Author: Chloe, ChainCatcher

The South Korean cryptocurrency exchange Upbit disclosed that it detected abnormal withdrawal behavior around 4 AM today, with approximately 44.5 billion Korean won (about 30.43 million USD) worth of assets on the Solana network (including SOL, USDC, and a range of smaller tokens) being transferred to an unspecified external wallet. Upbit stated, "We immediately confirmed the asset outflow caused by the abnormal withdrawal and will cover the entire amount with Upbit's assets to ensure that user assets are not harmed."

Upbit has now frozen about 2.3 billion Korean won (approximately 1.57 million USD) in funds, and other assets are being continuously tracked.

After the incident, the exchange quickly locked down its infrastructure, transferring all assets to secure cold wallets to prevent unauthorized transfers, and conducted security reviews on each wallet and signature system.

Coincidentally, Upbit was also hacked six years ago today. According to Cryptonews, the incident was attributed to North Korean hackers, with stolen ETH valued at approximately 41.5 million USD. After the theft, Upbit similarly used its own funds to cover the entire amount and suspended trading for two weeks.

Currently, Upbit stated that it is collaborating with multiple projects and relevant institutions to attempt to further freeze or recover the stolen tokens and is preparing to hand over information to law enforcement. According to South Korean media BlockMedia, the Financial Supervisory Service's Virtual Asset Regulatory Bureau has immediately launched an inspection of the platform. The Financial Supervisory Service stated, "We have been informed of this hacking incident and are currently investigating the origins of the hacker attack, the extent of the losses, and the measures taken to protect customer assets."

Additionally, according to Beosin Trace analysis, some of the funds that flowed out abnormally from Upbit have begun to be transferred. Among them, a Binance user address (starting with 2zR) has received SOL worth approximately 315,000 USD from multiple intermediary addresses after the incident.

Furthermore, Ki Young Ju, the founder of Crypto Quant, also posted on the X platform stating that after Upbit suspended withdrawals due to the hacking attack, arbitrage bots temporarily halted, allowing retail investors in South Korea to take the opportunity to drive up the prices of various altcoins on the platform.

Just Announced a Merger, Then Suspended Deposits and Withdrawals Due to Asset Theft

Upbit's parent company Dunamu just announced a merger with Naver Financial yesterday, with a transaction valuation of approximately 10.3 billion USD, making it one of the largest mergers in South Korean financial history. In addition to promoting the Korean won stablecoin and payment ecosystem, it also aims to pave the way for Upbit's listing in the United States.

According to previous reports, the boards of both parties will merge through a full stock exchange method, with Dunamu's share exchange price set at 439,252 Korean won per share and Naver Financial's at 172,780 Korean won per share, with an exchange ratio determined at 1:2.54. Meanwhile, Dunamu's co-founders will hold approximately 30% of the merged entity's shares, becoming the largest shareholders. To avoid breaching South Korean antitrust laws, Dunamu will delegate more than half of the voting rights to Naver, allowing the merger structure to pass smoothly.

Recent financial reports released by Dunamu have solidified its leading position in South Korea's digital asset exchange market, with net income in the third quarter increasing by 300% year-on-year to 165 million USD, growing over 300% compared to the same period last year, and its financial performance has given a strong boost to this merger.

This merger also demonstrates the high complementarity of both parties' businesses. Naver, as a top technology giant in South Korea, has expanded its business landscape from its initial search engine to various fields such as e-commerce (Naver Shopping), payments (Naver Pay), and digital content (Naver Webtoon), forming a complete business ecosystem. With the launch of Dunamu's self-developed L2 GIWA Chain, it is no longer limited to exchange operations but is transitioning to the role of a blockchain infrastructure provider, which perfectly complements Naver's diversified business scenarios. Additionally, this merger lays the foundation for the Korean won stablecoin, which Dunamu is developing and will be issued primarily through Naver Pay, effectively connecting the blockchain infrastructure to user-end payments.

However, due to the risks associated with stablecoins, compliance issues for exchanges, and market competition, this transaction still requires review by South Korea's financial supervisory authorities and the Fair Trade Commission. Furthermore, in early November, Dunamu was fined approximately 25 million USD by the Financial Intelligence Unit (FIU) for KYC violations. It also suspended new user registrations and deposits and withdrawals on Upbit for three months.

South Korean Regulators Crack Down on Exchanges, Upbit Faces Challenges in Seeking NASDAQ IPO

This is one of the heaviest fines imposed on cryptocurrency exchanges in South Korea in recent years and is part of the government's extensive law enforcement actions against anti-money laundering and KYC violations in the cryptocurrency industry.

The FIU stated, "During the anti-money laundering review of Dunamu, approximately 5.3 million KYC violations were discovered." The agency also pointed out that Dunamu failed to report 15 suspicious transactions.

According to CoinDesk, Dunamu did not immediately plead guilty to this hefty fine and is even conducting an internal review to appeal. A Dunamu spokesperson emphasized that the FIU has made errors in judgment in the past. "The FIU previously fined Hanbitco 2 billion Korean won for KYC deficiencies involving about 200 users, but the Seoul court later revoked that fine, ruling that the case did not constitute money laundering."

However, this time, South Korean regulatory agencies are not backing down, having thoroughly searched Dunamu, Korbit, GOPAX, Bithumb, and Coinone. According to the FIU report, during the review of their anti-money laundering and other regulatory compliance, it was found that Bithumb, Coinone, Korbit, and GOPAX also violated multiple regulations.

As South Korea's largest cryptocurrency exchange, the penalties faced by Upbit since the beginning of the month and today's asset theft incident coincide with the recent announcement of the merger plan between Dunamu and Naver Financial, particularly during this sensitive period when Upbit is considering seeking a NASDAQ IPO, undoubtedly posing challenges to its expansion plans.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。