|
Title: Upbit hacked Post by: Baofeng on November 27, 2019, 11:01:30 AM Quote Here are the reasons for suspension of cryptocurrency deposit and withdrawal service and emergency server check. Posted on November 27, 2019 17:56 | Views 42988 I am Lee Seok-woo, CEO of Doo-myeon who operates Upbit. First of all, I apologize for any inconvenience this may cause to you. At 1:06 PM on November 27, 2019, 342,000 ETH (approximately 58 billion won) were transferred from the Upbeat Ethereum Hot Wallet to an unknown wallet. Unknown wallet address is 0xa09871AEadF4994Ca12f5c0b6056BBd1d343c029 As soon as we confirmed this, we started responding. Upbeat responds as follows to protect members' assets. To ensure that your assets are harmed, 342,000 ETH transferred to unknown wallets will be covered by upbit assets. We're working on it, and I'll tell you as soon as I'm done. All cryptocurrencies in Hot Wallet have been transferred to Cold Wallet. It is estimated that it will take at least two weeks for the deposit and withdrawal to resume. I'll tell you again when this is done. Ethereum is the only trade out of the bulk transactions, and the rest of the bulk trades have moved all cryptocurrencies in Hot Wallet to Cold Wallet. If there are any other changes, I will tell you again. Lastly, the exchange manager who handles cryptocurrency asks you to prevent deposits from the Ethereum address where the abnormal withdrawal has occurred. Please report to Upbit Customer Center. Report to Upbit Customer Center (open 24 hours) Representative of the cedar tree https://upbit.com/service_center/notice?id=1085 So it looks like we have another bad news in the market, as Upbit has officially admitted that they have lost 342,000 ETH (around < $50 million if my math is correct). So brace yourself for another downside because of this news. https://etherscan.io/address/0xa09871AEadF4994Ca12f5c0b6056BBd1d343c029 Title: Re: Upbit hacked Post by: Bttzed03 on November 27, 2019, 11:15:34 AM This is what happens when exchanges feel so confident with their internal security and keeping a lot of held assets in their hot wallet.
Funds are not safu on all centralized exchanges. I don't know how many times we should be reminded of this. It's good that Upbit has enough assets to cover the hacked amount. If it was others, they would have shutdown like what happened to Cryptopia. Title: Re: Upbit hacked Post by: gentlemand on November 27, 2019, 11:46:16 AM ANOTHER Korean hack? Do they all have DPRK agents embedded in them who siphon stuff off whenever the wallets are looking particularly healthy? My guess is that every exchange operator over there is permanently drunk.
Title: Re: Upbit hacked Post by: TGD on November 27, 2019, 11:51:46 AM A 50M$ worth of ETH will not gonna affect that much the whole crypto market since it will not be sold by the hacker in one time or else they might caught up.
The only scenario that I can see right now for that news, Is ETH will dump more due to FUD of this news even though there will be no massive dumping from the hacker. This might be the reason why BTC recently revisit the 6.9k level but already recover now. Title: Re: Upbit hacked Post by: Yaunfitda on November 27, 2019, 12:22:53 PM If my memory serves me right, this is not the first time that Upbit was hacked. Or it was targeted by the North Koreans in the past, so I'm sure they should have known better. Anyways, there are reports surfacing that there are some sort of Signs Point to Inside Job in Upbit Crypto Exchange Hack, Says Commentator (https://cointelegraph.com/news/signs-point-to-inside-job-in-upbit-crypto-exchange-hack-says-commentator).
https://twitter.com/iamjosephyoung/status/1199625442312908801?s=20 Quote The "hacker" timed when UPbit was making crypto transfers to its cold wallet (other alts like TRON, etc.) Hence, I think the probability of it being an inside job is higher than external breach. No details are certain for now. Will continue to update. Title: Re: Upbit hacked Post by: Palider on November 27, 2019, 02:44:09 PM This is bad news especially as it is a centralized exchange that should know what to do to further protect their protection against hackers.
