On Sunday, UpBit employees discovered that a fraudulent deposit had been made to the platform, with the attackers managing to pass off a counterfeit token as a verified Aptos crypto asset. The UpBit system incorrectly identified a fake crypto asset, which allowed the bot to introduce a large number of fake coins into user accounts.
The security breach affected approximately 100,000 addresses containing APT tokens. Upon discovering the issue, UpBit immediately took action to protect users by suspending APT deposits and withdrawals to conduct maintenance on the Aptos wallet system.
Several South Korean crypto traders running an X (Twitter) account called Definalist have revealed details of what happened. Definalist found that the fake APTs were not associated with the Aptos Network, but turned out to be tokens called “ClaimAPTGift.”
The problem arose because the UpBit system did not properly validate the type of tokens being transferred, mistaking these different crypto assets for the same APT token. The system had to check their compliance with certain conditions.
However, serious problems were avoided due to the fact that the fake token has six decimal places, while Aptos tokens have eight decimal places. If the fake token also used the 8-digit system, thousands of users could flood the market with overvalued APT crypto assets, and this would cause huge damage to the exchange.
Let us recall that last year UpBit announced its readiness to compensate losses to users who, due to a glitch in the KakaoTalk messenger, were unable to complete transactions in a timely manner.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
