 
 
South Korea’s leading cryptocurrency exchange, Upbit, announced an urgent suspension of digital asset deposits and withdrawals on Thursday after detecting unauthorized activity involving Solana network tokens. The exchange reported losses of around $37 million as it moved to contain the security breach.
Upbit Drained Of $37 Million In Solana Ecosystem Assets
In a Thursday announcement, Upbit said it detected irregular withdrawals linked to a compromised hot-wallet address around 4:42 am local time (7:42 pm UTC), prompting the temporary freezing of transfer services and a full security review of all related networks and wallet systems.
“At around 04:42 on 2025-11-27, Upbit confirmed that a portion of Solana network assets (approximately 54 billion KRW worth) had been transferred to a wallet address not designated internally (an unknown external wallet),” a rough translation of Dunamu CEO Oh Kyung-seok’s public notice states.
Dunamu reported that approximately 54 billion won ($37 million) worth of tokens were transferred to an external wallet that Upbit has not identified.
The affected tokens include meme coins such as Bonk (BONK), Moodeng (MOODENG), Official Trump (TRUMP), and decentralized finance tokens such as Sonic SVM (SONIC), Access Protocol (ACS), Jito (JTO), Solana (SOL), and Raydium (RAY), among other tokens such as Pudgy Penguin (PENGU) and Circle’s USDC, according to Upbit’s announcement.
 
Upbit noted that the compromise was isolated to its hot wallet, highlighting that cold-wallet reserves remained untouched. The exchange has moved its remaining assets to a safe cold wallet to prevent further unauthorized withdrawals and has successfully frozen $8.18 million worth of Solayer (LAYER) tokens. Upbit plans to cooperate with projects and law enforcement to freeze the remainder of the stolen assets.
Upbit Promises To Reimburse Affected Customers
Upbit indicated that deposit and withdrawal services will resume only after the system-wide security checks are completed. Trading on the exchange continues to operate normally, allowing users to buy and sell assets within the Korean platform. However, users cannot transfer funds on or off the platform while the review is ongoing.
The company also assured users that any tokens lost as a result of the security incident will be fully compensated using its own reserves, stressing that customers will not experience any personal losses due to the hack.
The suspected hack comes as Dunamu, Upbit’s parent company, has struck a blockbuster acquisition deal with South Korean IT behemoth Naver. As ZyCrypto reported earlier, Naver Financial will acquire Dunamu in a stock-swap deal valued at 15.1 trillion won (around $10.3 billion). Dunamu is also seeking to debut in the US after finalizing the merger with Naver.