Upbit Under Fire Amid Major Solana Hack
In a significant security breach, South Korea’s leading cryptocurrency exchange, Upbit, suffered unauthorized withdrawals amounting to 54 billion KRW (approximately $36 million) on November 27, 2025. The attack centered on Solana-based assets, impacting popular tokens such as SOL, USDC, BONK, RAY, RENDER, ORCA, and PYTH.
Immediate Response to the Attack
To mitigate the damages, Upbit swiftly suspended all deposit and withdrawal services on the Solana network. Emergency inspection protocols were set in motion to contain the breach, ensuring user funds would remain secure. According to Upbit’s announcement, wallet addresses linked to the stolen funds were disclosed, further underlining efforts to maintain transparency during the investigation.
The suspended services and rapid action highlight one critical aspect of the breach: attackers seemed to have exploited vulnerabilities within Upbit’s hot wallet infrastructure. Unlike cold wallets, which remain offline, hot wallets are more susceptible to real-time attacks as they stay connected during trading operations.
Past Breaches Cast a Shadow
This isn’t the first time Upbit has faced a major cyberattack. Back in 2019, the exchange lost 342,000 ETH (worth approximately $50 million at the time). The Korean police later attributed the attack to North Korean hacking groups, particularly Lazarus and Andariel. Despite efforts to recover funds, such as collaborating with Swiss judicial authorities, the incident highlighted the ongoing vulnerabilities of exchange platforms.
Upbit confirmed the $36 million breach from the recent Solana hack, stating, “We will fully cover the loss with our own assets to ensure no impact on our customers.” This commitment sheds light on the exchange’s resilience and user-first approach, even amid challenges.
The Breach Overshadowed a Major Business Announcement
The timing of the hack couldn’t have been worse for Dunamu, Upbit’s parent company. On the same day, Dunamu revealed a groundbreaking partnership with Naver, South Korea’s largest portal company. The collaboration focused on leveraging AI and Web3 technologies, marked by a commitment to invest 10 trillion won ($7.5 billion USD) in fostering South Korea’s tech ecosystem over the next five years.
The breach, however, highlighted the gap between innovation and security within the crypto sphere, prompting discussions around infrastructure gaps in decentralized ecosystems like Solana’s.
How to Protect Your Crypto Assets
Whether you’re a seasoned crypto trader or new to the space, these incidents emphasize the importance of securing your assets. Consider transferring your holdings to trusted cold wallets, like the Ledger Nano X, which keeps your funds offline and away from threats. You can learn more about hardware wallets on the official Ledger website.
Final Thoughts
The $36 million Solana hack at Upbit adds another chapter to the ongoing saga of security vulnerabilities in the crypto industry. While Upbit’s decision to cover user losses reassures investors, it also emphasizes the urgent need for exchanges to prioritize security measures, especially for hot wallets. As the cryptocurrency ecosystem continues to grow, so do the responsibilities of industry leaders to safeguard users’ digital assets.
