South Korea’s leading cryptocurrency exchange, Upbit, has halted all deposits and withdrawals following the detection of approximately $36 million in unauthorized transactions from a hot wallet linked to the Solana network. This breach was discovered on the same day that its parent company, Dunamu, concluded a substantial $10 billion acquisition agreement with Naver.

In its declaration, Upbit mentioned that the suspicious activities were identified around 4:42 AM local time, leading to an immediate suspension of transfer services and a comprehensive security assessment of the cryptocurrencies it supports.

The breach appears to be confined to the hot wallet, with Upbit clarifying that cold-wallet reserves are unaffected. Remaining assets have been transferred into cold storage, and the exchange is attempting to execute on-chain freezes.

This incident has renewed scrutiny on Dunamu, particularly after its recent acquisition announcement, and echoes a similar breach from 2019 when Upbit lost nearly $50 million to North Korean hackers known as Lazarus.

🚨 ALERT: Upbit suspends deposits and withdrawals after $38.5M abnormal outflow on Solana network, reporting the assets were transferred to unknown wallet on Nov 27. Upbit confirms it will cover all losses. source

Upbit to Compensate Users for Lost Funds

Upbit confirmed that the suspension of deposits and withdrawals will remain effective until the security review is finished. While trading continues to function normally, users are unable to transfer funds off the platform during this investigation.

The company reassured customers that any funds lost due to this incident will be reimbursed from reserves, stressing that no customer assets will be permanently lost as a result of the breach. Customers do not need to take any action to retrieve their funds, although Upbit has requested patience while it conducts an audit and cooperates with regulators.

Reports indicate that financial authorities have begun on-site inspections to further understand the breach’s context.

Additionally, on-site inspections have already commenced to gain deeper insights into the situation. Although Upbit has confirmed that customer funds will be returned, it has not specified a timeline for this recovery.

Crypto Exchanges as Prime Targets for Cybercriminals

At a recent conference, Trezor’s CEO, Matej Zak, remarked on the persistent security challenges facing cryptocurrency exchanges, asserting that “Exchanges are obviously massive honeypots for hackers. And since security is a moving target, this problem is not going away.”

Zak highlighted the troubling escalation in cryptocurrencies lost to security breaches over the year, with a report revealing around $2.47 billion was stolen in various incidents during the first half of 2025.

He referred to the Bybit hack in March, noting it remains one of the largest breaches recorded in the sector.

Security Incident Coincides with Dunamu’s Expansion Plans

This incident occurs at a pivotal time for Upbit, which is undergoing significant changes following a $10.3 billion acquisition deal with Naver. According to filings, Naver will conduct a stock-swap deal valued at 15.1 trillion won, issuing 87.5 million new shares to Dunamu shareholders, ultimately making Dunamu a wholly owned subsidiary of Naver.

Furthermore, Dunamu is also preparing for a public offering in the U.S. post-merger and has announced plans to invest nearly $7 billion over the next five years to enhance its Web3 and artificial intelligence capabilities.