYER tokens and relocated all assets to a secure cold wallet to stop future assaults.
According to Upbit, it will collaborate with authorities and initiatives to freeze the remaining stolen assets.
The platform guaranteed that users would not suffer any personal losses and said that it would utilise its reserve assets to make up for damages to user assets.
Upbit has not yet revealed the attack’s specifics or the access point.
The road ahead
The business took swift action to shut down its infrastructure. It initiated an immediate security evaluation of the impacted network and wallet infrastructure and moved all assets to secure cold wallets to stop more illegal transfers.
Law enforcement and regulators are expected to be called in if the crisis worsens. Additionally, while it pursues efforts to freeze and retrieve monies connected to the event, the exchange is getting ready to work with investigating authorities.
However, the security scan might not be restricted to Solana. According to Upbit, it is carrying out a “comprehensive review of the stability and security of the entire digital asset deposit/withdrawal system, not just the Solana network,” and if it is happy with the findings, it will gradually restart deposits and withdrawals.
Yesterday, the merger of Dunamu (the company behind Upbit) with Naver Financial, the fintech branch of the massive South Korean IT company Naver, took place.
Coming back to the attack, Upbit reiterated its regret for the disturbance and requested customers to submit any suspicious or verified information about the withdrawals to its customer care staff.