UpBit Promises Swift Reimbursement, Theories Over Missing Funds Swell

On Nov. 27, major South Korean cryptocurrency exchange UpBit announced that 342,000 Ether, accounting for roughly $50 million, were stolen from its hot wallet earlier that day.

UpBit is the second "Big Four" exchange in the country to experience a major security breach this year.

Upbit is one of the largest cryptocurrency exchanges in South Korea and the only major domestic platform to post a profit in 2018.

UpBit has been widely considered a safe and compliant exchange overall.

UpBit has seemingly put a lot of effort into security measures.

Upbit is a member of the Korean Blockchain Association - a domestic alliance comprised of 14 crypto trading platforms - which published a self-regulatory framework for its members to boost trading transparency in April 2018.

Finally, in January 2018, UpBit partook in creating a special hotline for domestic exchanges that aims to ensure suspicious transactions being detected and frozen immediately after disclosure.

"The 'hacker' timed when UPbit was making crypto transfers to its cold wallet. Hence, I think the probability of it being an inside job is higher than external breach."

"The biggest thing that points to it not being an inside job is how the transactions were generated and signed. UPbit seems to follow a certain method with their programmatic transactions, and the 'hack' transaction in question used a different method. In addition, UPbit manually signed a transaction to secure their remaining ETH, after discovering the hack, and this too was generated differently than the 'hack' transaction."

Monahan also commended Upbit on how they have been handling the aftermath, but criticized the exchange's languid use of cold storage, "If UPbit utilized cold storage more regularly and limited the value held by their hot wallet, the loss could have been minimized."