Upbit Exchange Hit by $36 Million Hack: What You Need to Know
In a significant event for the cryptocurrency world, Upbit, South Korea’s largest crypto exchange, has suffered a security breach involving the theft of Solana-based tokens worth ₩54 billion KRW (approximately $36-37 million USD). As of November 27, 2025, deposits and withdrawals for affected Solana assets have been suspended, and the exchange has begun an emergency investigation to secure its platform and protect users.
The Incident: What Happened?
According to an official statement by Upbit operator Dunamu, abnormal withdrawal activities were detected around 04:42 KST on November 27, 2025. These involved Solana-linked tokens being transferred from the exchange’s wallets to an unidentified external address. Among the compromised tokens were popular ones like SOL and other smaller altcoins such as BONK, ORCA, RAY, and USDC.
Initial reports suggest that the breach targeted the exchange’s hot wallet infrastructure specifically linked to Solana-based assets. Uniquely, rather than seeing multiple withdrawals from different accounts, the stolen funds were extracted in one major transaction, suggesting a single attacker gained access to Upbit’s wallet permissions.
Upbit’s Swift Response
Upbit has responded by suspending transactions involving the affected Solana tokens and transferring all remaining funds into secure cold storage to prevent further loss. The company has also initiated blockchain investigations to trace stolen funds and is actively working with domestic and international law enforcement agencies to freeze flagged wallets. Collaborations with Solana ecosystem projects aim to “chain-freeze” the attacker’s wallets and limit laundering opportunities.
In an encouraging announcement, Upbit assured its users that any losses incurred from the breach would be fully covered by the exchange’s funds, reflecting their commitment to maintaining user trust.
Consequences for Users and the Crypto Market
While Upbit guarantees full recovery for affected accounts, users are left unable to deposit or withdraw Solana-based assets, disrupting liquidity and creating challenges for Korean traders who depend on moving assets across multiple exchanges. The event serves as a stark reminder of the vulnerabilities inherent in centralized exchanges, even amid advancements in blockchain technology.
Solana, as a blockchain platform, is often lauded for its high-speed transactions, but this hack highlights the importance of rigorous security measures, particularly for exchanges managing hot wallets. Traders should consider alternative strategies, such as transferring assets to hardware wallets for enhanced protection.
Lessons Learned and Future Outlook
This incident underscores the need for stronger operational policies on centralized platforms. Despite the breach, Upbit’s quick reaction and assurance of compensations have been widely regarded as measures that help mitigate panic within the cryptocurrency community. As the investigation unfolds, crypto enthusiasts and investors will likely push for more transparency and robust security protocols moving forward.
If you’re a Solana investor or crypto enthusiast, it’s critical to stay informed and adopt best practices for safeguarding your digital assets. Consider using secure and reliable hardware wallets like the Ledger Nano X to store funds offline and minimize the risk of exchange-related vulnerabilities.
Conclusion
The $36 million hack at Upbit serves as a sobering reminder of the potential risks in the digital asset space. While Upbit’s commitment to covering all user losses has reassured investors, the incident calls for stronger security frameworks across crypto exchanges globally. As users navigate these developments, staying vigilant and informed is more important than ever in protecting one’s investments.
