Massive $37 Million Drain: Why Upbit Was Hit Hard on the Solana Network?

South Korea’s leading cryptocurrency exchange, Upbit, has confirmed a security breach that resulted in an unauthorized outflow of approximately 54 billion Korean won (roughly USD$36.8–37 million) in Solana-network assets. The incident has rattled the crypto community, prompting immediate action from the exchange, including a complete suspension of deposits and withdrawals on the Solana network, and a rapid shift of remaining assets to cold storage.

What Happened: A Breakdown of the Hack

At approximately 4:42 a.m. local time, Upbit’s security systems detected an “abnormal withdrawal” of multiple Solana-based tokens from its hot wallets, the wallets used for active deposits and withdrawals. The assets drained included major cryptocurrencies like SOL, stablecoins like USDC, and a wide variety of ecosystem tokens such as BONK, JUP, RAY, ORCA, RENDER, and PYTH.

Within minutes, Upbit froze its Solana operations, shifted back-end funds into secure cold wallets, and began on-chain freezing attempts aimed at halting further outflows. Reportedly, around ₩12 billion (~ a portion of the stolen tokens) of a token named LAYER has already been frozen.

Why Solana And What It Reveals About the Risk

The hack underscores a growing vulnerability for centralized exchanges that support multiple blockchains. Solana, known for its speed and low fees, has seen a rapid expansion of tokens, DeFi platforms, and meme-coin projects, but with that growth comes increased complexity in wallet management. Consolidating many different tokens under a shared hot-wallet infrastructure may increase risk, especially when tokens vary widely in their smart-contract standards and security practices.

Upbit’s breach suggests either a private key compromise, a hot-wallet vulnerability, or a deeper flaw in how certain Solana-based assets were managed. Although the exchange has not disclosed precise technical details, the broad range of tokens affected, from SOL and USDC to alt-tokens and stable-assets, points toward a systemic security breakdown rather than a single-token exploit.

Upbit’s Response: “Users Will Be Made Whole”

To avoid panic and preserve trust, Upbit’s parent company, Dunamu, immediately announced that the exchange will cover 100% of the losses from its own reserves, thereby guaranteeing that no customer will suffer losses due to the hack.

At the same time, operations remain suspended for Solana-based deposits and withdrawals, while a full audit of Upbit’s wallet infrastructure and security protocols is underway. On-chain freezing efforts and cooperation with relevant authorities have also been initiated.

What This Means for Crypto Exchanges and the Solana Ecosystem

• Trust vs. Risk: Even top-tier exchanges, previously audited and certified for security, can suffer large-scale losses if hot wallets are compromised.
• Solana’s Growing Challenge: As the Solana ecosystem expands rapidly, exchanges supporting a wide variety of tokens must ensure robust security protocols and wallet segregation.
• Regulatory and Market Fallout: This hack comes at a sensitive time, just as Dunamu announced a major merger with Naver Financial, positioning itself for a bigger role in South Korea’s digital finance landscape. The breach could raise fresh regulatory scrutiny and shake user confidence across crypto platforms.

FAQs

Q: How much money was lost in the Upbit Solana hack?
A: Upbit reported an approximate loss of 54 billion Korean won, which is roughly USD$36.8–37 million.

Q: Which cryptocurrencies were affected by the hack?
A: The hack impacted a wide range of Solana-network assets, including SOL, USDC, and ecosystem tokens such as BONK, JUP, RAY, ORCA, RENDER, PYTH, among others.

Q: Will users lose their funds due to this breach?
A: No, Upbit and its parent company, Dunamu, have pledged to cover the entire loss from their own reserves. Users’ assets are guaranteed to remain unaffected.

Q: What actions has Upbit taken to prevent further losses?
A: Upbit suspended all Solana-network deposits and withdrawals, moved remaining assets into secure cold wallets, initiated on-chain freezing of tokens, and launched a full security audit of its wallet infrastructure.

Q: Does this hack reflect a problem with the Solana blockchain itself?
A: Not necessarily. The breach seems to stem from compromised hot-wallet security or wallet-management procedures at Upbit, not a fundamental flaw in the Solana blockchain. Still, it highlights the risks associated with centralized exchanges handling many different tokens on a fast-growing network.

Q: Has Upbit been hacked before?
A: Yes. In November 2019, Upbit suffered a hack where roughly US$48.5 million worth of Ethereum was stolen