Upbit briefly suspends Aptos withdrawals following security incident

Users of the Korean exchange reported unauthorized deposits of what appeared to be Aptos tokens in their Upbit accounts

article-image

Ricky Of The World/Shutterstock, modified by Blockworks

share

South Korea’s largest crypto exchange, Upbit, has resumed deposits and withdrawals of Aptos (APT) tokens after abruptly halting the service due to a security incident. 

Upbit said in a statement on Saturday it had detected an “abnormal deposit attempt” while monitoring Aptos transactions, according to a rough translation from Google.

Following an inspection of its wallet system, the exchange confirmed stability for Aptos deposits and withdrawals has been restored and actions have been taken against the abnormal activity.

The incident gained public attention when various Upbit users reported unauthorized deposits of what appeared to be Aptos tokens (APT) in their accounts, according to X user Definalist. Blockworks has reached out to Upbit to confirm.

It was later discovered that these were not genuine Aptos tokens but “scam” tokens named ClaimAPTGift. Upbit customer service reportedly contacted users who had sold these fraudulent tokens, asking for refunds.

The problem, Definalist said, lay in Upbit’s wallet system failing to verify the types of tokens being deposited properly. 

Normally, the system should differentiate between native Aptos tokens and other tokens within the same ecosystem. But due to a glitch, all tokens sent via a specific function were recognized as Aptos tokens, leading to the issue.

On a decentralized exchange, users can check the token address on-chain using a block explorer, such as Etherscan on Ethereum, to confirm whether a given token is authentic. A centralized platform, however, requires customers to trust the exchange’s internal naming system.

Crisis averted

A lucky break mitigated the severity of the incident. The scam tokens had six decimal places, while native Aptos tokens have eight. 

If both had eight decimals, users could have received and potentially sold $25,000 instead of $250, risking a severe market disruption, Definalist said.

Upbit’s official notice also cautioned users to pay “special attention to the price differences with other exchanges” as trading resumes, acknowledging that the price may fluctuate drastically due to the incident. 

The price of APT surged around 9% following the incident, and remains up 6% as of Monday at 3:30 am ET $5.45, Blockworks’ data shows. 

Upbit said any delays in reflecting deposits and withdrawals would depend on block processing status and that transactions would proceed sequentially as blocks are completed.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Unlocked by Template (11).png

Research

Union’s technical design brings measured improvements to crosschain interoperability. By combining a consensus-verified hub with novel constructs like state lenses and ZK proofs for client updates, Union achieves an interoperability protocol that is highly performant, trust-minimized, and scalable.

article-image

New PeerDAS design raises throughput ahead of Fusaka upgrade

article-image

Crypto finds fundamentals, Chanos books profits and prediction markets make trouble

article-image

The token has crashed over 65% and been marked as dangerous due to its contract’s permissions

article-image

FOMC July minutes may hold the key to Powell’s speech tomorrow

article-image

Singapore’s largest bank is issuing crypto-linked structured notes on Ethereum, but the tokens will remain permissioned