Crypto heist against Upbit linked to private key vulnerability

South Korean cryptocurrency exchange Upbit was noted by its operator Dunamu to have had $30 million worth of assets stolen from its Solana wallet on Nov. 27 due to a security weakness that enabled private key inferencing, Cybernews reports. All digital asset transactions have been halted following the incident, which is suspected to have been conducted by the North Korean hacking collective Lazarus Group and led to the theft of official Trump, USD coin, bonk, and other tokens. "This breach is a direct result of Upbit's inadequate security management, and there is no room for excuses. Upbit, which prioritizes member protection, promises that no damage will occur to member assets," said Dunamu CEO Oh Kyung-seok, who noted that the private key vulnerability has since been fixed. Upbit, which intends to leverage its assets to convert customer losses due to the breach, has already commenced an extensive security system review and wallet system restructuring.