The incident occurred in the context that Upbit 's parent company, Dunamu, had just signed a $10 billion acquisition deal with Naver and was planning an IPO in the US .
South Korea's largest cryptocurrency exchange, Upbit , temporarily froze deposits and withdrawals on Thursday after detecting about $36 million being illegally withdrawn from a hot wallet on the Solana network .
In the announcement, the exchange said the suspicious transactions were detected at around 4:42 a.m. local time (7:42 p.m. UTC) , leading to the suspension of all remittance services and a comprehensive security review of assets supported on the platform.
Upbit confirmed that the breach was limited to its hot wallet , stressing that assets in Cold Storage were safe . The exchange has moved the remaining assets to Cold Storage and begun implementing blockchain blockade measures.
The incident has brought attention back to Dunamu, which recently announced a $10 billion acquisition of fintech group Naver . It also brought back memories of the 2019 attack, when Upbit lost nearly $50 million in an attack by North Korean hacker group Lazarus .
Upbit pledges to refund affected users
Upbit said it has suspended all deposits and withdrawals on the platform as a precautionary measure, and the freeze will remain in place until the security audit is complete. The suspension does not apply to assets on the Solana network alone , but is system-wide to ensure safety and assess remaining risks.
Trading (buying and selling) on the exchange is still going on normally. However, users cannot transfer money into or withdraw money from the exchange while the security review is in progress.
The company also reassured that any balances lost due to the security incident will be fully refunded using the exchange's reserve funds , emphasizing that no customer assets were lost as a result of the incident .
Upbit said users do not need to take any action to get their funds back. However, the exchange asked users to wait patiently while it conducts a full audit of the platform and coordinates with regulators to complete the investigation.
According to local reports, South Korean financial authorities have begun conducting on-site inspections to clarify the matter.
While Upbit has assured customers that they will receive a full refund, it has not given a specific timeline for a full system recovery.
Crypto exchange: “fat bait” for hackers
At the TBD conference, Trezor CEO Matej Zak said that security issues surrounding cryptocurrency exchanges will not be solved in the short term .
“Exchanges are clearly a huge honeypot for hackers. And with security being a moving target, this issue isn’t going away anytime soon,” Zak said.
He highlighted the increase in stolen crypto assets in 2025. On July 1, blockchain security firm CertiK reported that approximately $2.47 billion was stolen through hacks, scams, and exploits in the first half of 2025 .
Zak also mentioned Bybit 's $1.5 billion hack in March , which is XEM one of the largest attacks in crypto history.
The incident comes amid Dunamu's global expansion.
This incident comes at a pivotal time for Upbit, as parent company Dunamu has just reached a $10.3 billion acquisition deal with South Korea's leading search engine company – Naver .
Naver Financial will acquire Dunamu, the operator of Upbit , through a stock swap , in a deal valued at 15.1 trillion won (about $10.3 billion) , according to a filing Wednesday. Naver will issue 87.5 million new shares to Dunamu shareholders, making Dunamu a 100% subsidiary .
In addition to the merger plan, Dunamu also plans to have an initial public offering (IPO) in the US after completing this deal.
In addition, Naver and Dunamu are said to have plans to invest nearly $7 billion over the next five years to develop an ecosystem for Web3 technology and artificial intelligence (AI) .
