Upbit’s $30M Hack Reveals Hidden Wallet Weakness

• A hack on November 27, 2025, cost Upbit, South Korea’s biggest crypto exchange, $30 million.
• They found a big problem with their wallet system during the investigation that could let private keys leak.
• The problem was that transaction signatures had weak patterns, which made it easier to guess keys.

This week was a rough one for Upbit, South Korea’s largest cryptocurrency platform. Hackers took about $30 million worth of digital goods. This is about 44.5 billion Korean won. The exchange acted quickly, freezing 2.3 billion won of the stolen money. They also put all of their assets in safer cold storage to stop more losses.

Upbit’s team did an emergency audit while looking into the breach. That’s when they discovered the major problem with how their internal wallet was set up. The issue? Attackers could use patterns in signatures from past transactions to figure out private keys. Private keys are like secret codes that let you get to your crypto money. It’s a big risk if it gets out.

This problem was fixed by Upbit right away. They made it clear that user money is safe now. But they haven’t been able to connect this bug to the $30 million theft yet. This shows that even big exchanges can have problems that aren’t obvious.

Experts blame the Lazarus group, which is based in North Korea. In 2019, this group stole $49 million from Upbit. Their methods are similar to this attack, using advanced tricks to steal money.
Upbit gave back all of the money to the users who were affected. They’re making changes to their wallet systems to make them safer. Until everything is checked out, trading and withdrawals are on hold.