Skip to content

Web-n-Composite/crypto-hacks-list

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

85 Commits
 
 
 
 

Repository files navigation

crypto-hacks-list

Cryptocurrency hacks list from January 2021 - updated weekly.

October 2022 saw a surge in hacking activity, with the total hacked value for the month nearly reaching $718 million, according to blockchain analytics firm Chainalysis. The firm has labeled October as "the biggest month in the biggest year ever for hacking activity". So far, 11 different hacks on decentralized finance (DeFi) protocols have been reported, with cross-chain bridges being the biggest target for hackers.

Three bridge hacks this month accounted for 82% of October’s losses, with the largest being a $100 million exploit on the bridge between crypto exchange Binance’s BNB Smart Chain and Beacon Chain.

Date Amount stolen Who? What?
Feb 2021 $45k Cryptopia Troubled NZ Crypto Exchange Cryptopia Suffers Another Hack in the Midst of Liquidation Process
Feb 2021 $37m Alpha Homora Alpha Homora loses $37 million following Iron Bank exploit
Feb 2021 $14m Furucombo Transaction batching protocol Furucombo suffers $14 million ‘evil contract’ hack
Feb 2021 $11m Yearn Finance Hacker Spends $8.3 Million in Fees to Attack Yearn Finance
Mar 2021 $3m PAID Network PAID Network exploiter nets $3 million in infinite mint attack
Mar 2021 $31m Meerkat Finance Dev says $31 million Meerkat Finance exploit was a ‘test’; will return funds
Apr 2021 n/a Hotbit Cryptocurrency Exchange Hotbit Hacked: Systems Paralyzed, 2 Million Users Affected
Apr 2021 $50m Uranium Finance Binance Chain DeFi Exchange Uranium Finance Loses $50M in Exploit
Apr 2021 $80 EasyFi EasyFi Hacked for Over $80 Million in MetaMask Attack
May 2021 $25m xToken xToken DeFi Project Hacked For Over $25M
May 2021 $30m Spartan Protocol Binance Smart Chain's Spartan Protocol Loses $30M+ in Exploit
May 2021 $200 PancakeBunny PancakeBunny tanks 96% following $200M flash loan exploit
May 2021 $11m bEarn DeFi Protocol bEarn Suffers $11M Flash Loan Attack
May 2021 $22m Value DeFi $22 Million Was Stolen From Three Defi Platforms Last Weekend
Jun 2021 $27m Stablemagnet THE STABLEMAGNET RUGPULL (JUNE 2021)
Jun 2021 $20m Wintermute Wintermute Makes "Optimistic"" Assumption
Aug 2021 $80m Liquid Liquid exchange hacked to the tune of $80 million
Aug 2021 $25m Popsicle Finance DeFi Protocol Popsicle Finance Hacked for $25 Million
Sept 2021 $35m Vee Finance Vee Finance Hit for $35M in Second Major Exploit on Avalanche
Oct 2021 $130m Cream Finance Hackers steal $130 million from Cream Finance; the company’s 3rd hack this year
Oct 2021 $68 Compound Bug bites DeFi protocol Compound again
Oct 2021 $16m Indexed Finance Indexed Finance Attacker Refuses to Return Stolen $16M, Team Approaching Authorities
