Upbit Deletes All Deposit Addresses After Hack — Here’s What You Need to Do

Core Viewpoint - Upbit, South Korea's largest crypto exchange, is undertaking a comprehensive security reset by deleting all deposit addresses following a breach that resulted in a loss of over $36 million in crypto assets [1][6]. Group 1: Security Measures - Upbit is not merely patching the affected wallet but is completely overhauling its deposit-address system to address vulnerabilities revealed by the hack [2][5]. - All users must generate new deposit addresses for every asset and network before making deposits again [2][6]. - The company is conducting a thorough security review of its deposit and withdrawal systems, implementing deeper audits and more restrictive access controls [5][6]. Group 2: Incident Details - The breach on November 27 involved unauthorized transfers of various assets from Upbit's hot wallet to an unidentified external address [7]. - Upbit's response included freezing $8.18 million in LAYER tokens on-chain and moving remaining funds to cold storage [7]. - The incident occurred six years after a previous hack in 2019, which involved the theft of 342,000 ETH, believed to be executed by North Korean cyber groups [7]. Group 3: Regulatory Oversight - South Korea's Financial Supervisory Service (FSS) is monitoring Upbit's security overhaul as part of its ongoing inspection following the hack [5][6]. - The overhaul is seen as a direct response to regulatory scrutiny after the significant loss [6].