So it is always the reminder of experts that we should not give full trust to centralize exchanges especially since it is prone to hacking incidents. Title: Re: Upbit hacked Post by: rosezionjohn on November 27, 2019, 03:49:32 PM That amount is no joke for any company, Upbit will have to shutdown sooner or later if these hacks keeps on happening to them. Another one of the many proofs that no system is safe.
It's nice to see etherscan have this https://i.ibb.co/XJcYC8g/Untitled.png A small way of helping inform the community who frequently use etherscan. It may also make it harder for the hacker to sell Title: Re: Upbit hacked Post by: milewilda on November 27, 2019, 04:13:18 PM This is what happens when exchanges feel so confident with their internal security and keeping a lot of held assets in their hot wallet. Funds are not safu on all centralized exchanges. I don't know how many times we should be reminded of this. It's good that Upbit has enough assets to cover the hacked amount. If it was others, they would have shutdown like what happened to Cryptopia. When i do hear out that SAFU thing, i do directly think off about Binance.lol. Its odd that they do held off that big amount on a hotwallet yet we know that majority of top tier exchangers would really keep big allocation of entire balance on an offline. Good thing that they would cover the hacked amount. Does anyone have any thoughts about for this to be an inside job? Title: Re: Upbit hacked Post by: stompix on November 27, 2019, 05:45:39 PM Oh, so this caused the dip in the morning?
ANOTHER Korean hack? Do they all have DPRK agents embedded in them who siphon stuff off whenever the wallets are looking particularly healthy? My guess is that every exchange operator over there is permanently drunk. Hahaha: Quote In December 2018, Upbit became the first cryptocurrency exchange in the world to receive certifications from the Korea Internet and Security Agency for Information Security Management System (ISMS)[citation needed] and the International Organization for Standardization (ISO) for information security (ISO 27001), cloud security (ISO 27017) and cloud privacy (ISO 27018).[9] So this was a certified for everything exchange and the first of it's kind. It took less than a year to lose 50 million (!?) And yet people are still keeping their funds in shadier and far smaller exchanges which have nowhere near the financial backing to repay the customers if a hack or a "hack" happens. When i do hear out that SAFU thing, i do directly think off about Binance.lol. I'm always thinking of this: https://www.youtube.com/watch?v=DelF6zEHXpE Title: Re: Upbit hacked Post by: PrimeNumber7 on November 27, 2019, 06:47:45 PM This is what happens when exchanges feel so confident with their internal security and keeping a lot of held assets in their hot wallet. I think they most probably are displaying fake volumes. I don’t know how much they have in cold storage but if the volume displayed is correct, they were holding about two days worth of trading volume in their hot wallet. At 0.002% commission, this works out to over three years of what they would earn in trading fees on ETH based pairs. If it was late 2017, it might make sense to have that much in their hot wallet, but not today with volume having declined as much as it did. Title: Re: Upbit hacked Post by: The Sceptical Chymist on November 27, 2019, 07:05:58 PM Quote To ensure that your assets are harmed I would LOL at this if it weren't so un-funny. That's a fuckton of ETH to just disappear in one fell swoop, and I'm probably not the only one who's suspicious about this--but we'll see what happens.Oh, so this caused the dip in the morning? Don't know if you're referring to ETH or bitcoin, but bitcoin jumped since last I checked it and is sitting above $7500 right now. I wouldn't expect any particular coin to be reacting to this hack and bitcoin in particular has proven to be resilient in the face of exchanges going kablooey.I think they most probably are displaying fake volumes. I don't know if that's true or false, but it wouldn't surprise me. I've heard lots of stories about exchanges, especially smaller ones, inflating their trading volume to make it look like they're way more successful than they actually are--or at least I'm assuming that's the reason for it. Anyway, this shit never ends. Either the security of these exchanges is really piss-poor or they're stealing their customers' funds and claiming they got hacked. I'll be very interested to see how this all plays out. Title: Re: Upbit hacked Post by: coupable on November 27, 2019, 10:02:38 PM I think they most probably are displaying fake volumes. Infortunetly, there is no way to prove this with 99% shitcoins in the Market. This lead to ask how centralised (regulated) exchanges are managed? What i mean in simple words is that a regulated company shouldn't face such a funny cases. I can't understand why/how they can't explain the fact. Something or someone who have access to the hot wallet keys should be the first suspect , when upbit is asking community to block the suspected address and help to find the stealer !Quote If you find out any information regarding to this suspicious transaction or the anonymous wallet, please report to us. So it is always the reminder of experts that we should not give full trust to centralize exchanges especially since it is prone to hacking incidents. Don't give full trust to anything, especially The Exchanges. Even those we called Decentralised .Title: Re: Upbit hacked Post by: PrimeNumber7 on November 27, 2019, 10:35:06 PM I think they most probably are displaying fake volumes. I don't know if that's true or false, but it wouldn't surprise me. I've heard lots of stories about exchanges, especially smaller ones, inflating their trading volume to make it look like they're way more successful than they actually are--or at least I'm assuming that's the reason for it. Anyway, this shit never ends. Either the security of these exchanges is really piss-poor or they're stealing their customers' funds and claiming they got hacked. I'll be very interested to see how this all plays out. One problem with saying that 'smaller exchanges' often inflate their volume is the exchanges who inflate their volume are trying to make their exchange appear to be larger than it really is, by a factor of sometimes thousands. I think they most probably are displaying fake volumes. Infortunetly, there is no way to prove this with 99% shitcoins in the Market. This is not the first time Upbit has been hacked, under suspicious circumstances. Title: Re: Upbit hacked Post by: 1Referee on November 27, 2019, 11:50:04 PM So it is always the reminder of experts that we should not give full trust to centralize exchanges especially since it is prone to hacking incidents. How many exchanges have been 'hacked' thus far? Too many to remember every individual exchange, that's for sure. It taught people absolutely nothing. Some don't want to take care of their own storage whatever the reason might be, and others purposely keep their coins on an exchange because they want to sell as fast as possible whenever they panic. This is far worse than "trusting" banks with your fiat. Right now people are "trusting" shady and incompetent exchange operators with their precious Bitcoins. On top of that, it's yet another Asian exchange. It can't be considered coincidence anymore. Asian exchanges are structurally flawed, and so are their operators. Title: Re: Upbit hacked Post by: Bttzed03 on November 28, 2019, 06:55:25 AM This is what happens when exchanges feel so confident with their internal security and keeping a lot of held assets in their hot wallet. I think they most probably are displaying fake volumes. I don’t know how much they have in cold storage but if the volume displayed is correct, they were holding about two days worth of trading volume in their hot wallet. At 0.002% commission, this works out to over three years of what they would earn in trading fees on ETH based pairs. If it was late 2017, it might make sense to have that much in their hot wallet, but not today with volume having declined as much as it did. When i do hear out that SAFU thing, i do directly think off about