de
zh
fr
es
tr
pt
nl
ru
uk
hi
South Korea's largest cryptocurrency exchange, Upbit, has found itself in the spotlight after reporting significant losses due to a hack of its hot wallet linked to the Solana network. On Thursday, November 27, 2025, the exchange confirmed that approximately $36 million in assets, equivalent to approximately 54 billion won, were stolen as a result of unauthorized hacking.
Hack Detection
According to Upbit CEO Oh Kyung-seok, the incident was detected at 4:42 AM local time. The exchange discovered that some assets were transferred to a wallet address not registered in its system, indicating external interference. In response, Upbit suspended some of its services so investigators could track the movement of the stolen funds.
Affected Assets
The stolen assets included both meme coins and decentralized finance tokens. Specifically, the list of affected assets includes:
- Meme Coins:
- Bonk (BONK)
- Moodeng (MOODENG)
- Official Trump (TRUMP)
- Decentralized Finance Tokens:
- Sonic SVM (SONIC)
- Access Protocol (ACS)
- Jito (JTO)
- Solana (SOL)
- Raydium (RAY)
- Other Tokens:
- Pudgy Penguin (PENGU)
- Circle's USD Coin (USDC)
Upbit Response
Upon discovering the unauthorized transfers, Upbit immediately initiated an emergency security review of all associated networks and wallet systems. Oh Kyung-seok noted that the extent of the losses was determined internally immediately after the incident was confirmed. He also added that Upbit will fully compensate for all losses with its own assets to ensure there is no impact on platform users.
Measures to Prevent Further Losses
To prevent further unauthorized withdrawals, Upbit has transferred all remaining assets to cold storage. The exchange is also coordinating with relevant projects to lock the stolen funds offline, following the successful locking of a portion of Solayer (LAYER) assets.
In Conclusion
The Upbit hot wallet hack highlights the importance of security in the cryptocurrency space. Despite significant losses, the company responded promptly to the incident and was willing to compensate its users. This event serves as a reminder of the need for continuous monitoring and improvement of security systems on cryptocurrency platforms to protect users' assets from potential threats.
