Beyond a ‘fat finger’: Bithumb and the hidden risks of crypto exchanges

A bitcoin misallocation at South Korea’s major cryptocurrency exchange Bithumb has laid bare structural vulnerabilities in centralized crypto trading, where internal ledger entries can become market-moving events within minutes.

The incident occurred during a routine event payout. An intended reward of 2,000 won ($1.20) per user was mistakenly entered as 2,000 bitcoin, resulting in about 620,000 bitcoins being credited to 249 customer accounts. Bithum said it intervened in just minutes, but about 1,788 bitcoins were sold during the brief window, pushing prices down by as much as 17 percent at one point.

The prices have now been stabilized, yet Bithumb said it recovered only 99.7 percent of the misallocated bitcoin, and about 125 coins remain unretrieved.

At the heart of the incident is a mismatch between what Bithumb recorded on its books and what it actually held. The exchange did not possess the 620,000 bitcoins that were credited to customer accounts.

Based on its disclosures, Bithumb’s total bitcoin reserves are estimated at around 43,000 coins, with only 175 bitcoins owned by the exchange itself, excluding customer deposits. In effect, the platform temporarily credited far more bitcoin than it actually held.

The gap stems from how centralized exchanges operate. Most rely on ledger-based, or off-chain, systems in which user balances are updated internally, while assets move on the blockchain only when customers withdraw funds. When the mistaken entry was made, balances appeared instantly on customer accounts despite the absence of real coins.

Hwang Suk-jin, a professor at Dongguk University’s Graduate School of International Information Security, said the problem lay in the lack of continuous reconciliation between internal ledgers and on-chain holdings.

“If ledger data and real assets had been properly matched in real time, this kind of ‘ghost coin’ situation would not have been possible,” he said.

Had users attempted to withdraw those balances at scale, the impact could have been severe. As of the end of September, Bithumb’s total equity stood at about 930 billion won — far short of the roughly 60 trillion won in “ghost” bitcoins that briefly appeared on its books — raising concerns about a broader crisis of confidence.

Ledger-based systems themselves are not unusual. Crypto exchanges, banks and securities firms all rely on book-entry accounting to process transactions efficiently. The difference lies in safeguards.

“Ledger-based trading itself is unavoidable for crypto exchanges,” said Lee Jung-soo, a lawyer who doubles as a professor at Seoul National University Law School. “But transactions should have been blocked once they exceeded the amount actually held. The fact that even such basic internal controls were missing is what makes this incident so troubling.”

In traditional financial markets, functions such as trading, brokerage and settlement are separated across institutions, with multiple layers of reconciliation, approval thresholds and real-time monitoring. Crypto exchanges, by contrast, often combine these roles within a single platform. In Bithumb’s case, the absence of system-level controls allowed a single data-entry error to pass directly into live trading.

Other local cryptocurrency exchanges say they have controls in place to prevent similar incidents.

Upbit, the nation’s largest crypto exchange, said it blocks distributions that exceed actual holdings and continuously reconciles internal ledger balances with assets held in blockchain wallets through a proprietary proof-of-reserves system. Event rewards are paid from pre-secured assets and subject to multi-layer approvals.

Coinone said all asset movements, including event-related payouts, are subject to verification and approval procedures, while Korbit said it applies a double-entry accounting structure similar to those used in traditional finance.

Meanwhile, regulators have launched an industry-wide review. While examining Bithumb’s case, the Financial Services Commission has ordered inspections of internal control frameworks across cryptocurrency exchanges.

The case is also expected to influence upcoming digital-asset legislation, which may introduce stricter internal-control requirements, regular external audits of asset holdings and tighter licensing standards.

“The most urgent task is to make internal controls a core condition of licensing,” Lee said. “If a platform cannot block transactions that exceed actual holdings, it should not be allowed to operate, regardless of its market position.”

Lee added that exchanges may eventually need more layered structures for oversight. Hwang, however, said structure matters less than verification.

“Whether an exchange uses a single ledger or multiple ledgers is secondary,” he said. “What matters is real-time verification between recorded balances and the assets that actually exist.”

Bithumb said a full recovery of the roughly 125 bitcoins still unretrieved cannot be assured. Reports said about 3 billion won has been transferred to personal accounts, while roughly 10 billion won was used to purchase other assets.

The exchange said it is continuing efforts to recover the funds. Industry officials said recipients who refuse to return the mistakenly transferred bitcoins could face legal action.

Bithumb has also pledged compensation. Customers who sold at depressed prices will be reimbursed for the full price difference plus an additional 10 percent, while all users logged into the platform at the time of the incident will receive 20,000 won.