Hackers are distributing ETH stolen from UpBit to different wallet addresses
On November 27, Korea’s Upbit was hacked and nearly $ 50 million ETH was reported stolen. The enemy exchange quickly reported the incident and declared all losses to be paid for with their own property.
More than a day after the hack was reported, $ 16.5 million of the nearly $ 50 million worth of stolen ETH from UpBit was being moved and sent to another unknown wallet.
Hackers are primarily responsible for the recent Upbit hack that appears to be distributing ETH they stole. Whale Alert reports that about 109,270 ETH ($ 16.5 million) has just been transferred to another unknown wallet.
⚠️ 109,270 #ETH (16,518,370 USD) of stolen funds transferred from Upbit Hack Nov 2019 to unknown wallet
— Whale Alert (@whale_alert) November 28, 2019
Ethereum’s transparent ledger allows for easy tracking, allowing UPbit to quickly locate money. However, the stolen money is not transferred to only one address. In fact, they have been delivered to four main addresses, possibly a way to divide the 342,000 ETH booty between hackers, making locating transactions more difficult. Chiachih Wu, research VP at Pechshield, noted this in a recent tweet.
#UpbitHack Stolen #ETH Parking Address Update:
(0 #ETH) 0x9a2071
(0 #ETH) 0xa09871
(120k #ETH) 0xc7d64e
(110k #ETH) 0x3408ed
(60k #ETH) 0xf46781
(50k #ETH) 0x9409d7
— Chiachih Wu (@chiachih_wu) November 28, 2019
Hackers have created five different addresses with different amounts of ETH in each. They may continue to divide their money into smaller pieces to avoid being discovered. As Chiachih Wu mentioned, hackers tried to offload their Ethereum on both Binance and Huobi, experimenting with sending less than one ETH to test the response of exchanges.
However, diversification of funds does not bring much benefit to hackers, as security research firm Peckshield has identified all four addresses and began to closely monitor the coins issued from them. The company worked directly with UPbit to help exchange the stolen money.
Out transaction from wallet of UpBit Hackers. Source: Etherscan
However, Binance said it pledged to freeze any stolen funds deposited on its exchange. Changpeng Zhao, CEO of Binance, said that any stolen money ended on his exchange would be immediately frozen. Zhao added that Binance will work with both UPbit and other industry players to get the money back.
We will work with Upbit and other industry players to ensure any hacked funds that may make their way to Binance are immediately frozen.
— CZ Binance (@cz_binance) November 27, 2019
Therefore, their ‘test’ on Binance will likely prove to be a failure. Huobi, on the other hand, did not commit to freezing any money. It is currently not clear whether the hackers will succeed in selling their ETH on Huobi or will test on other less-regulated exchanges.