Nov 2021 $55m bZx DeFi Lender bZx Suffers Hack for Reported $55M
Nov 2021 n/a Snowdog OlympusDAO Fork Snowdog Hit By 90% Crash
Dec 2021 $150m Bitmart Crypto exchange BitMart confirms hack resulting in loss of $150 million in crypto
Dec 2021 $78m AscendEx Crypto exchange AscendEX hacked for $78 million in latest swindle
Dec 2021 $120m Badger DAO Badger DAO Protocol Suffers $120M Exploit
Dec 2021 $30m Grim Finance $30 million stolen from Grim Finance, audit firm blames new hire for vulnerability/
Dec 2021 $31m MonoX Protocol Detailed analysis of the $31 Million MonoX Protocol Hack
Jan 2022 $6.8m LCX LCX loses $6.8M in a hot wallet compromise over Ethereum blockchain
Jan 2022 $35m Crypto.com Crypto.com Says More Than $35 Million Stolen by Hackers
Jan 2022 $80m Qubit Bridge Qubit pleads with hacker to return $80 million of stolen funds
Feb 2022 $326m Wormhole Blockchain Bridge Wormhole Suffers Possible Exploit Worth Over $326M
Feb 2022 $36m IRA Financial Trust Hackers Snagged $36 Million in Crypto in Breach of IRA Financial
Feb 2022 $13m Superfluid Polygon stablecoin Qi Dao exploited for $13M on Superfluid vested contract
Feb 2022 $10m Project Dego Finance DeFi Project Dego Finance Hacked: Exploiters Reportedly Drain Over $10M
Mar 2022 $52m Cashio A Robin Hood-esque attacker steals $52 million from Cashio, then returns smaller amounts and pledges to donate the rest to charity
Mar 2022 $625m Axie Infinity Axie Infinity’s Ronin Network Suffers $625M Exploit
Mar 2022 $11m Agave Defi Protocols Agave and Hundred Finance Suffer Hack of $11M
Apr 2022 $182m Beanstalk Attacker Drains $182M From Beanstalk Stablecoin Protocol
Apr 2022 $80m Fei Protocol Fei Protocol and Rari Capital Pools Hit By $80 Million Hack
Apr 2022 $11m Elephant Money Hackers steal more than $11 million from Elephant Money DeFi platform
Apr 2022 $16m Deus Dao Deus DAO suffers another flash loan exploit, loses over $16M
May 2022 $10m Saddle Finance Saddle Finance Loses Over $10 Million in Hack — Derev Blog
Jun 2022 $100m Harmony Bridge Harmony’s Horizon Bridge hacked for $100M
Jun 2022 $1.2m Inverse Finance DeFi Protocol Inverse Finance Exploited for $1.2M
Jul 2022 $9m Crema Finance $8.78M stolen in hack of DeFi protocol startup Crema Finance
Aug 2022 $200m Nomad Bridge Nomad crypto bridge loses $200 million in ‘chaotic’ hack
Aug 2022 $611 Poly Network Largest DeFi Hack: $611 Million Stolen from Poly Network
Sept 2022 $8m Vulcan Forged Play-to-Earn Gaming Platform Vulcan Forged Raises $8M in Series A Funding
Sept 2022 $160m Wintermute Crypto Market Maker Wintermute Hacked for $160M, OTC Services Unaffected
Oct 2022 $100m Binance Binance Smart Chain Halts After $100M Crypto Theft!
Oct 2022 $90m Mirror Protocol DeFi Hack Worth $90M Unveiled Seven Months Following The Theft
Oct 2022 $21m Transit Swap Transit Swap loses over $21M due to code bug exploit, issues apology

