VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
On September 24th, according to Definalist on Twitter, scammers had deposited fake APT tokens into South Korea's largest exchange, Upbit. After these fake tokens were deposited into numerous user accounts, many users proceeded to directly sell them. The only explanation for this situation is that Upbit's wallet system only checked the type and data and processed deposits and withdrawals. Attack method (per SlowMist): False top-up. Reported loss: -.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Upbit
- bug_class
- token-supply
- date_occurred
- 2023-09-24
- loss_usd
- —
- source_id
- sm:upbit::2023-09-24
Related — same bug class· token-supply