Crypto Reporter
Shalini Nagarajan
Crypto Reporter
Shalini Nagarajan
Share
South Korea’s largest crypto exchange Upbit has revealed a hack worth about 54b won, or roughly $36m, on the Solana network and pledged to fully reimburse customers after tokens were siphoned to an unknown wallet early on Thursday.
Oh Kyung-seok, CEO of Dunamu, which operates Upbit, said the platform moved quickly to halt activity once it detected abnormal withdrawals.
“Upbit immediately suspended deposit/withdrawal services and conducted a comprehensive inspection, prioritizing the protection of member assets,” he said in a notice to users.
It lands almost exactly six years after Upbit suffered another major breach. On the same date in 2019, the exchange lost 342,000 ETH, then worth about $41.5m, in a theft that South Korea later attributed to North Korean hackers.
Authorities say the stolen Ether, now valued at more than $1b, remains one of the largest crypto heists linked to North Korea.
Solana Tokens Moved To Unknown Wallet In Early-Morning Breach
The exchange confirmed that around 4:42am on Nov. 27, a basket of Solana ecosystem assets, including SOL, USDC and a range of smaller tokens, was transferred to an unspecified external wallet.
Upbit described the incident as “abnormal withdrawal activity” tied to the Solana network.
According to the statement, Upbit has identified the full scale of the outflow and will absorb the loss itself.
“We immediately identified the extent of the digital asset outflow caused by the abnormal withdrawals and will cover the entire amount with Upbit assets to ensure no damage to members’ assets,” Oh said.
The company moved quickly to lock down its infrastructure. It shifted all assets to secure cold wallets to prevent further unauthorized transfers, and launched an emergency security review of the affected network and wallet systems.
Deposit And Withdrawal Services To Resume After Systemwide Checks
Upbit also started on-chain response measures. It said it is working to freeze the compromised funds where possible and has already frozen around 12 billion won worth of Solaire tokens. The exchange added that it is continuing to track the remaining assets and is coordinating with relevant projects and institutions to implement additional freezes.
As the situation escalates, regulators and law enforcement are expected to be drawn in next. Further, the exchange is preparing to cooperate with investigative authorities as it pursues attempts to freeze and recover funds linked to the incident.
At the same time, the security sweep may not be limited to Solana alone. Upbit said it is conducting a “comprehensive review of the stability and security of the entire digital asset deposit/withdrawal system, not just the Solana network,” and will resume deposits and withdrawals in stages once it is satisfied with the results.
Throughout the notice, the company stressed that customer balances will not be touched. “To prevent any damage to member assets, the entire amount will be covered by Upbit’s holdings. We would like to reiterate that this will not affect member assets,” the exchange said.
Finally, Upbit asked users to report any suspicious or verifiable information related to the withdrawals to its customer service team and repeated its apology for the disruption.
Multibillion Dollar Deal Positions Upbit For Public Market Ambitions
The attack comes at a sensitive moment for the company. Upbit is moving closer to a potential listing on Nasdaq after reports that Korean internet giant Naver is preparing to acquire its parent company, Dunamu, through a multibillion-dollar stock swap merger.
The deal, which was expected to go before both companies’ boards on Nov. 26, would mark one of the largest corporate consolidations in Asia’s digital finance sector and could shape Upbit’s path toward a public-market debut.
https://cryptonews.com/news/upbit-solana-network-exploit-36m-vows-to-repay-customers/
