Key Takeaways
- Upbit is deleting all old deposit addresses after a Nov. 27 breach exposed vulnerabilities in its hot-wallet infrastructure.
- Every user must generate new deposit addresses across all supported assets.
- The overhaul comes as regulators scrutinize Upbit in the wake of a $36 million loss and just months ahead of Dunamu’s $10.3 billion sale to Naver Financial.
Upbit, South Korea’s largest crypto exchange, is taking the unusual step of wiping every single deposit address from its platform, a sweeping security reset following the Nov. 27 breach that drained more than $36 million worth of crypto.
A Drastic Reset
Instead of patching the specific wallet affected, Upbit is tearing down its entire deposit-address system and rebuilding from scratch.
The exchange says the purge is part of a broader hardening of its wallet infrastructure after the hack revealed lingering vulnerabilities.
Every user — across every asset and every network — must now generate new addresses before depositing again.
All Old Deposit Addresses Deleted
Upbit has formally retired all previously issued deposit addresses.
Any crypto sent to those addresses will either be permanently lost or delayed significantly while the exchange attempts manual recovery.
In its announcement, Upbit urged customers to delete the old addresses from external wallets and exchanges to avoid “future misuse or incorrect deposits.”
This reset applies to all networks, not just Solana — the chain involved in last week’s breach.
The company said the decision was meant to eliminate any chance that compromised keys or undiscovered vulnerabilities remain in circulation.
Alongside the reset, Upbit is conducting a top-to-bottom security review of its deposit and withdrawal systems, with deeper audits and more restrictive access controls.
South Korea’s Financial Supervisory Service (FSS) is monitoring the process as part of its ongoing inspection.
The overhaul is widely interpreted as a direct response to the hack.
How the Upbit Hack Unfolded
The Nov. 27 incident involved unauthorized transfers of assets including SOL, JUP, RAY, BONK, ORCA, RENDER, PYTH, USDC, TRUMP and others, all moved from Upbit’s hot wallet to an external, unidentified address.
The breach occurred almost exactly six years after Upbit’s infamous 2019 hack, when 342,000 ETH were stolen, a theft believed to be the work of North Korean cyber groups.
This time, Upbit reacted quickly:
- $8.18M in LAYER tokens were frozen on-chain.
- Remaining funds were moved immediately into cold storage.
- The exchange coordinated with token issuers and law enforcement to freeze and track assets.
CEO Oh Kyung-seok publicly acknowledged the “internal security lapse” and said the vulnerability has since been resolved.
Upbit has begun gradually re-opening deposits and withdrawals as each asset clears updated security checks. The staged reopening began Dec. 1 at 1:00 PM KST.
A Breach With Big Implications for Dunamu’s $10.3 Billion Sale to Naver
The timing of the hack could not have been worse.
The hack occurred just one day after Naver Financial announced its deal to acquire Dunamu, Upbit’s parent company, in a massive $10.3 billion all-stock transaction scheduled to close in June 2026.
Upbit controls an estimated 70–80% of South Korea’s crypto trading volume and roughly 5% of global crypto liquidity.
Naver’s acquisition was designed to fuse this dominance with its expanding AI, fintech, and Web3 ecosystem.
But the breach introduces new complications:
- Dunamu must now absorb a $36 million loss on top of,
- A record 35.2 billion KRW (~$26.5 million) regulatory fine earlier in 2025,
- A three-month business suspension tied to compliance failures.
These issues could pressure Dunamu’s 2025 financials, which had been recovering thanks to renewed institutional flows, and may force Naver to renegotiate terms or inject additional capital post-acquisition.
Top Trending Crypto Articles
Prashant Jha is a seasoned crypto journalist based in Delhi, India, with a Bachelor’s Degree in Computer Science Engineering. Passionate about the evolving world of blockchain and cryptocurrencies, he has been a dedicated voice in the industry since 2018. Prashant’s expertise lies in regulatory reporting, where he unravels complex legal and financial developments with clarity and precision. Before joining CCN in 2024, he honed his craft at Cointelegraph, establishing himself as a trusted name in crypto journalism.
His coverage spans major industry events, including the high-profile collapses of FTX, Three Arrows Capital (3AC), and LUNA, offering readers insightful analyses of their regulatory and market implications. Prashant’s technical background enables him to bridge the gap between intricate blockchain technology and its real-world applications, making his work accessible to novices and experts.
Beyond his professional pursuits, Prashant is an avid music enthusiast, often exploring diverse genres to unwind. A sports lover, he has a particular passion for cricket and frequently engages in discussions about the game. His multifaceted interests and sharp journalistic instincts make him a valuable contributor to CCN, where he continues shaping the crypto landscape's narrative.
