Hackers stole nearly $37 million from Upbit
Date: 2025-11-28 Author: Gabriel Deangelo Categories: BUSINESS
On November 27, South Korean Bitcoin exchange Upbit announced a hack in which hackers stole approximately $36.8 million in assets. The incident occurred on the Solana network, and some tokens were transferred to an unknown external wallet at approximately 4:00 a.m. local time.
To protect the remaining funds, the exchange moved all tokens to cold wallets. Part of the stolen assets—LAYER tokens worth $8.18 million—was successfully frozen. Upbit representatives announced their cooperation with blockchain teams and law enforcement agencies and promised to compensate users for all losses from the company's reserves.
According to Dmitry Poyda, an analyst at AML/KYC provider Shard, the hack could have been caused by a compromise of a hot wallet or the exchange's withdrawal infrastructure. A less likely explanation, he suggested, was a possible vulnerability in the logic of the token withdrawal module on the Solana network. The expert noted that the low-liquidity and new coins targeted by the attackers are typically stored in hot wallets used by the exchange to service client transactions.
Poyda emphasized that the chances of recovering the stolen funds will be significantly increased thanks to Upbit's collaboration with the Korean cyber police, financial regulators, and the teams behind Solana-based projects. He also noted that the exchange operates within South Korea's regulated fintech infrastructure and is not an anonymous crypto platform.
The incident occurred amid a recent merger: on November 26, Naver Financial announced the acquisition of Dunamu, the operator of Upbit, for $10.29 billion. Following the deal, both companies will remain independent and continue to operate in their respective fields. Dunamu shareholders will be able to exchange their shares for Naver Financial shares at a 1:3.3 ratio, with Dunamu Chairman Sung Ji-hyun and Vice Chairman Kim Hyun-nyung receiving a combined 30% stake in the combined entity.
Upbit CEO Oh Kyung-seok previously announced that the companies would issue their own stablecoin pegged to the South Korean won. They also plan to launch a stablecoin wallet and invest approximately $6.8 billion in blockchain- and AI-based financial infrastructure over five years.
It's worth noting that in November last year, South Korean authorities identified up to 600,000 KYC violations on the Upbit platform, which had previously raised questions about the exchange's security.
