You might be searching for GDAC because you saw an old forum post praising its low fees, or perhaps you are one of the unfortunate traders still hoping to recover funds lost in April 2023. Here is the hard truth you need to hear immediately: GDAC is a permanently defunct cryptocurrency exchange that ceased all operations following a catastrophic security breach. You cannot sign up, you cannot trade, and you certainly cannot withdraw any assets that were sitting in their hot wallets at the time of the collapse. If you are looking for a place to park your Bitcoin today, look elsewhere. If you are looking for answers about what went wrong, keep reading.
The Short Answer: Is GDAC Safe?
No. Not anymore, and arguably not even before. The exchange, which operated primarily in South Korea from 2018 until its abrupt shutdown in 2023, serves now as a cautionary tale rather than a viable trading platform. While it once boasted competitive fees and a user-friendly interface built on TradingView infrastructure, its failure to implement robust security protocols led to the loss of nearly $13 million in user funds. This wasn't just a technical glitch; it was a systemic collapse driven by social engineering and poor risk management.
What Was GDAC? A Brief History
To understand why this matters, we have to look back at what GDAC tried to be. Founded in 2018, GDAC positioned itself as a legitimate, transparent player in the South Korean crypto market. Unlike many shady offshore platforms, they published their registered address and company details openly. They aimed to compete with giants like Coinbase but focused exclusively on the domestic KRW (Korean Won) market.
For a few years, it seemed to work. By 2021, reports indicated GDAC was among the leaders in the local market. They offered trading for approximately 27 cryptocurrencies-a small selection compared to global behemoths, but enough for retail investors. Their main selling point was cost. With maker and taker fees fixed at a flat 0.20%, they undercut competitors significantly. For context, Coinbase charged around 2.00% during similar periods. That 90% difference in fees attracted a steady stream of traders who wanted to maximize their margins on smaller trades.
The April 2023 Breach: How It Happened
The downfall of GDAC wasn't caused by a complex quantum computing attack or a flaw in blockchain cryptography. It was caused by something much more human: social engineering and SIM swapping. In April 2023, hackers targeted both employees and high-value users. They didn't break into the code; they broke into the people managing the code.
According to reports from CoinDesk and subsequent security analyses, attackers used SIM swapping techniques to hijack phone numbers linked to two-factor authentication (2FA). Once they controlled the phone lines, they bypassed security layers designed to protect accounts. The result was devastating. Attackers gained access to GDAC's internal systems and drained nearly $13 million worth of cryptocurrency from the exchange's hot wallet. To put that in perspective, that represented roughly 23% of GDAC's total custodial assets.
Security experts later pointed out a critical mistake in GDAC's risk management: keeping such a large percentage of assets in a hot wallet (connected to the internet) instead of cold storage (offline). While some hot wallet balance is necessary for liquidity, 23% is dangerously high for an exchange handling millions in volume. When the door was kicked in, there was no vault to protect the bulk of the money.
Why GDAC Failed Where Others Succeeded
If you compare GDAC to other South Korean exchanges like Upbit or Bithumb, the differences become stark. Those platforms survived the same turbulent market conditions because they invested heavily in multi-layered security, regular audits, and strict compliance with the Financial Services Commission's regulations. GDAC, despite operating under these same laws, failed to meet the basic standards of employee training and password management.
| Feature | GDAC | Coinbase (Global Benchmark) | Upbit (Local Leader) |
|---|---|---|---|
| Status | Defunct (Shut Down) | Active | Active |
| Trading Fees | 0.20% | ~2.00% | Variable (~0.05-0.15%) |
| Fiat Support | KRW Only | USD, EUR, GBP, etc. | KRW |
| Crypto Listings | ~27 | 136+ | 400+ |
| Security Outcome | $13M Stolen, Closed | Multiple Audits, Active | Strict Compliance, Active |
The table above highlights the trade-off GDAC made. They offered lower fees and a simpler interface, but they lacked the depth of listings and, crucially, the security infrastructure of their peers. Their withdrawal fees were also higher (0.001 BTC equivalent vs Coinbase's lower rates), creating a confusing value proposition for advanced traders.
What Happened to User Funds?
