South Korea’s prime crypto alternate, Upbit, suffered a significant safety breach, shedding tens of thousands and thousands of {dollars} in digital property simply hours after its guardian firm, Dunamu Inc., unveiled an enormous $10.3 billion takeover by tech big Naver Corp.
The intrusion, which primarily focused Solana-based tokens, pressured Upbit to halt all deposits and withdrawals at this time (Nov. 27). Whereas the preliminary estimates of the loss have been greater, the alternate revised the determine to roughly 44.5 billion Korean received, about $30 million, based mostly on asset costs on the time of the unauthorized switch.
The corporate confirmed that the safety failure occurred in one among its “Scorching Wallets,” that are used for quick, day-to-day transactions. The safer chilly pockets, which shops the vast majority of buyer property offline, was not affected.
Irregular withdrawals have been first detected round 4:42 a.m. KST on Nov. 27, 2025, when a basket of property on the Solana community was moved to an unknown exterior pockets deal with. The stolen property included over 20 tokens, prominently that includes Solana (SOL), USDC, Bonk (BONK), Jupiter (JUP), Render Token (RENDER), Orca (ORCA), and Peace Community (PYTH).
In response, the alternate instantly suspended all transaction companies. Upbit additionally initiated on-chain measures to freeze the stolen funds, efficiently freezing roughly 2.3 billion received price of Solayer (LAYER) tokens.
Oh Kyoung-suk, CEO of Dunamu, addressed customers, expressing his deep remorse. In an official assertion, he reassured clients: “We wish to inform you that the dimensions of digital asset leakage brought on by irregular withdrawals has been recognized instantly upon affirmation, and that Upbit’s property might be totally coated to forestall any harm to your property.”
Eerie anniversary and acquisition coincidence
The hack’s timing has added a layer of unwelcome drama. The breach occurred a day after Dunamu and Naver executives have been publicly touting their $10.3 billion all-stock merger. The acquisition is meant to mix Naver’s monetary and AI infrastructure with Upbit’s crypto platform to create a worldwide powerhouse.
Including to the unlucky coincidence, the Nov. 27 date marks the sixth anniversary of a significant safety breach in 2019, when 342,000 Ethereum tokens have been stolen from the alternate in an assault later attributed to North Korean hacking teams.
Upbit has reported the incident to related authorities, together with monetary regulators and the Korea Web & Safety Company (KISA) safety audit on the steadiness and safety suitability of its total deposit and withdrawal system, extending), and is cooperating with investigative businesses.
The alternate is at the moment conducting an intensive investigation past the compromised Solana community household. The corporate said it plans to renew deposit and withdrawal companies “sequentially as quickly as security is secured.”
It’s been a foul week. Crypto thieves have stolen Solana through hidden Chrome extensions.
