Upbit, touted as the largest crypto exchange in South Korea, was hacked for over $30 million on Thursday, November 27. The development was confirmed by Oh Kyung-seok, the CEO of Upbit’s parent company, Doonamu. Investigation into the hack attack is presently underway.
As informed by Oh Kyung-seok, the Seoul-headquartered identified “abnormal” withdrawal activity from within its Solana-based token network on Thursday. As a preventative measure, Upbit has halted deposits and withdrawals for now.
“We will cover the entire amount with Upbit assets to ensure no damage to members’ assets,” the acknowledgement by Oh Kyung-seok noted, pointing out that the outflow amount has been corrected from KRW 54 billion (roughly $36.9 million) to KRW 44.5 billion (roughly $30 million).
Tokens stolen in this attack include Solana (SOL), USDD, and Official Trump (TRUMP) alongside BONK, ORCA, and PYTH among others. On-chain analytics platforms like Arkham and LookonChain show tokens having roped-out of the Upbit network into unknown wallets.
“We are taking on-chain measures to freeze relevant digital asset transactions to the extent possible, and have completed the freezing of some assets (approximately KRW 2.3 billion [$1.5 million] worth of Solaire). We are continuing to track the remaining assets and are working with relevant projects and institutions to implement additional asset freezes,” Oh Kyung-seok noted.
For now, the propagator of the attack remains unidentified. The exchange has invited information regarding the incident from the community to add to the ongoing investigative measures.
As per Elliptic, over $2 billion have been stolen by North Korean crypto hackers alone this year. The $1.5 billion hack of ByBit in February has been the largest in 2025.
Balancer, Bunni DEX, and Nemo are Web3 projects that have suffered hack attacks in recent months.