Crypto hacks always make the headlines, but it’s the response that matters. After last month’s Upbit breach, Binance is now stepping up to defend its reputation.
Reports from South Korea suggested Binance only froze a fraction of stolen funds. The narrative? “Delayed. Partial. Not enough.” Binance isn’t having it.
“Binance’s security and investigations teams identified the incident and immediately took action to assist in freezing related transfers and mitigating further movements,”.
The company stresses it has been working closely with law enforcement and other parties from day one. Claims that Binance was slow or ineffective? “Unsubstantiated and inaccurate.”
What Really Happened
Authorities say the hackers moved lightning-fast. They spread stolen funds across more than a thousand wallets within hours, using chain hopping, token swaps, and bridges to cover their tracks.
Binance had been asked by South Korean police to freeze $370K of funds linked to the $30M Upbit hack last month.
— MONIIFY (@MoniifyBusiness) December 12, 2025
What reportedly got frozen? Only 17% and 15 hours later, according to KBS.
The exchange said more verification was needed and won’t comment on active investigations.… pic.twitter.com/aYRmSEfPK2
Roughly $370,000 in Solana tokens were flagged for freezing, but only about $75,000 was locked down initially, according to early reports. Binance says this was due to verification steps to prevent mistakes before broader action.
Upbit Steps Up Security
The breach pushed Upbit to accelerate its security overhaul. After losing 44.5 billion won (~$30M) from its hot wallet, the exchange is moving nearly all customer assets into cold storage, raising the ratio to 99%. That’s far above South Korea’s legal requirement of 80% offline storage, and it slashes hot wallet exposure to almost zero.
Before the hack, Upbit already had 98.33% of funds in cold storage; the highest among domestic platforms. Now, they’ve tightened things even further.
The Bigger Picture
South Korean authorities are investigating, and preliminary reports point to North Korea’s Lazarus Group, infamous for crypto thefts.
For crypto users, the lesson is clear: even big exchanges can be targeted, but fast action, verification, and robust cold storage make all the difference. Binance wants the world to know but they acted, and they’re still acting.