October 2022 – Binance

The value of lost assets: 570 million US dollars.

image

The cryptocurrency exchange Binance temporarily suspended its blockchain network after hackers stole 570 million worth of target BNB tokens.

Binance said late on Thursday Oct 6 that a bridge connected to its token chain had been attacked BNB, allowing hackers to move BNB off-chain tokens. The so-called cross-chain bridges are tools that allow you to transfer tokens from one blockchain to another.


August 2021 – PolyNetwork

The value of lost assets: 610 million US dollars.

image

Cryptocurrency exchange PolyNetwork, due to the cross-chain protocol which was compatible for Bitcoin (BTC),Ethereum (ETH) and Neo (NEO) cryptocurrencies. The cross-chain transaction feature PolyNetwork allows users to transfer assets between different blockchains without having to convert them through exchanges.

According to programmer Kelvin Fichter, the protocol creates digital self-managed safes on two different blockchains. It then allows the user to withdraw funds from one box only after they receive confirmation from the other box that the corresponding amount of assets has been deposited into it.

The hacker (or hackers) managed to find a way to trick the safe box into releasing the funds stored in it without obtaining legal permission from another blockchain. They took advantage of this vulnerability on 10th August to steal over $610 million in total.

Fortunately, this story has a happy ending. The team Poly Network made contact with the hacker shortly after the attack, which eventually led to the return of all $ 610 million worth of stolen assets.


September 2020

The value of lost assets: 280 million US dollars.

image

Next on our list is KuCoin, another major crypto exchange that was hacked on 25th September 2020 , stripping $285 million of user assets. In this case, it can be noted that the quick and accurate actions on the part of the exchange, coupled with close cooperation with other companies in the cryptocurrency industry, allowed KuCoin to survive after the incident.

Within a week of the hack Chainalysis, the blockchain data processing company traced all the stolen funds and was able to get on the trail of the criminals. Their Reactor crypto-forensic tool kept the money out of sight, despite criminals trying to mask the movement of funds through coin mixers and decentralized exchanges which usually leave no trace.

Through the use of blockchain tools and cooperation with other exchanges and law enforcement agencies, KuCoin returned the stolen tokens, and covered the remaining losses from his own capital and insurance fund. Moreover, after the attack, the exchange established the Safeguard Program to enable other crypto companies to benefit from their invaluable experience in dealing with the consequences of a hack, if they find themselves in a similar situation.

With a skillful approach to resolving the incident KuCoin, she earned the respect of customers and rightfully ranked sixth among the leading cryptocurrency exchanges with daily trading volume of about $ 1.92 billion as of August 2021.

February 2020

The value of lost assets: 70 thousand US dollars.

image

The Italian exchange Altsbit only existed for a few months before it was hacked. The exchange initially reported a hack claiming almost all funds had been stolen. After more thorough research, it turned out that Altsbit lost less than half of the stored cryptocurrency.

Altsbit announced that it only had enough funds for a partial refund and that they would close in May 2020. The hacker group Lulzsec claimed to be responsible for the hack, although it is still unclear how they managed to pull it off. Approximately 70,000 worth of cryptocurrencies were stolen.


November 2019

The value of lost assets: 51 million US dollars.

image

The South Korean exchange Upbit suffered a major hack when the hackers escaped with 342 000 ETH at the time of the hack they were valued at $51 million. Rumors circulated that this was an inside job the stolen cryptocurrency was allegedly taken from an Upbit cold wallet. This turned out to be a false alarm. Fortunately, Upbit he promised to cover the losses.

However, the story does not end there. The stolen cryptocurrency was on its way. Whoever took it moved it between wallets, though it’s not clear what purpose this would serve. As of January 2020 Upbit has completed a major security update after a brief suspension of service.


November 2019

The value of lost assets: 500 thousand US dollars.

image

Based in Vietnam VinDAX, this is a relatively small crypto exchange that mainly sells tokens for relatively unknown blockchain projects. The hackers don’t care about the size of the exchange, they only care about the money, and they managed to half a million dollars worth of cryptocurrencies from VinDAX.

In response VinDAX, he sent an email to the projects affected by the theft asking for funds. It is unclear whether any of the projects accepted the proposal or not.


July 2019

The value of lost assets: 30 million US dollars.

image

The Japanese exchange Bitpoint noticed an error in its outgoing money transfer system and immediately suspended its services. However, it was too late. Due to a security breach, hackers stole over 30 million worth of cryptocurrencies.

Luckily, Bitpoint was able to recover $2.3 million in stolen cryptocurrencies from overseas exchanges. Bitpoint stated that it would pay compensation to its users, but did not say when this would happen.


June 2019 

The value of lost assets: 5 million US dollars.

image

The Singapore exchange Bitrue has suffered a major hot wallet hack. Only 90 Bitrue users were affected but the stolen cryptocurrency was worth nearly $5 million. Luckily for users who lost their funds, Bitrue assured them that they would be fully refunded.


June 2019 

The value of lost assets: 10 million US dollars.

image

A cryptocurrency exchange GateHub based in the UK and Slovenia suffered a major hack when hackers stole $10 million worth of Ripple. While it is still unclear exactly how the hackers gained access to users’ funds, the criminals managed to gain access to the encrypted secret keys. So far GateHub some progress has been made in recovering the stolen funds.


