
South Korea’s Financial Supervisory Service has begun a formal sanctions process against Dunamu, the operator of crypto exchange Upbit, over the major wallet breach reported in November 2025.
Summary
- South Korea’s FSS opened sanctions proceedings against Dunamu over Upbit’s November 2025 wallet breach case.
- Current law lacks direct hacking penalties, leaving regulators uncertain about how severe sanctions can be.
- Upbit reimbursed affected users and rebuilt wallet systems while regulators continued examining the incident closely.
The action follows a months-long inspection into whether the exchange met its duties under the country’s Virtual Asset User Protection Act.
According to an SBS report citing financial authorities, the FSS recently sent Dunamu an inspection opinion letter. The document gives the company a chance to respond before regulators decide what penalties, if any, should follow. The process then moves through several formal regulatory review stages.
FSS reviews Upbit’s response to the 2025 breach
The November 27 attack affected Solana-based assets held by Upbit. Early estimates varied, with crypto.news reporting losses of about $36 million based on figures available at the time. South Korean reports now place the affected amount at 44.5 billion won, worth about $32 million at current exchange rates.
Upbit said it moved assets to cold wallets, halted deposits and withdrawals, and began tracing the stolen funds after detecting abnormal transfers. In its official customer notice, the exchange said customer losses would be covered with company funds. Authorities later examined both the security failure and the timing of Upbit’s public disclosure.
Legal gap makes the possible sanctions unclear
The current Virtual Asset User Protection Act gives regulators powers over custody, unfair trading and customer protection, but it does not set direct penalties specifically for hacking or computer system failures. That leaves uncertainty around how far the FSS can go in this case.
The regulator will consider Dunamu’s response before issuing advance notice of any proposed action. Final measures would require further review by the sanctions review committee, the Securities and Futures Commission and the Financial Services Commission. South Korean authorities are also considering stronger rules for hacking and technology failures in the next phase of digital asset legislation.
Upbit has faced wider regulatory pressure
The hack arrived during a period of close regulatory attention on Dunamu. As reported by crypto.news, South Korea’s Financial Intelligence Unit previously imposed a 35.2 billion won fine on the company over anti-money laundering and customer verification failures.
That earlier enforcement action later faced court scrutiny. Crypto.news reported that a court canceled a three-month partial suspension against Dunamu after finding gaps in the legal basis used for the sanction. The latest hacking case could create another test of how existing laws apply to crypto exchange operations.
Dunamu’s Naver deal remains under review
The sanctions process also comes while Dunamu works through a planned share swap with Naver Financial. the companies recently delayed completion of the transaction to December 31 because several regulatory approvals remain outstanding.
The current inspection does not automatically block that deal. However, Dunamu remains under several layers of regulatory review while South Korea prepares broader digital asset rules. The FSS has not yet announced a proposed sanction level in the hacking case, and Dunamu still has an opportunity to challenge the inspection findings before any final decision.

Leave feedback about this