- ‘Delay’ came as operator Dunamu finalised a merger deal with Naver
- Upbit: we responded first by suspending withdrawals, then reported to regulator
- Regulator and police conducting on-site investigations
South Korean police are investigating last month’s hack on the Upbit crypto exchange, after learning that the platform lost $30.2 million in under an hour on November 27.
Upbit is under fire for reporting the incident to financial regulators “over six hours after the accident took place,” the South Korean newspaper Chosun Ilbo reported.
Media outlets in South Korea have suggested that Upbit delayed reports of the hack so as not to detract from an announcement from its operator Dunamu, which is looking to complete a merger deal with the tech titan Naver.
“Upbit officials held an emergency meeting at 5 am, 18 minutes after they first detected the hack,” Chosun Ilbo wrote, quoting a Financial Supervisory Service, or FSS, report. “Platform officials suspended deposits and withdrawals of cryptoassets on the Solana network 27 minutes later. They stopped all crypto deposits and withdrawals at 8:55 am. However, they made their first report to the FSS at 10:58 am.”
The circumstances of the events of November 27 remain unclear. But critics say that even if police and regulators discover irregularities, serious punishment remains “unlikely.”
Hackers drained $9,000 per second
The FSS submitted its report in response to a request from the lawmaker Kang Min-guk, a member of the National Assembly’s domestic policy committee.
The regulator added that in just 54 minutes, hackers were able to transfer a total of 104.0647 billion coins to “unknown external wallets.”
It added that all of these coins “belong to the Solana ecosystem,” noting that “this equates to losses of approximately 32 million coins, or $9,296, per second.”
Chosun Ilbo quoted an Upbit spokesperson as responding that the platform had taken steps “to ensure no damage to customers by covering all the losses suffered by customers.”
“After the hack, we focused on preventing further withdrawals and then reported the incident to the authorities immediately after we confirmed we had suffered a security breach,” the spokesperson said.
The data also showed that the majority of the financial value lost during the hack came from lost Solana (SOL) coins, with attackers making off with $12.9 million worth of these tokens.
In terms of volume, however, 91% of the hackers’ haul was made up of Bonk, a Solana-based meme coin. Smaller amounts of Pudgy Penguin and Official Trump coins were also stolen.
On-site investigations
The FSS is currently conducting an on-site inspection at Upbit, Chosun Ilbo reported, adding that some senior officials in Seoul are concerned about the FSS’ lack of ability to impose “severe disciplinary measures.”
The South Korean publication EBN reported that the National Police Agency’s Cyber Terrorism Investigation Unit is handling a formal investigation following an “on-site inspection of Dunamu’s headquarters.”
Some government bodies have already pointed the finger at North Korea, claiming that Pyongyang has orchestrated several devastating hacks on South Korean exchanges in the past.
However, a police official told the publication that the investigation was still “in its early stages,” with “no suspects yet identified.”
Tim Alper is a news correspondent at DL News. Got a tip? Email at tdalper@dlnews.com.finalised