May 2019 — Binance

The value of lost assets: 40 million US dollars.

image

Cryptocurrency exchange Binance affected by approximately the amount 7000 BTC. Hackers still managed to use phishing and malware to hack Binance. The attackers escaped with $40 million worth of bitcoins. As a result, Binance has promised to increase its security, but users are understandably wary.

It appears that customer data may also have been stolen. In August 2019, someone began to share information about checking customers from Binance on the channel Telegram. It is claimed that this data was also taken during the hack and that up to 60,000 users could be affected.


March 2019

The value of lost assets: 7 million US dollars.

image

The Singapore crypto exchange DragonEx was attacked, as a result of which hackers stole $7 million worth of cryptocurrency. The North Korean hacker group Lazarus claimed responsibility for this. The hackers set up a legitimate-looking fake company and convinced DragonEx employees to download malware onto their computers via message on Telegram and LinkedIn.

DragonEx took full responsibility for the hack and will refund money to those who lost funds. The exchange is also working with the police to see if they can recover the stolen cryptocurrency.


March 2019 – Bithumb

The value of lost assets: 13 million US dollars.

image

A South Korean cryptocurrency exchange Bithumb has been the victim of alleged insider work. It all started with a suspicious withdrawal, and the exchange immediately suspended all withdrawals on its platform, but it was too late. Who carried out the break-in is still unknown, but since there is no evidence of outside interference, many suspect that the funds were stolen by an employee at Bithumb.


March 2019 – CoinBene

The value of lost assets: 100 million US dollars.

image

A cryptocurrency exchange CoinBene that began to experience problems when funds began to mysteriously leave the exchange’s hot wallet. Analysts were concerned that the exchange was down for maintenance, a typical post-hack reaction. Despite assurances from CoinBene that nothing happened, the exchange was down for a month.

One of the strangest aspects of this hack is the unwillingness of Coinbene to admit that something is wrong. The hack also came on the heels of. Bitwise Asset Manager report that accused Coinbene of fictitious trading to manipulate the cryptocurrency market. The details are still extremely vague, but it is believed that more than $100 million worth of cryptocurrencies were stolen in the hack.


February 2019

The value of lost assets: 26 million US dollars.

image

By a strange coincidence Youbit (previously known as Yapizon) was renamed to Coinbin. Already facing two massive hacks, you might think that Coinbin would be especially careful. However, this hack was an inside job.

It appears that the a former CEO of Youbit was still working for Coinbin and embezzling the company’s funds. This employee allegedly had access to private keys and could withdraw funds from multiple accounts. As a result, Coinbin filed for bankruptcy and shut down, but still owes $30 million to users.


February 2019 — Coinmama

Information leak: 450 000 user email addresses and passwords

image

This is a slightly less traditional hack because instead of stealing money, the hackers simply stole information. Coinmama is one of the largest cryptocurrency brokers with over a million active users. The impact of this hack appears to have been minor, as Coinmama quickly informed users once they became aware that user data was being leaked onto the dark web. To date, not a single cryptocurrency coin has been stolen.


January 2019 – Cryptopia

The value of lost assets: 24 million US dollars.

image

Unfortunately for Cryptopia , they suffered another hack 15 days after the first one. That was the end of the New Zealand exchange – now they are going through the process of liquidation.

Update 2020 Cryptopia is still in liquidation, but it has now been revealed that the exchange did not comply with anti-money laundering (AML) requirements when creating new user accounts. For more than 900,000 active user accounts, there is no customer data other than usernames and email addresses.

Fewer than 1% of users have completed customer identification, which is an important part of the AML procedure that ensure that customers are who they say they are. Thousands of cryptocurrency accounts worth more than $3 million have been traced to uninhabited islands or physical addresses that didn’t exist. Currently, many of those who lost funds in a hack are not eligible for a liquidator refund because there is not enough information about who owns which accounts.

While it’s unfortunate that it Cryptopiawas hacked twice in a row within a month, it’s clear that the exchange didn’t do its due diligence. Given that the majority of Cryptopia’s active users were from outside New Zealand, more needed to be done to enforce anti-money laundering measures.


