Signs Point to Inside Job in Upbit Crypto Exchange Hack, Says Commentator

Published at: Nov. 27, 2019

Following the theft of 342,000 Ether (ETH) ($50 million) from major South Korean crypto exchange Upbit, some commentators have suggested that the hack was actually an inside job.

As Cointelegraph contributor Joseph Young tweeted on Nov. 27:

“The ‘hacker’ timed when UPbit was making crypto transfers to its cold wallet (other alts like TRON, etc.). Hence, I think the probability of it being an inside job is higher than external breach.”

Hacker’s timing was advantageous

As Cointelegraph reported, the incident was confirmed in an official statement published earlier today, which read:

“At 1:06 PM on November 27, 2019, 342,000 ETH (approximately 58 billion won) were transferred from the Upbeat Ethereum Hot Wallet to an unknown wallet. Unknown wallet address is 0xa09871AEadF4994Ca12f5c0b6056BBd1d343c029.”

In its statement, the exchange emphasized that it deemed the 342,000 ETH transaction to be the only irregular transaction on the ledger, alluding to a number of other large-scale transfers that it said were related to the exchange moving assets between hot and cold storage wallets. 

As data published by large-scale crypto transaction tracker Whale Alert has revealed, the 342,000 ETH transaction was followed by a series of major transfers of Tron (TRX) and BitTorrent (BTT) tokens. 

While the ETH, TRX and BTT transactions were transferred to an unknown wallet, subsequent Stellar (XLM), OMG and EOS transfers were made from Upbit to crypto exchange Bittrex.

Screenshot of @whale_alert Twitter feed, Nov. 27. Source: @whale_alert

Taking Upbit’s statement about cold storage transfers at face value, Young has argued for the strong possibility than an exchange employee took advantage of the timing of the storage transfers to perpetrate the theft. 

Upbit today pledged to cover all user assets with corporate funds and exchange deposits and withdrawals will reportedly take at least two weeks to resume.

Markets react to exchange hack

Cryptocurrency markets have seemingly reacted to news of the incident, with Bitcoin (BTC) falling below $7,000 once again in an already fragile market climate.

Binance CEO Changpeng Zhao has tweeted that the exchange will “work with Upbit and other industry players to ensure any hacked funds that may make their way to Binance are immediately frozen.” 

As Cointelegraph previously reported, the theft of 14 billion won ($13 million) in cryptocurrency from major South Korean cryptocurrency exchange Bithumb was believed by executives to be the work of an insider.

Tags
Ethereum
Altcoin
Cryptocurrency Exchange
Hacks
South Korea
Crimes
Security
Related Posts
Korean Court Acquits Crypto Exchange Bithumb After Investor Filed Lawsuit Over $355K Hack
South Korean crypto exchange Bithumb has won a lawsuit in which an investor had sued the company for his loss of around $355,000 in an alleged hack. Local financial newspaper The Korea Economic Daily reported on the outcome on Dec. 24. According to the report, the investor — 30 year old civil servant Ahn Park — alleged he had been the victim of a hack of his Bithumb account on Nov. 30, 2017, which resulted in a loss of 400 million Korean won, or around $355,000. Within hours of making his won deposit, Mr. Park alleged an unidentified hacker had …
Ethereum / Dec. 26, 2018
Crypto Exchange Upbit Finishes Security Update in Response to 2019 Hack
Strengthening its walls after a hack in late 2019, South Korean crypto exchange Upbit has finished a security upgrade for the wallets on its exchange platform, restoring functionality once again. Upbit decided to update its defenses in response to an Ethereum (ETH) hack the exchange suffered in 2019, an Upbit representative confirmed to Cointelegraph in an email on Jan. 14, 2020, adding: “It is part of our effort to increase Upbit’s overall security since the Ethereum theft incident last November. Immediately following the incident, we suspended deposit/withdrawal services and transferred all crypto-assets to cold wallets. Since then, we’ve been revamping …
Ethereum / Jan. 15, 2020
Major Korean Crypto Exchange Bithumb Prosecuted for Failure to Protect User Data
South Korean crypto exchange Bithumb has been prosecuted for its alleged failure to take adequate measures to protect personal information, which was later presumably exploited by hackers to steal funds from the platform. The news was reported by Cointelegraph Japan on June 19. Prosecutors allege the data breach led directly to the second hack affecting the platform, in which almost $7 million in user funds was stolen. As Cointelegraph has previously reported, Bithumb first notified authorities of a major data breach in late June 2017, thought to have affected around 31,000 exchange user accounts. The data leak is believed to …
Altcoin / June 21, 2019
Japan: Crypto Exchange Coincheck Resumes NEM Trading Almost 10 Months After Major Hack
Recently re-opened Japanese crypto exchange Coincheck has announced it has resumed NEM (XEM) crypto token trading after a restructuring of its platform by external “security experts,” South Korean news outlet FNNews reports Nov. 13. In January of this year, Coincheck suffered an industry record-breaking hack when $534 million worth of NEM was stolen from its wallets. This latest development from Coincheck reveals the exchange has “joined the Japan Security Association and is “ready to renovate its image.” Alongside NEM trades, the platform has also opened support for Ethereum (ETH) and Lisk (LSK). Coincheck is quoted as saying that "technological safety …
Trading / Nov. 13, 2018
Report: Crypto-Related Fraud and Theft Resulted in $4.4B Loss in 2019
In 2019, the total volume of cryptocurrency-related fraud and theft resulted in losses worth $4.4 billion, according to CipherTrace’s report for the third quarter of 2019. In its “Cryptocurrency Anti-Money Laundering Report, 2019 Q3,” security research firm CipherTrace delved into the 120 most popular cryptocurrency exchanges’ compliance with Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements and analyzed patterns in crypto-related crimes. Decline in crypto crime volume and weak KYC standards Per the report, Q3 2019 saw a notable reduction in total cryptocurrency crimes as compared with previous quarters, and thus the lowest quarterly thefts and scams in two …
Bitcoin / Nov. 27, 2019