South Korea’s Largest Crypto Exchange Upbit Halts Services After $37 Million Solana Token Breach

TLDR

• Upbit, South Korea’s largest crypto exchange, suspended deposits and withdrawals after detecting unauthorized transactions on November 27, 2025
• Approximately $37 million worth of Solana network tokens were transferred to unauthorized wallets through a compromised hot wallet
• Affected tokens include BONK, JTO, USDC, ACS, DRIFT, and other Solana-based assets
• Upbit will fully reimburse all customers using the exchange’s own assets to cover losses
• The exchange moved remaining funds to cold storage and froze about $8 million worth of Solayer tokens with law enforcement help

Upbit suspended all digital asset deposits and withdrawals on Thursday morning after detecting irregular activity on its Solana network wallets. The South Korean exchange identified unauthorized transfers totaling approximately 54 billion won, or $37 million.

The breach occurred around 4:42 AM local time on November 27, 2025. Exchange operators detected the irregular withdrawals from a compromised hot wallet address early in the incident.

Dunamu CEO Oh Kyung-seok confirmed the security breach in a public notice. He apologized to users for the service disruption and assured customers that the exchange would handle all losses.

The affected tokens span multiple categories on the Solana network. Meme coins including BONK, MOODENG, and Official Trump were among the compromised assets. Decentralized finance tokens such as Sonic SVM, Access Protocol, JTO, SOL, and Raydium were also transferred.

Other affected assets include DoubleZero, DOOD, Drift, HUMA, Ionet, JUP, LAYER, ME, Pudgy Penguin, and Circle’s USDC stablecoin. The unauthorized transfers moved these tokens to external wallet addresses not designated by Upbit’s internal systems.

Exchange Response and Asset Recovery

Upbit took immediate action after detecting the breach. The exchange transferred all remaining digital assets to cold storage to prevent further unauthorized transactions. Cold storage keeps cryptocurrency offline and away from potential network vulnerabilities.

The exchange worked with law enforcement to initiate on-chain freezing measures. These efforts successfully froze approximately 12 billion won, or $8 million, worth of Solayer tokens related to the incident. Upbit is coordinating with other token projects to attempt additional asset freezes.

Upbit launched a complete security audit of all digital asset transfer systems. The exchange stated it will gradually resume withdrawal services only after confirming system security. Deposit and withdrawal functions remain suspended while the investigation continues.

The exchange emphasized that customers will not bear any financial burden from the breach. Upbit committed to fully reimbursing all affected users using the company’s own assets. This compensation policy aims to protect user funds completely.

The timing of this security incident comes as Upbit’s parent company Dunamu navigates a major corporate change. Naver Financial agreed to absorb Dunamu in a $10.29 billion all-stock deal announced November 26, 2025. The transaction requires regulatory approval and would issue 2.54 new Naver shares for each Dunamu share.

The post South Korea’s Largest Crypto Exchange Upbit Halts Services After $37 Million Solana Token Breach appeared first on CoinCentral.