Binance.lol. Can't blame you ;DQuote Does anyone have any thoughts about for this to be an inside job? It could be. There is always that possibility. Title: Re: Upbit hacked Post by: stompix on November 28, 2019, 12:03:19 PM Oh, so this caused the dip in the morning? Don't know if you're referring to ETH or bitcoin, but bitcoin jumped since last I checked it and is sitting above $7500 right now. I wouldn't expect any particular coin to be reacting to this hack and bitcoin in particular has proven to be resilient in the face of exchanges going kablooey.In the morning (GMT+1 time) it dropped to 6878 and then a few hours later it jumped back above 7200 and to 7500 https://i.imgur.com/vn7tcwC.png Of course, it was a small one but it was also a small "hack" ;D Title: Re: Upbit hacked Post by: gentlemand on November 28, 2019, 01:16:08 PM https://ihodl.com/topnews/2019-11-28/stolen-ethers-upbit-are-being-transferred-huobi/
The ETH is off to Huobi according to that. How many instances of stolen crypto being frozen and returned by exchanges have there been? You rarely seem to hear much about it. Title: Re: Upbit hacked Post by: PrimeNumber7 on November 28, 2019, 04:42:00 PM https://ihodl.com/topnews/2019-11-28/stolen-ethers-upbit-are-being-transferred-huobi/ It is unusual for large amounts of stolen coin to get transferred to exchanges because hackers know the risk of the deposit being confiscated. The ETH is off to Huobi according to that. How many instances of stolen crypto being frozen and returned by exchanges have there been? You rarely seem to hear much about it. It is typical for hackers to send small amounts to various exchanges to see if they can successfully process a withdrawal, or to send stolen coin to various mixers in small batches if any exist. I believe the majority of coin stolen from large businesses in large heists ends up idol. Title: Re: Upbit hacked Post by: squatter on November 28, 2019, 05:45:47 PM https://ihodl.com/topnews/2019-11-28/stolen-ethers-upbit-are-being-transferred-huobi/ The ETH is off to Huobi according to that. How many instances of stolen crypto being frozen and returned by exchanges have there been? You rarely seem to hear much about it. Apparently, those were just small test transactions. The hacker sent some tiny deposits to both Huobi Global and Binance but as of a few hours ago (https://twitter.com/chiachih_wu/status/1200037929118294017): Quote 342k #ETH from #UpbitHack are split into multiple addresses. Fortunately, no large xfer into exchanges so far. I'd assume in many cases that the money is never returned. A lot probably depends on how quickly the attacker moves, since exchanges don't have the right to indefinitely freeze customer assets. That's why Binance says they'll only freeze funds for up to 24 hours (https://www.binance.com/en/support/articles/360000006051) -- by which time there must be a filed police report and law enforcement officials working with the exchange. After that, they release the funds. Smart hackers will immediately be moving the funds through false verified accounts to quickly wash the proceeds. The hack outputs will be publicly tagged, but any outputs laundered through other exchanges won't be. I think this is pretty tough to stop in real time, but the longer the hacker waits around and lets the money sit, the more worthless it becomes. Title: Re: Upbit hacked Post by: Lanatsa on November 28, 2019, 06:20:20 PM https://ihodl.com/topnews/2019-11-28/stolen-ethers-upbit-are-being-transferred-huobi/ Wondering on how much of those ETH being transferred on big exchangers would be held up. ;D Hacker is impatient too much and no matter how he do split up those coins it would really be still hot in the eyes of the community.The ETH is off to Huobi according to that. How many instances of stolen crypto being frozen and returned by exchanges have there been? You rarely seem to hear much about it. Title: Re: Upbit hacked Post by: bakasabo on November 28, 2019, 06:24:05 PM How will these 2 week pause on deposit/withdrawal will affect Upbit exchange? I guess people will run from it as soon as it will be possible.
