25.12.07.Today News : Upbit Loses 100 Billion Coins in 54 Minutes as Solana Tokens Drain Out

Upbit Loses 100 Billion Coins in 54 Minutes as Solana Tokens Drain Out

📍Rapid outflow of Solana-based tokens and delayed reporting raise concerns over Upbit’s security and oversight.

Upbit, South Korea’s largest cryptocurrency exchange, suffered a massive breach in which more than 100 billion Solana-based coins were drained in less than an hour, while the exchange reported the incident to authorities several hours later, intensifying criticism over its security response.

---

🔹Massive Solana Token Outflow Completed in 54 Minutes
South Korea’s top cryptocurrency exchange Upbit confirmed that over 100 billion Solana-based tokens were transferred to unauthorized external wallets during a hacking attempt that unfolded within just 54 minutes. According to data submitted by the Financial Supervisory Service (FSS) to Rep. Kang Min-guk of the National Assembly’s Political Affairs Committee, the breach occurred between 4:42 a.m. and 5:36 a.m. on October 27.

A total of 24 types of Solana-ecosystem tokens—amounting to 104,064,704,384 coins—were siphoned out during the attack. The estimated loss reached 44.48 billion won, meaning that roughly 13.73 million won (or 32.12 million coins) were drained every second.

Upbit customers’ losses amounted to approximately 38.6 billion won, of which around 2.3 billion won was frozen in time. Upbit’s own corporate asset loss totaled about 5.9 billion won.

🔹Major Tokens Affected and Breakdown of Losses
By volume, the token BONK accounted for the overwhelming majority, with 103.12 billion coins (99.1%) lost, amounting to 1.52 billion won. By monetary value, Solana (SOL) saw the highest financial damage with 18.98 billion won (42.7% of the total), followed by Pudgy Penguin (3.85 billion won) and Official Trump (2.91 billion won).

Other affected tokens included MEW (379 million coins worth 689 million won) and PENGU (225 million coins worth 3.85 billion won), showing that the attack targeted a wide range of Solana network assets.

🔹Initial Detection Followed by Delayed Reporting
Upbit’s internal wallet management team first detected suspicious transfers at 4:42 a.m. on October 27. The exchange convened an emergency meeting 18 minutes later and suspended deposits and withdrawals of Solana-based assets at 5:27 a.m., later halting all digital asset transfers at 8:55 a.m.

However, criticism mounted due to the delay in reporting the incident to regulators. Upbit contacted the FSS by phone only at 10:58 a.m.—roughly six hours after the initial detection—and filed an official written report at 11:45 a.m. Reports were sent to the Korea Internet & Security Agency (KISA) at 11:57 a.m., the police at 1:16 p.m., and the Financial Services Commission (FSC) around 3 p.m.

Under the Act on the Protection of Virtual Asset Users, virtual asset operators must immediately inform the FSC and the FSS of suspected abnormal transactions without delay.

🔹Regulatory Gaps and Repeated Security Concerns
The FSS is currently conducting an on-site inspection to determine the cause of the hacking incident. However, existing regulations do not contain explicit provisions allowing authorities to impose sanctions or compensation orders on virtual asset exchanges in the event of a hacking-related loss.

Despite Upbit having undergone extensive security consulting following a major hacking incident in 2019—completing 33 consulting projects over seven years at a cost of 17 billion won—this latest breach has amplified concerns about the exchange’s security controls.

Rep. Kang Min-guk urged regulators to thoroughly review Upbit’s delayed response and examine whether the outflow of exclusively Solana-based tokens indicates a structural problem within the Solana network or flaws in Upbit’s payment-account architecture.

One-line summary : Upbit lost over 100 billion Solana-based tokens in just 54 minutes while reporting the breach hours late, sparking concerns over its security and response system.