- Upbit hit with $36M Solana wallet breach; user refunds assured.
- Exchange suspends services pending a full security audit.
- Upbit’s cold wallets remain secure, minimal impact on Solana ecosystem.
Upbit, South Korea’s largest crypto exchange, reported a $36M breach of its Solana hot wallet on November 27, 2025, prompting suspension of all transaction services.
The incident underscores persistent security challenges in crypto, impacting Solana-based assets and stirring regulatory scrutiny and user concerns over centralized exchange vulnerabilities.
The breach of Upbit’s Solana hot wallet resulted in unauthorized withdrawals totaling $36M USD. The incident transpired a day after the $10B Naver deal. The exchange has temporarily suspended services to address the security lapse.
Oh Kyung-seok, CEO of Dunamu, announced user refunds, confirming the breach affected only hot wallets, not cold storage. Security audits are underway, while affected users can expect compensation from Upbit’s internal reserves.
The breach sent ripples through the market, causing minor dips in the Solana-based DEXs. Withdrawals and panic selling accelerated these changes. Upbit reassured users of the security of funds in cold wallets.
The Financial Services Commission of South Korea is closely monitoring the situation, urging all exchanges to fortify security measures. There are no new compliance directives, but FSC’s review of Upbit’s security protocols is underway.
Cited past breaches, like the 2019 ETH wallet breach, reminiscent of the current incident. Discussions amongst developers reflect growing concerns over exchange security and advocate for greater self-custody among users.
Historical trends show that even large exchanges are vulnerable, as noted by CZ of Binance, who emphasized the importance of self-custody. Potential outcomes include regulatory reshaping and a reinforced focus on exchange safety.
“We have detected unauthorized withdrawals from our Solana hot wallet this morning. The breach is limited to hot wallet assets, and cold wallets remain secure. We have suspended all deposits and withdrawals as a precaution and are conducting a full security audit. All affected users will be fully refunded.” — Oh Kyung-seok, CEO, Dunamu
| Disclaimer: The content on The CCPress is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions. |