Highlights: Upbit has uncovered a critical wallet flaw enabling private key exposure during an emergency investigation. The exchange confirmed $30 million in total losses, with $26 million affecting customer holdings. Security overhaul and law enforcement cooperation continue as Upbit pledges full compensation. Upbit CEO Oh Kyung-seok announced today that the exchange had discovered and patched a critical weakness in its internal wallet system. The discovery was made in an emergency audit after irregular Solana wallet outflows on November 27. The audit found that the system created weak signature patterns that might allow attackers to recreate the private keys through the on-chain data. Under normal situations, blockchain transactions do not reveal any private keys. However, the wallet implementation of Upbit generated predictable signature data, which enabled a mathematical loophole. Although the company has not verified whether this vulnerability was the direct cause of the hack, it admitted that the problem occurred during the post-incident investigation. On November 27, Upbit halted deposits and withdrawals following the identification of suspicious activity. The firm launched a company-wide emergency response by locking down affected systems and starting a complete audit of wallet infrastructure. Efforts aimed at the prevention of additional leaks and the protection of user funds. UPBIT AUDIT FINDS INTERNAL WALLET FLAW THAT COULD EXPOSE PRIVATE KEYS Upbit says its emergency investigation into the recent $30 million hack uncovered a critical internal wallet vulnerability that may have allowed attackers to derive private keys. The discovery raises major… pic.twitter.com/jeRSyUamxW — Crypto Town Hall (@Crypto_TownHall) November 28, 2025 Losses, Recovery, and Customer Compensation The firm reported losses amounting to 44.5 billion KRW, or approximately $30 million. Users accounted for about 38.6 billion KRW, and the company reserves were 5.9 billion KRW. Upbit reassured the customers that it had paid all the customer losses out of its own funds. The exchange successfully froze 2.3 billion KRW worth of stolen funds within hours of the breach with the assistance of its partners. It also moved the rest of the funds to cold storage wallets to ensure greater security. Solana-based tokens such as SOL, ORCA, RAY, and JUP were affected. CEO Oh Kyung-seok noted that the breach was caused by a failure of security management. He, however, apologized and highlighted that Upbit would provide complete transparency in the recovery process. He further emphasized that the exchange would not spare its resources to strengthen its security systems in the future. The critical wallet vulnerability could have jeopardized previous wallet transactions. Although the vulnerability was not directly related to the theft of $30 million, its discovery was a concern regarding internal cryptography activities. The exchange is currently redesigning its key management infrastructure. Security Upgrades Underway Amid Corporate Changes Upbit is still improving its systems and has suspended its transactions until security is fully verified. There is currently a broader audit to check wallet logic, key generation, and transaction signature methods. Moreover, the exchange is collaborating with law enforcement to trace and recover lost assets. According to reports, the breach could be attributed to the Lazarus Group of North Korea, but an official attribution has not been made. Upbit is actively collaborating with blockchain companies to trace the flow of the stolen money through chains. BREAKING: North Korea’s Lazarus Group is suspected to be behind the $30 million hack on South Korea’s Upbit exchange. This marks yet another attack by the notorious hacking group, which has now stolen over $6 BILLION in cryptocurrency since 2017 In 2025 alone, Lazarus has… https://t.co/bF3KqLmaQz pic.twitter.com/uMnY1dKfQj — Budhil Vyas (@BudhilVyas) November 28, 2025 The incident came a day following the internet giant Naver’s acquisition of the parent company of Upbit, Dunamu, through a share-swap merger. The acquisition subjects the firm to further scrutiny as it gears up for a public listing. Meanwhile, Naver Financial plans to introduce a stablecoin wallet next month in Busan. The company has committed to providing frequent updates and completing its overhaul before it reopens the platform. Upbit’s uncovering of a critical wallet flaw marks a turning point for the firm, strengthening the need to enhance the security of wallets throughout the exchange. eToro Platform Best Crypto Exchange Over 90 top cryptos to trade Regulated by top-tier entities User-friendly trading app 30+ million users 9.9 Visit eToro eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong. Highlights: Upbit has uncovered a critical wallet flaw enabling private key exposure during an emergency investigation. The exchange confirmed $30 million in total losses, with $26 million affecting customer holdings. Security overhaul and law enforcement cooperation continue as Upbit pledges full compensation. Upbit CEO Oh Kyung-seok announced today that the exchange had discovered and patched a critical weakness in its internal wallet system. The discovery was made in an emergency audit after irregular Solana wallet outflows on November 27. The audit found that the system created weak signature patterns that might allow attackers to recreate the private keys through the on-chain data. Under normal situations, blockchain transactions do not reveal any private keys. However, the wallet implementation of Upbit generated predictable signature data, which enabled a mathematical loophole. Although the company has not verified whether this vulnerability was the direct cause of the hack, it admitted that the problem occurred during the post-incident investigation. On November 27, Upbit halted deposits and withdrawals following the identification of suspicious activity. The firm launched a company-wide emergency response by locking down affected systems and starting a complete audit of wallet infrastructure. Efforts aimed at the prevention of additional leaks and the protection of user funds. UPBIT AUDIT FINDS INTERNAL WALLET FLAW THAT COULD EXPOSE PRIVATE KEYS Upbit says its emergency investigation into the recent $30 million hack uncovered a critical internal wallet vulnerability that may have allowed attackers to derive private keys. The discovery raises major… pic.twitter.com/jeRSyUamxW — Crypto Town Hall (@Crypto_TownHall) November 28, 2025 Losses, Recovery, and Customer Compensation The firm reported losses amounting to 44.5 billion KRW, or approximately $30 million. Users accounted for about 38.6 billion KRW, and the company reserves were 5.9 billion KRW. Upbit reassured the customers that it had paid all the customer losses out of its own funds. The exchange successfully froze 2.3 billion KRW worth of stolen funds within hours of the breach with the assistance of its partners. It also moved the rest of the funds to cold storage wallets to ensure greater security. Solana-based tokens such as SOL, ORCA, RAY, and JUP were affected. CEO Oh Kyung-seok noted that the breach was caused by a failure of security management. He, however, apologized and highlighted that Upbit would provide complete transparency in the recovery process. He further emphasized that the exchange would not spare its resources to strengthen its security systems in the future. The critical wallet vulnerability could have jeopardized previous wallet transactions. Although the vulnerability was not directly related to the theft of $30 million, its discovery was a concern regarding internal cryptography activities. The exchange is currently redesigning its key management infrastructure. Security Upgrades Underway Amid Corporate Changes Upbit is still improving its systems and has suspended its transactions until security is fully verified. There is currently a broader audit to check wallet logic, key generation, and transaction signature methods. Moreover, the exchange is collaborating with law enforcement to trace and recover lost assets. According to reports, the breach could be attributed to the Lazarus Group of North Korea, but an official attribution has not been made. Upbit is actively collaborating with blockchain companies to trace the flow of the stolen money through chains. BREAKING: North Korea’s Lazarus Group is suspected to be behind the $30 million hack on South Korea’s Upbit exchange. This marks yet another attack by the notorious hacking group, which has now stolen over $6 BILLION in cryptocurrency since 2017 In 2025 alone, Lazarus has… https://t.co/bF3KqLmaQz pic.twitter.com/uMnY1dKfQj — Budhil Vyas (@BudhilVyas) November 28, 2025 The incident came a day following the internet giant Naver’s acquisition of the parent company of Upbit, Dunamu, through a share-swap merger. The acquisition subjects the firm to further scrutiny as it gears up for a public listing. Meanwhile, Naver Financial plans to introduce a stablecoin wallet next month in Busan. The company has committed to providing frequent updates and completing its overhaul before it reopens the platform. Upbit’s uncovering of a critical wallet flaw marks a turning point for the firm, strengthening the need to enhance the security of wallets throughout the exchange. eToro Platform Best Crypto Exchange Over 90 top cryptos to trade Regulated by top-tier entities User-friendly trading app 30+ million users 9.9 Visit eToro eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.