Business Sandesh Indian Newspaper | Articles | Opinion Pieces | Research Studies | Findings & News | Sandesh News
South Korean authorities are intensifying scrutiny of Binance’s response to the November 27, 2025, hack of Upbit, the country’s largest cryptocurrency exchange, where attackers stole approximately 44.5 billion won ($30 million) in Solana-based assets. Officials claim the global exchange provided only “partial” assistance in freezing suspicious funds, freezing just 17% of the requested amount after a 15-hour delay, despite urgent pleas from police and Upbit.
The breach, detected early that morning, involved hackers exploiting vulnerabilities in Upbit’s hot wallet transfers, siphoning assets like Bonk meme coins and smaller holdings in Pudgy Penguins and Trump-themed tokens. In a sophisticated laundering scheme, the stolen funds were fragmented across over 1,000 wallets, bridged through multiple blockchains, and swapped via token bridges to evade tracking. Most eventually flowed into Binance service wallets, prompting an immediate request to freeze about 470 million won ($370,000) in confirmed Solana tokens.
According to reports from broadcaster KBS, Binance cited “additional verification” needs for the delay and partial action, ultimately blocking only 80 million won ($55,000). “Not all assets stolen in the Upbit hack have been frozen,” police stated, highlighting how the lag allowed further movement, with much of the haul converted to Ethereum for better liquidity. Binance declined specifics on the ongoing investigation but reaffirmed its commitment to cooperating “with relevant authorities and partners wherever appropriate” through official channels.
Suspicions point to North Korea’s Lazarus Group, echoing a 2019 Upbit hack of $51 million in Ethereum attributed to the same actors. The Financial Supervisory Service (FSS) launched an on-site inspection, while the National Office of Investigation elevated the case to a full criminal probe. Upbit, operated by Dunamu, pledged full user compensation from corporate funds and shifted 99% of assets to cold storage, exceeding regulatory mandates.
Broader Implications for Crypto Security
This incident exposes glaring gaps in cross-border enforcement. Law enforcement lacks legal power to compel exchanges like Binance to act swiftly, relying on voluntary compliance amid litigation risks. Experts argue rapid freezes—ideally within minutes—could curb losses, but delays enable laundering via tools like Railgun’s zero-knowledge proofs. South Korea is accelerating “Phase 2 Virtual Asset Legislation,” imposing bank-level no-fault liability on exchanges for hacks, mandating compensation regardless of fault. This could set a global precedent, pressuring platforms to enhance real-time monitoring and international hotlines.
As the probe unfolds, recovery hopes hinge on blockchain analytics and tighter global coordination. The hack, Upbit’s second major breach, underscores persistent vulnerabilities in centralized exchanges, eroding trust in an industry eyeing institutional adoption. With $36 million still at stake, the fallout may reshape crypto’s regulatory landscape.
