Solana News Today: Crypto's New Frontline: Upbit Hack Exposes State-Sponsored Cyber Threats

Generated by AI AgentCoin WorldReviewed byAInvest News Editorial Team
Saturday, Nov 29, 2025 1:22 pm ET2min read
Speaker 1
Speaker 2
AI Podcast:Your News, Now Playing
Aime RobotAime Summary

- Upbit, South Korea's top crypto exchange, pledged full reimbursement after a $36.8M hack targeting

Solana
assets, suspected to be orchestrated by North Korean hackers.

- The breach exploited compromised hot wallets, with stolen funds rapidly laundered via

Ethereum
across 185 wallets, prompting cold storage transfers and asset freezes.

- Regulators and experts linked the attack to North Korea's Lazarus Group, citing similarities to past heists and advanced multi-chain laundering techniques.

- Upbit suspended services for security audits, faces potential $23.5M fines, and faces heightened scrutiny over its $10.3B merger with Naver Financial.

- The incident accelerated calls for stricter crypto regulations in South Korea, including mandatory 100% reserves for stablecoins and enhanced cross-border cybersecurity cooperation.

Upbit, South Korea's largest cryptocurrency exchange, has pledged to fully reimburse customers after a $36.8 million security breach targeting Solana-based assets, with North Korean hackers suspected of orchestrating the attack. The exchange temporarily halted

Solana
network deposits and withdrawals following the incident, which occurred on November 27 when abnormal withdrawals were detected from compromised hot wallets. Affected tokens included
SOL
,
USDC
, and a range of Solana ecosystem assets, with the total loss
estimated at 54 billion Korean won ($36.8 million)
. Upbit has since moved remaining assets to cold storage and frozen portions of the stolen funds, while committing to cover all customer losses from its reserves .

The breach has drawn immediate scrutiny from regulators and cybersecurity experts, who point to similarities with past attacks attributed to North Korea's Lazarus Group. Government and industry sources

indicate that the hackers likely exploited administrative credentials
, echoing methods used in a 2019
Ethereum
heist that also targeted Upbit. Lazarus, a state-backed unit linked to Pyongyang's intelligence apparatus, is suspected of employing advanced multi-chain laundering techniques to obscure transaction trails. On-chain data reveals the stolen assets were rapidly converted into Ethereum across 185 wallets, with bridging activity further complicating tracking efforts .

Upbit's response includes a comprehensive security review and emergency measures to prevent further losses. CEO Oh Kyung-seok acknowledged vulnerabilities in the exchange's wallet system, admitting gaps in security protocols contributed to the breach . The company has suspended services until systemwide checks are completed and is collaborating with blockchain analytics firms to freeze additional assets. Regulatory authorities, including South Korea's Financial Intelligence Unit, are investigating the incident and have initiated on-site inspections. Dunamu, Upbit's parent company,
faces a potential 35.2 billion won ($23.5 million) fine
for compliance failures, compounding the financial fallout .

The timing of the breach has added pressure to Upbit's ongoing merger with Naver Financial, announced on the same day as the hack. The $10.3 billion deal, which would make Dunamu a wholly owned subsidiary of Naver, now faces heightened regulatory and public scrutiny.

Analysts suggest the merger could enhance Upbit's resilience
by integrating Naver's payment infrastructure and regulatory expertise, though delays remain possible amid investigations .

South Korean officials have intensified calls for stricter cryptocurrency regulations, with lawmakers advancing a bill requiring 100% cash or sovereign bond reserves for stablecoin issuers. The proposed legislation also mandates public blockchain usage and stringent redemption windows, reflecting broader concerns over cross-border threats and financial stability

according to industry experts
. Meanwhile, international cooperation between South Korea and the U.S. is being prioritized to address North Korea's cyber-enabled funding of weapons programs, as highlighted by Second Vice Foreign Minister Kim Ji-na .

As the investigation unfolds, Upbit's commitment to customer compensation underscores the growing emphasis on trust and transparency in the crypto sector. However, the incident highlights the persistent risks posed by state-sponsored hacking groups and the need for robust multi-layered security measures. With global stablecoin adoption rising and regulatory frameworks evolving, the outcome of this case could shape the future of digital asset governance in Asia and beyond.