December 2018 

The value of lost assets: 9 million US dollars.

image

QuadrigaCX was the largest cryptocurrency exchange in Canada, owned by Gerald Cotten.Cotten was the only person who knew how to access cold wallets owned by the exchange.

In December, during his honeymoon in India Cotten died and took any information on how to access cold wallets to his grave QuadrigaCX already experienced difficulties, there were rumors of bankruptcy, and with the death of Cotten, the stock exchange collapsed. Conspiracy theories began to surface that Cotten was not actually dead, he just pulled off a very elaborate exit scam.

When the investigation into finances began QuadrigaCX, things took a strange turn. Six cold wallets were found to belong to QuadrigaCX. However, when investigators looked through the wallets, five of them were emptied around April 2018. Nobody knows exactly what happened and the investigation is still ongoing. Cotten’s widow voluntarily returned $9 million in assets from Cotten’s estate to pay users off.

2020 update A year later, what exactly happened to QuadrigaCX is still very unclear It is still claimed that Cotten is not actually dead, and there have been several attempts to exhume his body. The original request was denied, however a new request has been made by lawyers representing those who have lost their funds.

There are also alleged ties to a shady bank in Panama called Crypto Capital Exchange lawyers suspect that some of the missing funds may be stored in Crypto Capital, and have turned to all former users for help in this matter.

As of January 2020, the FBI is involved The FBI Victim Specialist contacts former users and directs them to a portal where they can get more information. It remains unclear whether we will ever get answers about what actually happened on the exchange.


October 2018

The value of lost assets: 5,7 million US dollars.

image

This hack is still being debated as many believe it was part of an exit scam. MapleChange is a small Canadian cryptocurrency exchange that has experienced an unusual surge in exchange activity since October. Later that month, the exchange announced that it had been hacked and that all funds (worth $5.7 million) had been withdrawn. As a result, MapleChange has announced that it is closing its doors for good.

What made people suspicious was the immediate removal of the MapleChange website, social media accounts, and channels Discord and Telegram. The lack of communication led many to believe there was no hack, despite MapleChange’s insistence that they were simply taking a break to decide how to proceed.

Instead of deciding to give anyone back the money, the crypto exchange gave away what little they had left to the developers who created the remaining coins. There is still no consensus on the Internet as to whether this was all a hack or another scam.


September 2018

The value of lost assets: 60 million US dollars.

image

This is another case where it is not clear how the hackers stole the funds. However, Zaif filed a criminal case with the local authorities, which suggests that they have an idea of who did it. Either way, this Japanese exchange lost $60 million worth of cryptocurrencies.


June 2018

The value of lost assets: 40 million US dollars.

image

Although the South Korean exchange Coinrail was a relatively small cryptocurrency exchange, it was doing a lot of business, which attracted the attention of hackers.The exact details of the attack are still unclear, and the exchange lost about $40 million.


June 2018

The value of lost assets: 31 million US dollars.

image

Unfortunately, hacking problems Bithumb did not start in 2019. The exchange was also hacked in 2018, (and you will see them again on our list), with the hackers stealing a significant amount of Ripple. This hack appears to have been orchestrated by a group of North Korean hackers known as the Lazarus Group, who have been responsible for a number of cryptocurrency hacks over the years. Luckily for users Bithumb, exchange promised to return all stolen funds.


May 2018 – Bitcoin Gold

The value of lost assets: 18 million US dollars

image

This is probably one of the strangest hacks on our list, since it was not a cryptocurrency exchange that was hacked, but a cryptocurrency. Bitcoin Gold was a fork of the original Bitcoin that was hard forked by Bitcoin in an attempt at decentralization (ironic, given that Bitcoin is already decentralized).

Bitcoin Goldwas the victim of a 51% attack, a rare case in which hackers managed to gain control of more than 50% processing power of a network. From there, attackers can prevent confirmations, allowing them to effectively stop payments between users and make changes to the network’s blockchain ledger. This type of attack was considered rare, if not impossible, until the Bitcoin Gold hack.

Using complex maneuvers, the hackers placed Bitcoin Goldtheirs on exchanges, exchanged them for other cryptocurrencies, and then withdrew the amount. And since they controlled the ledger of the Bitcoin Gold blockchain, they could simply put the original Bitcoin Goldback into their wallet, effectively stealing money from the exchanges.


