Approximately 44.5 billion KRW worth of virtual assets were stolen from the virtual asset exchange Upbit.
![Upbit Suffers KRW 44.5 Billion Virtual Asset Hack... Financial Supervisory Service Launches On-Site Inspection (Comprehensive) [Bitcoin Now]](https://cphoto.asiae.co.kr/listimglink/1/2025112715481634823_1764226096.png)
On November 27, Dunamu, the operator of Upbit, announced that at around 4:42 a.m. that day, it detected that approximately 44.5 billion KRW worth of virtual assets had been transferred from Upbit to an unknown external wallet. The initial amount reported stolen was 54 billion KRW, but this figure was revised down by about 10 billion KRW after adjusting the valuation to the price at the time of the abnormal withdrawal.
The stolen virtual assets include 24 types based on the Solana network, such as Solana (SOL), DoubleZero (2Z), Access Protocol (ACS), Bonk (BONK), Orca (ORCA), Raydium (RAY), Render (RENDER), and Jupiter (JUP).
At 5:27 a.m., Upbit announced that deposits and withdrawals of digital assets on the Solana network would be temporarily suspended due to a wallet system inspection. Then, starting at 8:55 a.m., all virtual asset deposit and withdrawal services were suspended, and emergency measures were taken for related network and wallet systems. In addition, to prevent further abnormal transfers, all assets were moved to cold wallets.
Upbit explained in its notice, "The abnormal withdrawal occurred from the 'hot wallet' that Upbit was operating," and added, "No breach or theft occurred in the secure cold wallets where assets are separately stored."
On-chain measures were also implemented in parallel. Dunamu tracked the movement of assets transferred to external wallets and, in cooperation with project teams, requested the freezing of assets wherever possible. During this process, approximately 2.3 billion KRW worth of Solayer was successfully frozen. The amount of Solayer frozen was also revised down from the initial 12 billion KRW after adjusting the valuation to the price at the time of the hacking.
The company continues to track the remaining assets. Additional asset freezing measures are being carried out in cooperation with relevant projects and institutions.
Alongside these efforts, a comprehensive security inspection is underway not only for Solana-based assets but for the entire digital asset deposit and withdrawal system. Deposit and withdrawal services will be gradually resumed as soon as the inspection is complete and safety is ensured.
Dunamu stated, "We immediately identified the scale of losses caused by the abnormal withdrawal," and added, "We will fully compensate for any losses using Upbit’s own assets to ensure that no member assets are affected."
Meanwhile, the Financial Supervisory Service dispatched an on-site inspection team to Upbit that day. A representative from the Financial Supervisory Service explained, "We are currently assessing the situation."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
