South Korea’s largest cryptocurrency exchange, Upbit, faced a major security incident this week. A large amount of digital assets was moved without permission, leading to concerns among users and regulators. The operator of the exchange, Dunamu, confirmed the loss and explained how the situation unfolded. Because Upbit is widely used across the country, the attack quickly became one of the most talked-about events in the crypto space.
Unauthorized Transfer of Solana-Linked Assets
Early in the morning, at 4:42 a.m., a portion of digital assets related to the Solana network was transferred to an unauthorized wallet. According to Dunamu, the stolen assets were worth around 54 billion won, equal to $36.9 million. The operator stated that this movement was not approved and was the result of a hacking attack.
Dunamu’s chief executive, Oh Kyung-seok, confirmed that Solana-affiliated funds had been moved without permission. His announcement made it clear that the exchange had suffered a direct security breach. The stolen amount was significant, and news about the incident spread quickly because Upbit is the largest crypto exchange in Korea.
A notice explaining the situation was sent to customers at 12:33 p.m. the same day. This update came right after a joint press conference that Upbit’s operator attended with Naver and Naver Financial Corp., where they had planned to share information about a merger. However, the hacking incident soon became the main focus of attention due to the size of the loss and the impact on the exchange.
Brazil’s strategic oil data at risk: Hackers warn they will publish 90GB of stolen files if ignored
Exchange Freezes Services and Begins Security Review
To protect users, Dunamu announced that it would cover the full amount of the loss with its own assets. This means customers will not bear any financial damage from the hacking attack. The company emphasized that keeping customer funds safe was the top priority.
Soon after discovering the unauthorized transfer, Upbit temporarily suspended virtual asset deposits and withdrawals. This decision was made to prevent any more unauthorized movements and to secure the exchange while the issue was being investigated. Suspending these services is a common emergency step for crypto platforms facing security problems.
Dunamu then began a comprehensive security review of the exchange. Technical teams started examining the system to understand how the transfer occurred and whether any other weaknesses were present. The review was launched immediately and is aimed at strengthening the platform’s defenses.
Large UK operation seizes £25m in cash and crypto tied to Russia sanctions breaches
South Korea’s financial authorities also began preparing an on-site inspection of the exchange. An on-site inspection allows regulators to visit the company directly, check systems in person, and examine internal processes. This action shows how seriously the authorities view the incident and how important Upbit is to the digital asset market in the country.
Largest Upbit Breach Since 2019
This hacking attack is the largest security breach affecting Upbit in six years. The previous major incident took place on November 27, 2019, when about 340,000 Ethereum tokens, worth around 58 billion won, were illegally transferred to an anonymous account. That earlier case was one of the biggest crypto security events in South Korea at the time. The new incident now stands beside it in scale and attention.
With the loss involving Solana-affiliated assets, the temporary suspension of deposits and withdrawals, the involvement of the company’s leadership, and regulators preparing to review the platform, the attack has once again put a spotlight on the safety of digital asset exchanges. The operator’s decision to fully cover the 54 billion won loss aims to reassure users while the investigation and security checks continue.
