A South Korean court has overturned a regulatory suspension on Upbit while a separate DeFi exploit on Hyperliquid exposed a $1.5 million loss, highlighting risks across both centralized and decentralized crypto systems.
Key Takeaways
- A South Korean court canceled a three month suspension on Upbit operator Dunamu over unclear AML rules.
- Regulators failed to provide detailed compliance guidance, weakening enforcement.
- Hyperliquid suffered a $1.5 million loss from a deliberate self liquidation attack.
- The events highlight both regulatory gaps and structural risks in crypto markets.
What Happened?
The Seoul Administrative Court ruled in favor of Dunamu, overturning a Financial Intelligence Unit sanction tied to Anti-Money Laundering violations. At the same time, blockchain security analysts reported a complex exploit on Hyperliquid that drained $1.5 million from its liquidity pool.
🚨 Dunamu, operator of Upbit, wins lawsuit against South Korea’s Financial Intelligence Unit over a partial business suspension.
— Coin Edition: Your Crypto News Edge ️ (@CoinEdition) April 9, 2026
The court ruled regulators failed to provide clear guidelines, making it hard to prove negligence. Dunamu’s actions, though imperfect, were not… pic.twitter.com/xIkIaaLSuY
Court Overturns Upbit Suspension Over AML Gaps
The legal dispute began on February 25, 2025, when South Korea’s Financial Intelligence Unit imposed a three month partial suspension on Dunamu, the operator of Upbit. The restriction prevented new users from transferring digital assets following an inspection that flagged compliance failures.
Regulators claimed Dunamu:
- Facilitated transactions with unregistered overseas virtual asset providers.
- Failed to meet customer due diligence standards.
- Recorded over 600,000 suspected Know Your Customer violations.
However, according to reporting from Yonhap News Agency, the court found that enforcement lacked a clear foundation.
While rules for transactions above 1 million won, roughly $675, were well defined, the court said guidance for smaller transactions was not specific enough. This lack of clarity made it difficult to justify strict penalties.
The court also emphasized that regulators did not clearly outline what compliance actions were required. As a result:
- Dunamu had implemented its own internal compliance measures.
- There was no clear evidence of intent or gross negligence.
- The legal basis for suspension was weakened.
Earlier, on March 27, 2025, the court had already granted an injunction allowing Upbit to continue onboarding new users while the case was under review.
This final ruling not only lifts the suspension but also limits how regulators can enforce AML rules when expectations are not clearly defined.
Hyperliquid Exploit Exposes DeFi Risk
At the same time, a separate incident in decentralized finance revealed a different kind of vulnerability.
Blockchain security firm PeckShield identified a sophisticated exploit on Hyperliquid involving the memecoin FARTCOIN. The attack resulted in a $1.5 million loss from the platform’s main liquidity pool.
The attacker used a calculated strategy involving:
- Building a $15 million long position across multiple wallets.
- Manipulating price in a low liquidity environment.
- Triggering forced liquidation through the platform’s system.
This exploit targeted Hyperliquid’s auto deleveraging mechanism, which is designed to handle liquidations when counterparties cannot cover losses.
Instead of harming individual traders, the system shifted losses directly to the shared liquidity pool.
How the Self Liquidation Attack Worked?
The attacker combined market manipulation with a hedging strategy across multiple exchanges.
Here is how the process unfolded:
- A large long position was opened on Hyperliquid.
- Short positions were placed on other platforms.
- Price was pushed into a thin liquidity range.
- Liquidation was triggered intentionally.
- Losses were absorbed by the protocol’s pool.
- Profits were realized from external short positions.
This approach allowed the attacker to effectively profit while transferring losses to the protocol.
Unlike earlier exploits such as the Mango Markets oracle manipulation in 2022, this attack focused on internal risk mechanisms rather than price feeds.
Industry Reaction and Broader Implications
Hyperliquid confirmed that no smart contract breach occurred and that user funds outside the liquidity pool remain safe. The team is now reviewing possible changes, including:
- Adjustments to auto deleveraging parameters
- Stricter liquidity requirements for volatile assets
- Potential safeguards for low liquidity trading pairs
Meanwhile, the Upbit ruling is likely to influence regulatory approaches in South Korea.
The decision highlights a key issue in crypto regulation:
- High level rules without operational clarity can fail in court
- Enforcement depends on clearly defined compliance standards
For exchanges, this creates both opportunity and responsibility. While unclear rules may provide temporary legal protection, firms still need to maintain strong internal compliance systems.
CoinLaw’s Takeaway
In my experience, this story perfectly shows how crypto is being tested from both sides. On one hand, regulators are struggling to enforce rules that are not clearly written. On the other hand, DeFi platforms are still vulnerable to highly advanced financial strategies.
I found the Upbit ruling especially important because it sets a precedent. If rules are vague, enforcement becomes weak. At the same time, the Hyperliquid exploit reminds me that even well designed systems can be gamed when incentives are misaligned.
Both events send a clear message. Crypto is maturing, but it still has gaps that need to be fixed, whether in regulation or protocol design.
