Upbit Confirms $37 Million Solana Hack, Pledges Full Customer Reimbursement

Quick Breakdown

• Upbit has scheduled the resumption of deposits for December 1 at 1:00 PM (东八区), following hackers’ theft of $37 million in Solana tokens from hot wallets on November 27. 
• The platform deleted old addresses, pledged full user compensation from reserves, and froze $8.18 million in stolen assets. 
• Services restart in phases amid suspicions of the Lazarus Group. 

Upbit resumes deposits after $37M hack loss

Upbit announces the restart of digital asset deposits and withdrawals on December 1 at 1:00 PM (东八区), following a $37 million security breach on November 27 that hit Solana-based tokens in its hot wallets. Hackers stole around 44.5 billion KRW ($30-36 million USD) worth of assets, including Solana (SOL), USDC, and Bonk (BONK), unlike the 2019 Ethereum-focused attack. North Korea’s Lazarus Group faces suspicion for the breach.​

Dear Traders,

To apply the Tick Size Adjustment for the SGD Market and improve trading experience, we will conduct scheduled server maintenance.

Schedule
• 19:00 Dec 1, 2025 ~ (approximately 1 hour), 东八区
• The maintenance duration may vary depending on system… pic.twitter.com/piOxMoq3KD

— Upbit Global (@upbitglobal) November 30, 2025

The exchange halted all transfers immediately and now requires new deposit addresses for each asset, after deleting the old ones to fix vulnerabilities and maintain wallet security. Users must generate fresh addresses and delete any saved Upbit ones from personal wallets or other platforms to avoid delays or loss. Deposits from the suspension period will be processed once services resume, though there may be a delay.​

New addresses mandate security fixes

 

Upbit stresses that old addresses risk processing issues, and that phased rollouts are starting for networks that have passed wallet checks and security reviews. Staking and NFT deposits on those networks follow after stability tests. Deposits made to outdated addresses may experience delays during this upgrade.​

Full user compensation from reserves

Upbit commits to covering 100% of user losses using corporate reserves, while partnering with token foundations to freeze $8.18 million in assets, including LAYER, about 22% of the haul, now useless to thieves. Users might see price shifts due to downtime, and certain assets, like airdrops or delisted tokens, may be limited to withdrawals only. Pre-existing suspensions stay paused until resolved.​

South Korea’s top exchange by volume shows a quick response amid rising 2025 hacks targeting the Solana ecosystem.​

Despite a $37 million hack and regulatory concerns over market concentration, Upbit’s parent company, Dunamu, continues its strategy to achieve a Nasdaq IPO via a merger with Naver. This move, pending approval, aims to expand Wall Street’s access to the Asian crypto market, but the hack and domestic scrutiny pose challenges to Dunamu’s goals and image.

 

Take control of your crypto  portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”