Wallet

South Korea's Upbit discovered a critical wallet software vulnerability while investigating a $30 million theft. The exchange identified a defect that could potentially expose private keys through blockchain data analysis. Upbit has suspended operations and pledged full reimbursement to affected users, though no direct link between the flaw and the November 26 breach has been confirmed.

South Korean cryptocurrency exchange Upbit identified a critical security flaw in its internal wallet system that could have allowed attackers to derive private keys from publicly visible blockchain transaction data. The vulnerability was discovered during an emergency audit following a $30 million theft on November 27. The exchange has not confirmed whether the flaw was directly exploited in the breach, but has committed to covering all customer losses using its own reserves.

Visa has partnered with crypto infrastructure provider Aquanow to enable stablecoin-based transaction settlements across Central and Eastern Europe, Middle East, and Africa. The collaboration will allow financial institutions to settle payments using approved stablecoins including USDC, targeting cost reduction and faster settlement times. The system aims to support continuous operations while addressing friction points in cross-border transactions.

South Korean cryptocurrency exchange Upbit suspended all deposit and withdrawal operations on November 27 after detecting an unauthorized transfer of approximately $38.5 million in digital assets. The breach affected multiple Solana-based tokens, including SOL, USDC, BONK, and others. The exchange has pledged to cover all customer losses using its own reserves, with services to resume after completion of security reviews.

South Korean technology company Naver and digital asset operator Dunamu announced a five-year investment of 10 trillion Korean won ($6.8 billion) to develop financial infrastructure integrating artificial intelligence and blockchain technologies. The investment follows Naver Financial's acquisition of Dunamu, parent company of South Korea's largest cryptocurrency exchange Upbit, through a share-swap arrangement. The partnership aims to establish a comprehensive system spanning payments, settlements, and broader financial services.

Thailand's Personal Data Protection Commission has ordered World Network to halt biometric data collection and delete records of 1.2 million local users. The regulator cited violations of the Personal Data Protection Act, stating the blockchain project allegedly transferred iris scan data to third parties in exchange for cryptocurrency tokens without proper authorization.

KakaoBank has advanced its Korean won-pegged stablecoin project into active development, according to Newspim. The digital bank, part of South Korean tech conglomerate Kakao, is recruiting blockchain backend developers with expertise in smart contracts and token standards. The move follows similar initiatives by competitor Naver, which is reportedly pursuing a merger with Upbit, the country's largest cryptocurrency exchange.

Swedish fintech company Klarna introduced KlarnaUSD, a USD-pegged stablecoin on the Tempo blockchain developed by Stripe and Paradigm. The token targets the approximately $120 billion in annual fees generated by international payment transactions. KlarnaUSD is currently operational on Tempo's testnet, with a mainnet launch scheduled for 2026.

Exodus is acquiring W3C Corp for $175 million to transition from a wallet-focused company into a provider with integrated payment processing capabilities. The deal brings subsidiaries Monavate and Baanx under Exodus's control, enabling direct card issuance and transaction processing. The transaction is expected to close in 2026 pending regulatory approval.

Charles Guillemet, Chief Technology Officer at Ledger, has issued a security alert about zero-click vulnerabilities being exploited to compromise cryptocurrency wallets. State-sponsored groups are deploying commercial spyware against messaging apps to gain unauthorized phone access. He advises against storing significant crypto assets on mobile devices due to escalating threats.