South Korea-based cryptocurrency exchange Upbit suffered a significant security breach, resulting in the theft of approximately $36 million worth of digital assets primarily from the Solana blockchain. CryptoQuant CEO Ki Young Ju attributes this attack to the Lazarus Group, known for orchestrating state-sponsored cyberattacks targeting cryptocurrency exchanges. Investigations by South Korean authorities and Upbit’s immediate response to suspend operations and move funds to cold storage are underway. Upbit has pledged to fully reimburse affected users from its own reserves. The CEO, Oh Kyung-suk, expressed commitment to user security in a public statement, emphasizing the exchange’s stance on ensuring no harm comes to customer funds. Experts suggest this attack may coincide with high-profile corporate mergers, raising questions about potential insider threats or external support. 44.5 billion KRW was lost due to the hack on November 27, 2025. Upbit is not the first victim of Lazarus Group’s state-sponsored cyber operations; they also targeted the exchange in 2019. This incident highlights the ongoing cybersecurity challenges faced by digital asset exchanges and raises concerns about regulatory oversight and market stability. The theft has impacted Solana’s trading volume, with a notable drop reported on CoinMarketCap after news of the attack broke. Experts are calling for immediate attention to bolstering cybersecurity measures and exploring potential regulatory enhancements to prevent future breaches.