FSS Initiates Enforcement Against Upbit Operator After 44.5B Won Hack

SOL1.66%
BTC0.80%
Naver0.21%

South Korea's Financial Supervisory Service (FSS) recently sent an inspection opinion letter to Dunamu, the operator of Upbit, initiating enforcement proceedings approximately seven months after a hacking incident that resulted in the theft of 44.5 billion won in virtual assets. The hack occurred on November 27 when approximately 100 billion Solana-network coins valued at 44.5 billion won were transferred to external wallets during a 54-minute window from 4:42 AM to 5:36 AM. The FSS action follows criticism of Dunamu's delayed disclosure—the company announced the breach only after a merger event with Naver Financial concluded on the day of the incident—and addresses potential violations of the Virtual Asset User Protection Act, though current law lacks direct sanctions for hacking and system failures.

November 27 Hack Transferred 44.5 Billion Won in 54 Minutes

The hacking incident at Upbit, South Korea's largest virtual asset exchange, took place on November 27 from 4:42 AM to 5:36 AM, during which approximately 100 billion Solana-network coins valued at 44.5 billion won were transferred to external wallets. Dunamu disclosed the breach only after the conclusion of a merger event with Naver Financial on the same day, drawing criticism for delayed notification to users and regulators.

Dunamu Recovered 2.6 Billion Won and Compensated Users 38.6 Billion Won

Of the 44.5 billion won in stolen assets, Dunamu froze and initiated recovery procedures for 2.6 billion won. The company fully compensated user losses totaling 38.6 billion won using Upbit's own assets, according to financial authorities and industry sources.

FSS to Send Sanction Opinion Letter After Explanation Procedure

The FSS will proceed with an explanation procedure before sending a sanction opinion letter to Dunamu that specifies the level of penalties. Final sanctions will be determined through reviews by the Sanction Review Committee, the Securities and Futures Commission, and the Financial Services Commission. FSS Governor Lee Chan-jin stated at a press conference at the end of last year that while there are "relative limitations" in sanction authority, "this is not something that will simply be overlooked."

The Virtual Asset User Protection Act focuses primarily on user protection and unfair trading practices and does not contain direct sanctions for hacking or system failures. Authorities plan to include hacking and system failure sanctions and compensation provisions in the second-stage virtual asset legislation (Digital Asset Basic Act).

Bithumb Under Review for 60 Trillion Won Bitcoin Overpayment Incident

The FSS has also completed its inspection of Bithumb following an incident in which an employee mistakenly entered "Bitcoin" instead of "won" as the unit, resulting in the erroneous payment of 620,000 Bitcoin valued at 60 trillion won to 249 users. The FSS will initiate enforcement proceedings against Bithumb once legal review is completed.

Top 5 Exchanges Reported 57 Hacking and System Incidents Since 2020

Including the Dunamu and Bithumb cases, the top five virtual asset exchanges in South Korea self-reported a total of 57 hacking and system incidents over the six-year period from 2020 to April 2026. The breakdown by exchange is: Upbit 26 incidents, Bithumb 14 incidents, Gopax 8 incidents, Coinone 6 incidents, and Korbit 3 incidents.

FAQ

What enforcement action did the FSS take against Dunamu after the Upbit hack?
The FSS sent an inspection opinion letter to Dunamu approximately seven months after the November 27 hacking incident, initiating enforcement proceedings. The FSS will send a sanction opinion letter after an explanation procedure, with final sanctions determined through reviews by the Sanction Review Committee, the Securities and Futures Commission, and the Financial Services Commission.

How much did Dunamu recover and compensate following the 44.5 billion won hack?
Dunamu froze and initiated recovery procedures for 2.6 billion won of the stolen assets. The company fully compensated user losses totaling 38.6 billion won using Upbit's own assets.

Why does the Virtual Asset User Protection Act have limited sanctions for hacking incidents?
The Virtual Asset User Protection Act focuses primarily on user protection and unfair trading practices and does not contain direct sanctions for hacking or system failures. Authorities plan to include hacking and system failure sanctions and compensation provisions in the second-stage virtual asset legislation (Digital Asset Basic Act).

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments