South Korea's Financial Supervisory Service (FSS) sent an inspection opinion letter to Dunamu, the operator of crypto exchange Upbit, regarding the $36 million hack from November 2025, local news outlet Yonhap News reported Sunday. The letter marks the formal start of a sanctions procedure by the financial authorities and provides Dunamu with an opportunity to respond to the inspection's findings before the regulator notifies the company of its proposed sanctions. The FSS is reviewing whether the exchange violated the Virtual Asset User Protection Act in connection with the breach and its handling of the incident.
The breach lasted approximately 54 minutes, starting at 4:42 a.m. KST on November 27, but Upbit announced the hack only at the end of the day, after a merger-related event involving internet giant Naver Financial concluded. Upbit faced criticism for delaying its announcement of the $36 million exploit, according to Yonhap News. The exchange froze approximately 2.3 billion won ($1.5 million) worth of funds in a statement following the November exploit.
The financial regulator is reviewing whether the exchange violated the Virtual Asset User Protection Act, which provides no direct sanctions provisions related to cyberattacks or computer hacks. South Korean authorities plan to address the regulatory gap by adding sanctions and compensation provisions for hacking and computer system failures to the second phase of the Digital Asset Basic Act, according to the report.
Upbit said it would fully reimburse affected customers using its own balance sheet assets. The exchange initiated an overhaul of its crypto wallet architecture to address potential vulnerabilities after the exploit and migrated all assets from affected wallets. In December 2025, Upbit said it developed an automatic onchain tracking service, Onchain AI Tracer System, to track the path of the stolen funds and aid potential recovery efforts. Upbit ranks third in CoinMarketCap's crypto spot exchange rankings, based on scores that include traffic, liquidity and trading volumes.
What action did South Korea's FSS take against Dunamu? The Financial Supervisory Service sent an inspection opinion letter to Dunamu, the operator of Upbit, marking the formal start of a sanctions procedure related to the $36 million hack from November 2025.
Why did Upbit face criticism after the November hack? Upbit delayed announcing the $36 million exploit, which lasted 54 minutes starting at 4:42 a.m. KST on November 27, until the end of the day after a merger-related event involving Naver Financial concluded.
How did Upbit respond to the $36 million breach? Upbit froze approximately 2.3 billion won ($1.5 million) worth of funds, promised full reimbursement using its own balance sheet assets, overhauled its wallet architecture, and developed the Onchain AI Tracer System in December 2025 to track stolen funds.
South Korea FSS Issues Pharma Disclosure Guidelines This Month
FSS Initiates Enforcement Against Upbit Operator After 44.5B Won Hack
South Korea Refers 30+ Crypto Unfair Trading Cases After 2-Year Crackdown
South Korea Plans Digital Asset Basic Law Enactment Within the Year
South Korea Raises Single-Stock Leveraged ETF Deposit to 30M Won