South Korean FSS Begins Sanctions Process Against Upbit Operator Dunamu

Naver0.21%

South Korea's Financial Supervisory Service (FSS) sent an inspection opinion letter to Dunamu, the operator of crypto exchange Upbit, regarding the $36 million hack from November 2025, local news outlet Yonhap News reported Sunday. The letter marks the formal start of a sanctions procedure by the financial authorities and provides Dunamu with an opportunity to respond to the inspection's findings before the regulator notifies the company of its proposed sanctions. The FSS is reviewing whether the exchange violated the Virtual Asset User Protection Act in connection with the breach and its handling of the incident.

Upbit Delayed Hack Announcement for 54-Minute Breach

The breach lasted approximately 54 minutes, starting at 4:42 a.m. KST on November 27, but Upbit announced the hack only at the end of the day, after a merger-related event involving internet giant Naver Financial concluded. Upbit faced criticism for delaying its announcement of the $36 million exploit, according to Yonhap News. The exchange froze approximately 2.3 billion won ($1.5 million) worth of funds in a statement following the November exploit.

FSS Reviews Virtual Asset User Protection Act Violation

The financial regulator is reviewing whether the exchange violated the Virtual Asset User Protection Act, which provides no direct sanctions provisions related to cyberattacks or computer hacks. South Korean authorities plan to address the regulatory gap by adding sanctions and compensation provisions for hacking and computer system failures to the second phase of the Digital Asset Basic Act, according to the report.

Upbit Reimburses Users and Launches Onchain Tracing System

Upbit said it would fully reimburse affected customers using its own balance sheet assets. The exchange initiated an overhaul of its crypto wallet architecture to address potential vulnerabilities after the exploit and migrated all assets from affected wallets. In December 2025, Upbit said it developed an automatic onchain tracking service, Onchain AI Tracer System, to track the path of the stolen funds and aid potential recovery efforts. Upbit ranks third in CoinMarketCap's crypto spot exchange rankings, based on scores that include traffic, liquidity and trading volumes.

FAQ

What action did South Korea's FSS take against Dunamu? The Financial Supervisory Service sent an inspection opinion letter to Dunamu, the operator of Upbit, marking the formal start of a sanctions procedure related to the $36 million hack from November 2025.

Why did Upbit face criticism after the November hack? Upbit delayed announcing the $36 million exploit, which lasted 54 minutes starting at 4:42 a.m. KST on November 27, until the end of the day after a merger-related event involving Naver Financial concluded.

How did Upbit respond to the $36 million breach? Upbit froze approximately 2.3 billion won ($1.5 million) worth of funds, promised full reimbursement using its own balance sheet assets, overhauled its wallet architecture, and developed the Onchain AI Tracer System in December 2025 to track stolen funds.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments