Upbit, South Korea’s largest crypto exchange, will resume deposits and withdrawals on December 1 at 1:00 PM KST following a major security incident that saw roughly $37 million in Solana-based tokens stolen. In its updated notice, the exchange said all previous deposit addresses have been permanently deleted as part of a security overhaul.
Users must now generate new addresses before making transfers, with Upbit warning that funds sent to old addresses may face delays.
The November 27 breach drained SOL, USDC and BONK from Upbit’s hot wallets. Investigators suspect North Korea’s Lazarus Group, noting that the attack closely mirrors malware-driven intrusions linked to the group.
Evidence suggests the attackers may have hijacked an administrator account rather than exploited server vulnerabilities.
Upbit responded by freezing assets, halting all transfers and moving funds to cold storage. Analysts say the attackers used multi-stage malware involving fake installers, Python and .NET tools, AnyDesk and Tor to extract passwords and wallet data while remaining undetected.
You need to login in order to Like
Leave a comment