- Upbit detected an abnormal $37M Solana-asset outflow, immediately halting all user transactions.
- Exchange has shifted digital assets into secure cold wallets to block further unauthorized access.
- On-chain freezing efforts began, successfully locking ₩12 billion in LAYER tokens so far.
Upbit, South Korea’s dominant cryptocurrency exchange, has confirmed a security breach resulting in the unauthorized transfer of approximately $37 million (54 billion KRW) in Solana-network assets. The exchange has immediately suspended all deposits and withdrawals on the Solana network while placing its infrastructure under emergency audit.
A Sudden Drain of Assets
At 4:42 a.m. KST, Upbit’s systems detected an abnormal outflow of a large basket of Solana-ecosystem tokens, including SOL, BONK, JUP, RAY, ORCA, RENDER, PYTH, TRUMP, USDC, and more than a dozen others. These assets were traced to a single unidentified wallet, prompting urgent countermeasures.
The exchange later confirmed that the incident was the result of a malicious external withdrawal, now being treated as a security breach.
Related: ‘Solana Killer’ Monad Faces Phishing Wave Days After Public Debut
Assets Shifted to Cold Storage
Within minutes of detecting the suspicious movements, Upbit shut down all deposit and withdrawal services and began transferring every asset into secure cold wallets, isolated storage designed to block unauthorized access.
The exchange also initiated on-chain freezing procedures to halt the movement of tokens linked to the breach. So far, approximately ₩12 billion worth of LAYER tokens have already been frozen.
A full security audit of Upbit’s wallet systems and network infrastructure, across all blockchains, not just Solana, is currently underway. Services will be restored only after every layer passes review.
Users Won’t Lose Anything
In a move designed to prevent a liquidity panic, Dunamu CEO Oh Kyung-seok issued an immediate guarantee of full reimbursement:
“To prevent any damage to member assets, the entire amount will be covered by Upbit’s holdings. We would like to reiterate that this will not affect member assets.”
This declaration effectively neutralizes user risk, converting the $37 million loss from a depositor liability into a corporate expense. This stands in stark contrast to other recent exchange breaches where user funds were hair-cut or frozen indefinitely.
A Year of High-Value Targets
2025 was a strong year for crypto growth, but hacks still caused major damage. Hyper Vault lost $3.6M, the Shibarium Bridge lost about $2.4M, and a phishing scam stole 783 BTC worth $91M.
BTC Turk in Turkey was hit for up to $50M, while Iran’s Nobitex suffered a huge $90M loss. Despite progress, security remained a major challenge.
Related: Bolivia Seeks $9 Billion Bailout; Plans to Legalize Stablecoin Banking
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.