Binance Refutes Claims It Did Not Respond Swiftly To Upbit Hack
Binance has rebuffed claims that it failed to act quickly in freezing funds linked to the Upbit hack last month.
Reports had suggested that the exchange, the world’s largest, only partially complied with requests from South Korean authorities to freeze crypto suspected to have been stolen in the incident and sent to Binance.
In a statement shared with Cryptonews, a Binance spokesperson said that any suggestions of a delayed or limited response from the exchange were inaccurate.
“Binance’s security and investigations teams identified the incident and immediately took action to assist in freezing related transfers and mitigating further movements,” the spokesperson said.
The spokesperson’s response follows a report that was published last week that cited South Korean investigators. They claimed that Binance only froze 17% of the assets that were flagged for freezing.
Binance Continues To Monitor The Situation And Is Working With Law Enforcement
On Nov. 27, Upbit suffered a hot wallet breach that resulted in approximately $36 million in losses. The attack was believed to be the work of a North Korean hacking group.
Upbit’s statement to users after the hack (Source: X)
Investigators allege that the attackers behind the incident moved the funds quickly, and dispersed the stolen crypto assets across more than one thousand wallets within hours of the breach.
Meanwhile, security analysts said that the group used a combination of chain hopping, token swaps, and bridges to obscure transaction trails. These tactics were all employed as part of an effort to complicate recovery efforts.
After shifting funds through various addresses and blockchains, authorities said that the majority of the laundered assets eventually reached service wallets on Binance.
That was likely because Binance is one of the most liquid platforms, making it ideal for hackers to dump a large amount of crypto quickly without impacting prices.
Following the incident, Upbit and the police reportedly requested an immediate freeze of around 470 million won ($370K) worth of Solana tokens that they believed had entered the exchange.
Of that amount, about 80 million won ($75K) was frozen. Binance said that it required additional verification before taking broader action, Korean authorities said.
The Binance spokesperson said that the exchange has been working closely with law enforcement and other relevant parties since the incident.
“We continue to monitor the situation closely and provide support as needed,” the spokesperson said, adding that any claims that Binance did not take prompt or effective action are “unsubstantiated and inaccurate.”
Upbit Moves Client Assets To Cold Storage
Following the incident, Upbit has responded by shifting nearly all of its customers’ assets into cold storage. Such storage is not connected to the internet, mitigating risk.
Upbit’s owner Dunamu said the exchange will raise its cold storage ratio to 99%, a move that is one of the strongest responses ever to a security incident from a crypto company.
That ratio is far above South Korea’s legal requirement that 80% of user funds be stored offline.
By the end of October, Upbit had already held 98.33% of its customers’ assets in cold storage, which is the highest among domestic platforms. Following the breach, the exchange accelerated its overhaul.
While Upbit continues to shift customer funds into cold storage, South Korean authorities have launched an investigation into the incident.
According to local reports that cited early intelligence assessments, authorities have connected the incident to North Korea’s Lazarus Group.
Related Articles:
About Author
About Author
