Cyber Incident Victim: Dunamu

On November 27, 2019, South Korean cryptocurrency exchange Upbit disclosed a cyberattack resulting in the theft of 342,000 Ethereum (ETH), valued at approximately $48.5 million at the time. The breach originated from Upbit's Ethereum hot wallet, with funds transferred to an unidentified external wallet address. Upbit immediately suspended all deposit and withdrawal services following detection of what it described as an "abnormal transaction." The exchange confirmed 17 separate Ethereum transactions associated with the theft. Company executives publicly committed to covering all financial losses using Upbit's corporate assets, assuring customers they would not bear any financial impact from the incident. Service restoration was projected to require approximately two weeks. As a precautionary measure, Upbit transferred all remaining cryptocurrency assets from vulnerable hot wallets to offline cold storage systems disconnected from internet access.

The incident drew scrutiny regarding exchange security practices, particularly the risks of maintaining substantial cryptocurrency reserves in internet-connected hot wallets. Security experts reiterated longstanding warnings about the vulnerability of hot wallets to cyberattacks. Blockchain analysis indicated the stolen Ethereum remained stationary in the recipient wallet as of the initial reporting period, with no immediate movement or laundering attempts observed. Some Reddit users questioned whether the incident constituted a legitimate hack or potential exit scam, citing historical precedents like BitConnect and LoopX, though no evidence emerged to support these theories. The breach highlighted operational security challenges in cryptocurrency exchanges while demonstrating established response protocols including asset safeguarding measures and financial guarantees to maintain user trust during service interruptions.