Back to the list

Upbit updates cold wallet policy in bid to thwart hackers

source-logo  blockworks.co 09 October 2023 02:49, UTC

Crypto exchange Upbit has started using more cold wallets after dealing with more hacking attempts since 2020.

Hackers reportedly attempted to breach crypto exchange Upbit about 160,000 times in the first half of 2023 alone.

This data, which reveals more than double the number of infringement attempts in the first half of 2021, was shared by Dunamu — the operator of Upbit — with South Korean lawmaker Rep. Park Seong-jung, a member of the National Assembly’s Information and Communications Technology (ICT) committee, Yonhap News reported on Monday.

Dunamu reported a substantial rise in hacking attempts on the exchange, surging from about 8,400 in the second half of 2020 to 159,061 in the first half this year.

Upbit — among the top 20 crypto exchanges by spot trading volume — is believed to have incurred losses of 58 billion won (equivalent to $42.8 million) due to a hacking incident in 2019.

Following this event, Upbit implemented preventive measures, such as distributing its operating hot wallets, effectively averting any subsequent cyber breaches, according to Yonhap.

In an effort to enhance security further, Dunamu announced its intent to increase Upbit’s cold wallet proportion to over 70% and adopt new procedures for operating hot wallets, designed to make them safer.

Hot wallets are generally considered more vulnerable to hacking and online threats because they are connected to the internet, whereas cold wallets are shield private keys from the risks associated with the online environment.

Rep. Park noted that the increasing frequency of hacking incidents targeting virtual asset exchanges, both domestically and internationally, is a growing concern.

He added that he feels the Ministry of Science and ICT has a vague role in overseeing these exchanges, and emphasized the importance of the Ministry taking proactive steps to address the issue.

Specifically, he called for the Ministry to carry out simulated security tests and assess the information security landscape to better prepare for cyberattacks, particularly in the context of frequent hacking attempts on virtual exchanges.

The cryptocurrency industry is still relatively young and lacks comprehensive regulation in many jurisdictions. This lack of oversight can attract bad actors who believe they can operate with relative impunity.

Immunefi recently reported that the crypto industry lost $1.4 billion to hacks and fraud so far this year, with $685.5 million lost in the third quarter alone.