This is the question that keeps former users awake at night. The short answer is grim: most funds were likely lost forever. After the hack, GDAC suspended operations and initiated an investigation with law enforcement. However, the exchange ultimately shut down permanently. There has been no announcement of corporate restructuring, no insurance payout, and no compensation plan for users.
Reports indicate that estimates of the stolen amount ranged from $10 million to $25 million across various cryptocurrencies. Because the funds were moved to unidentified wallets shortly after the breach, tracking them has proven difficult. While blockchain analysis firms can trace transactions, recovering the actual coins requires cooperation from other exchanges where the criminals might try to cash out-a process that is slow, uncertain, and rarely results in full repayment for victims.
User feedback archived from Reddit and Trustpilot prior to the platform's removal shows profound frustration. Users reported holdings ranging from $500 to $50,000 evaporating without recourse. Even before the hack, satisfaction scores were mixed, with some users citing stability issues and lack of a referral program. The final blow rendered all those complaints moot, as the platform simply vanished.
Lessons Learned: Protecting Yourself in 2026
The collapse of GDAC reinforces a core principle in cryptocurrency: "Not your keys, not your coins." Relying on a centralized exchange to hold your assets carries inherent risk, regardless of how reputable the company seems. Here is how you can avoid falling victim to a similar situation:
- Use Hardware Wallets: For long-term holdings, move your crypto off exchanges entirely. Devices like Ledger or Trezor give you sole control over your private keys.
- Verify Security Protocols: Before depositing funds, check if an exchange uses cold storage for the majority of assets. Look for proof of reserves and regular third-party security audits.
- Beware of SIM Swapping: Enable hardware-based 2FA (like YubiKey) rather than relying solely on SMS codes, which are vulnerable to the very attacks that doomed GDAC.
- Diversify Exchanges: Never keep all your eggs in one basket. Spread your assets across multiple reputable platforms to mitigate the risk of a single point of failure.
- Check Regulatory Status: Ensure the exchange is compliant with local financial regulations. In South Korea, this means checking registration with the Financial Services Commission.
Current Alternatives for South Korean Traders
If you were a GDAC user looking for a new home for your KRW-trading needs, several robust alternatives remain active. Upbit and Bithumb continue to dominate the local market with deep liquidity and stricter security measures. Korbit and Coinone also offer reliable services with extensive coin listings. Globally, Binance and Kraken provide options for those who can navigate international fiat on-ramps, though regulatory restrictions may apply depending on your residency.
When choosing a new exchange, do not just look at fees. A 0.20% fee is meaningless if the platform goes bankrupt tomorrow. Prioritize security history, transparency, and user support responsiveness. The GDAC incident proves that cheap trading costs are a poor substitute for safe custody.
Final Thoughts on the GDAC Collapse
GDAC started with good intentions, offering transparency and low costs in a crowded market. But in the crypto world, security is not a feature; it is the foundation. Without it, everything else crumbles. The exchange's inability to protect against sophisticated social engineering attacks exposed a fatal flaw in its operational model. For anyone still holding onto hope that GDAC will reopen, the reality is clear: the doors are closed, the funds are gone, and the lesson is learned. Move your assets to secure, regulated platforms, and never trust an exchange with more than you can afford to lose.
Is GDAC crypto exchange still operational in 2026?
No, GDAC permanently ceased operations in April 2023 following a major security breach. The platform is defunct, and no trading or account recovery services are available.
How much money was stolen from GDAC?
Approximately $13 million worth of cryptocurrency was stolen, representing about 23% of the exchange's total custodial assets. Estimates range between $10 million and $25 million depending on asset valuation at the time.
Will GDAC compensate users for lost funds?
There is no information indicating that GDAC will compensate users. The exchange shut down permanently, and law enforcement efforts to recover funds have had minimal success as of 2025.
What caused the GDAC hack?
The hack was primarily caused by social engineering and SIM swapping attacks that allowed hackers to bypass two-factor authentication. Poor employee training and inadequate password management protocols also contributed to the breach.
Are there safer alternatives to GDAC in South Korea?
Yes, major exchanges like Upbit, Bithumb, Korbit, and Coinone remain active and generally adhere to stricter security and regulatory standards in the South Korean market.
Did GDAC support US dollars?
No, GDAC exclusively supported the Korean Won (KRW) as its fiat currency, limiting its appeal to international traders outside of South Korea.
