In the aftermath of a hack that saw attackers steal 44.5 billion won (approximately $30 million) from a Solana hot wallet, Upbit has begun shifting nearly all customer assets into cold storage, a move that now places it among the most conservative platforms globally in terms of online asset exposure.
This transition marks one of the strongest security pivots by a major exchange, signaling a broader industry conversation about balancing rapid withdrawals with the need to reduce attack surfaces.
As digital asset markets continue to expand, Upbit’s response provides a real-time glimpse into how platforms balance operational liquidity against systemic cyber risks.
BTC's price records some small gains on the daily chart. Source: BTCUSD on Tradingview
Upbit Pushes Hot Wallet Usage Toward Zero
Following its internal review and system overhaul, Upbit confirmed that it now stores approximately 99% of user assets in cold wallets, with hot wallet exposure reduced to about 1% and expected to decrease further.
As of late October, the exchange held 98.33% of customer funds offline, a rate already well above the 80% minimum required under South Korea’s Virtual Asset User Protection Act.
This shift follows a pattern of rising caution. The recent breach was Upbit’s second significant attack, occurring on November 27, mirroring a 2019 incident that saw more than 342,000 ETH drained from its systems.
This year’s Solana-based attack resulted in withdrawals across 24 tokens within less than an hour, prompting an immediate shutdown of hot wallet operations and emergency transfers to cold storage. Upbit has pledged to fully reimburse affected users from corporate reserves.
Domestic data suggests that the exchange already leads the market in cold storage usage, maintaining the lowest hot wallet ratio among local competitors, whose cold wallet shares range from 82% to 90%.
Security Benchmark Sets Pressure on Global and Local Exchanges
Upbit’s near-99% cold wallet ratio surpasses the standards of major global exchanges. Coinbase stores about 98% of its funds offline, while Kraken’s ratio sits between 95% and 97%.
Several Asian exchanges, including OKX and Gate.io, maintain similar levels. With Upbit’s latest update, the platform now stands at the forefront of global cold storage practices.
Industry observers note that the move aligns with broader regulatory momentum. South Korea’s Financial Services Commission is considering new rules that would require exchanges to compensate users for losses resulting from hacks, regardless of fault, similar to the standards imposed on banks.
Liquidity Questions Linger in a Restricted Market
While security is at the center of Upbit’s restructuring, analysts caution that running with minimal hot wallet reserves may slow withdrawals during periods of heightened market volatility.
South Korea’s crypto market is largely closed to foreign participants, restricting arbitrage and creating conditions where delays can exacerbate price discrepancies, commonly known as the “Kimchi premium.”
During last month’s temporary withdrawal suspension, liquidity was effectively trapped, resulting in sharply widening price gaps between the Korean and global markets. Still, Upbit maintains that its rebuilt systems and predictive models will ensure sufficient liquidity under normal trading conditions.
Cover image from ChatGPT, BTCUSD chart from Tradingview
