Key Takeaways
- South Korea’s largest crypto exchange, Upbit, temporarily froze all deposits and withdrawals after detecting approximately $36 million in unauthorized outflows from a Solana-network hot wallet on Thursday.
- The security breach occurred just one day after Upbit’s parent company, Dunamu, announced a massive $10 billion acquisition deal with South Korean fintech giant Naver, alongside plans for a U.S. initial public offering (IPO).
- Upbit confirmed that cold-wallet reserves remain secure and assured users that all lost balances resulting from the incident will be fully covered by the exchange’s reserves, preventing any customer loss.
$36M Outflow Triggers Platform-Wide Freeze at Upbit
South Korea’s premier cryptocurrency exchange, Upbit, was hit by a major security incident on Thursday, confirming an unauthorized outflow of approximately $36 million from one of its Solana-network hot wallets. The suspicious transfers were flagged around 4:42 am local time, prompting the exchange to immediately shut down all deposit and withdrawal services and initiate a full security review of all supported crypto assets.
In its official announcement, Upbit moved quickly to contain the damage and reassure its user base. The exchange emphasized that the compromise was isolated to its hot wallet infrastructure, and that all cold-wallet reserves, where the majority of customer assets are held, remained completely untouched.
As a further precaution, Upbit relocated its remaining hot wallet assets into cold storage and began working with on-chain security partners to attempt to freeze the unauthorized movement of funds.
Upbit Assures Full Reimbursement Amid Regulatory Scrutiny
Following the breach, Upbit’s primary focus has been on customer protection and system stability. The exchange assured users that any and all balances lost as a result of the security incident will be fully covered by the company’s internal reserves. This commitment ensures that no customer assets will be lost, offering a strong measure of confidence despite the platform-wide freeze on transfers. While trading activity within the exchange continues normally, the precautionary halt on moving funds on or off the platform will remain in place until the comprehensive security review is finalized.
Naturally, the breach got the immediate attention of South Korean financial regulators, who have already sent teams in for on-site inspections to figure out exactly what happened.
The sensitivity here is huge—it brings back chilling memories of that $50 million hack back in 2019, which authorities linked to the notorious North Korean group, Lazarus. Upbit is asking users to be patient while they scramble to secure everything and work with the government. The one thing they haven’t given yet is a timeline for when withdrawals will actually start again.
Security Lapse Mars Dunamu’s Global Expansion Plans
The timing of the security lapse could not be worse for Upbit’s parent company, Dunamu. The hot wallet breach occurred less than 24 hours after Dunamu unveiled a massive $10.3 billion acquisition deal with South Korean internet search and fintech giant Naver.
The deal is supposed to make Dunamu a fully-owned subsidiary of Naver Financial via a stock swap. What’s more, Dunamu has been telling reporters it wants to go for a massive U.S. IPO after the merger closes! This hack throws an immediate, cold bucket of water on all those major expansion and merger plans, serving as a harsh, real-time warning about the security dangers that come with centralized platforms.
As Trezor CEO Matej Zak warned everyone before: crypto exchanges are simply “massive honeypots for hackers,” a growing, expensive problem that security teams are constantly fighting to contain.
Final Thoughts
The $36 million Upbit hot wallet breach, timed immediately after its landmark deal with Naver, is a stark warning that even market leaders are vulnerable to persistent security threats. While Upbit’s promise of full user reimbursement is a crucial step for maintaining trust, the incident underscores the continuous challenge centralized crypto exchanges face in protecting large digital asset reserves from sophisticated attackers.
Frequently Asked Questions
What was the dollar amount and asset affected in the hack?
Approximately $36 million was stolen from a Solana-network hot wallet.
Will Upbit users lose their funds due to the breach?
No, Upbit has assured users that all lost funds will be fully covered by the exchange’s reserves.
What major business event was happening concurrently with the hack?
Upbit’s parent company, Dunamu, had just announced a $10 billion acquisition deal with Naver and plans for a U.S. IPO.