These 342,000 ETH - are these users funds or this ethereum was just on the balance of the exchange? If first - is exchange planning to repay losses to users? Title: Re: Upbit hacked Post by: PrimeNumber7 on November 28, 2019, 06:34:21 PM How will these 2 week pause on deposit/withdrawal will affect Upbit exchange? I guess people will run from it as soon as it will be possible. I believe Upbit has said they are going to cover the losses out of their own money. Based on the high ratio of the value of the stolen coin to the estimated daily earnings of the exchange, I am suspicious of their ability to do this. These 342,000 ETH - are these users funds or this ethereum was just on the balance of the exchange? If first - is exchange planning to repay losses to users? I would consider it more likely they will use the two week delay to try to get their customers less interested in withdrawing ether in masse, and operate as an insolvent exchange until they can either earn their way out of the hole, seize coin from certain customers under shady circumstances, or somehow recover the coin. Title: Re: Upbit hacked Post by: stompix on November 28, 2019, 07:56:55 PM The ETH is off to Huobi according to that. How many instances of stolen crypto being frozen and returned by exchanges have there been? You rarely seem to hear much about it. I'd assume in many cases that the money is never returned. A lot probably depends on how quickly the attacker moves, since exchanges don't have the right to indefinitely freeze customer assets. That's why Binance says they'll only freeze funds for up to 24 hours (https://www.binance.com/en/support/articles/360000006051) -- by which time there must be a filed police report and law enforcement officials working with the exchange. After that, they release the funds.I always wonder is this situation if this ain't a double-edged sword. Of course, it's all nice that the funds are frozen and returned to the exchange but I can't shake the feeling we're toying around a Pandora's box that will ultimately lead to abuse, frozen assets and addresses and users tagged just because of a suspicion that funds from a hack might be in their possession. This is a world where everything can happen and is not beyond the realm of possibilities that small exchanges might claim hacks just so they could screw up some customers which they've lost anyhow. As for binance, it's just the usual theater play where they try to pose as the good guys knowing all too well they are full of hacked and stolen funds and the only reason a lot of people stick with them is the no KYC below 2 BTC limit. I believe Upbit has said they are going to cover the losses out of their own money. Based on the high ratio of the value of the stolen coin to the estimated daily earnings of the exchange, I am suspicious of their ability to do this. Upbit might not be able to reimburse, but the ones running it are. Their parent company is Kakao, and it was evaluated ar 10 billion before the merger, adding on top the new financial project and others, they would probably be close to 15b. 50 million is peanuts considering they are also running a bank, how would not be able to pay back deposits for them? Title: Re: Upbit hacked Post by: squatter on November 28, 2019, 10:52:00 PM If my memory serves me right, this is not the first time that Upbit was hacked. Or it was targeted by the North Koreans in the past, so I'm sure they should have known better. Anyways, there are reports surfacing that there are some sort of Signs Point to Inside Job in Upbit Crypto Exchange Hack, Says Commentator (https://cointelegraph.com/news/signs-point-to-inside-job-in-upbit-crypto-exchange-hack-says-commentator). https://twitter.com/iamjosephyoung/status/1199625442312908801?s=20 It's possible the attacker had previously compromised the hot wallets and was just waiting to maximize the booty. Upbit making cold storage transfers would have forced him to act. Young is arguing an employee took advantage of the timing, but I really don't understand how it would have helped. Title: Re: Upbit hacked Post by: joinfree on November 29, 2019, 06:48:12 AM It's yet another sad event that has occured in the crypto industry which is further going to frustrate prices of currencies for a while. I don't know why they had so much money on their hot wallet in the first place. I think other exchanges need to learn something from this series of hack that occurs in this space.
Does anybody knows whether the management team of Upbit has announced if they are going to refund users of their funds? Title: Re: Upbit hacked Post by: Baofeng on November 29, 2019, 11:35:16 PM Ok there's some movement already:
https://i.ibb.co/yyMfqjt/Screen-Shot-2019-11-30-at-7-33-29-AM.png (https://ibb.co/4TDmprz) https://twitter.com/chiachih_wu/status/1200336594022141952 So the hackers is breaking it up into smaller amount and it seems moving to HuobiGlobal according to that tweet. Title: Re: Upbit hacked Post by: squatter on November 30, 2019, 09:07:29 PM Ok there's some movement already: https://i.ibb.co/yyMfqjt/Screen-Shot-2019-11-30-at-7-33-29-AM.png (https://ibb.co/4TDmprz) https://twitter.com/chiachih_wu/status/1200336594022141952 So the hackers is breaking it up into smaller amount and it seems moving to HuobiGlobal according to that tweet. If you look closer, the transactions to Huobi (and also Binance) were just dust transactions. The hacker was probably just testing to see if/when the exchanges froze the accounts. So far, PeckShield has identified (https://twitter.com/chiachih_wu/status/1200604327745732609) 5 ETH that flowed into a "smaller exchange platform." That's it. |
