Upbit, South Korea’s largest cryptocurrency exchange by trading volume, discovered a critical security flaw in its wallet software after a massive $30 million heist. The vulnerability, exposed during an emergency audit triggered by unusual withdrawals, allowed potential attackers to potentially infer private keys from public blockchain data analysis. The flaw involved weaknesses in Upbit’s own signature generation system, which, while not directly linked to the hack, could have paved the way for a successful attack. The company confirmed a total loss of $30 million, primarily stemming from customer accounts, and has taken steps to freeze stolen funds in collaboration with partners. While Upbit is halting operations until a comprehensive security audit is completed, it assures customers that they will be fully compensated for their losses. This incident highlights the precarious nature of wallet software security, even for established exchanges like Upbit. The exchange plans to overhaul its infrastructure and implement stricter controls to prevent similar vulnerabilities in the future. Investigations are underway to determine the attacker’s identity and motive.