May 2018 – Taylor

The value of lost assets: 1,5 million US dollars.

image

Taylor is a cryptocurrency trading app that has had a successful initial coin offering (ICO)for funding. Unfortunately, the hackers managed to gain access to the company’s device shortly after and gain control of the password file. The attackers stole everything Ethereum collected during the ICO, in the amount of $1.5 million. There were fears that this was another exit scam, but it appears that Taylor has gradually been able to recover.


April 2018 — CoinSecure

The value of lost assets: 3,5 million US dollars.

image

CoinSecure, an Indian cryptocurrency exchange, lost $3.5 million worth of bitcoins during a hack. However, it looks like it was an inside job. The owners CoinSecurebelieve their former head of security stole the funds. Looks like they messed something up, as he was later arrested.


February 2018

The value of lost assets: 170 million US dollars.

image

Over $170 million Bitgrail was stolen from the Italian stock exchange, and the details are a little blurry. While the owner, Francesco Firani, announced the break-in, other employees denied it and said there was nothing wrong with it. People are skeptical about whether this was a real hack or an attempted exit scam..


January 2018 — Coincheck

The value of lost assets: 533 million US dollars.

image

Coincheckwas the leading exchange in Japan, but the hack showed how insecure the platform was. The hackers managed to spread the virus via email, allowing them to steal the private keys. After that, it was surprisingly easy, as Coincheck did not use smart contracts or multi-signatures, and all the coins were stored in one wallet. The total value of the stolen cryptocurrency is one of the highest ever, with an estimated value of $533 million at the time of the hack.

It is noteworthy that the cryptocurrency exchange is still operating. It started offering full service again in November 2018. While the hack was believed to have been carried out by North Korean hackers the malware was created by Russian hacker groups.


December 2017 – NiceHash

The value of lost assets: 62 million US dollars.

image

NiceHash is a cryptocurrency mining market that allows miners to rent out their hashrate to others. Their payment system was compromised, resulting in the content of users’ bitcoin wallets being stolen. The exact amount stolen has never been confirmed by NiceHash, but it is believed to be 4736 Bitcoin worth about $62 million at the time. This story ends on a happy note as NiceHash managed to return 60%of the stolen funds to users.


December 2017

The value of lost assets: Unknown.

image

Youbit (formerly known as Yapizon) was a relatively small South Korean cryptocurrency exchange that was previously hacked in 2017. This time the hackers stole 17% of the exchange’s assets. This was the end for Youbit, the same day they filed for bankruptcy.


July 2017 – Bithumb

The value of lost assets: 7 million US dollars.

image

Bithumbreappears on this list. At the time of the Bithumb hack, it was the fourth largest cryptocurrency exchange in the world. An unknown hacker managed to gain access to an employee’s personal computer and steal the data of over 30,000 Bithumb users. Shortly thereafter, users began to notice that their accounts were being emptied.


April 2017

The value of lost assets: 5 million US dollars.

image

Before Yapizon changed their name to Youbit, they were hacked for the first time. The attackers managed to escape with $5 million worth of bitcoins. Yapizon did their best to mitigate the damage.


August 2016 — Bitfinex

The value of lost assets: 350 million US dollars.

image

This Hong Kong-based cryptocurrency exchange claims to be the most secure exchange in the world. Unfortunately, this turned out to be very untrue. Hackers stole a large amount of bitcoins through a processing service Bitfinex–BitGo. The price of bitcoin plummeted as a result of the hack.


May 2016 – GateCoin

The value of lost assets: 2 million US dollars.

image

At the time, GateCoin was one of the first regulated cryptocurrency exchanges, and its' popularity made it a prime target for attackers. The hackers managed to gain access to users’ wallets and steal $2 million worth of cryptocurrencies. It was the nail in the coffin for the GateCoin, the stock exchange never recovered.


April 2016 – ShapeShift

The value of lost assets: 230 thousand US dollars.

image

Within a month, the cryptocurrency exchange ShapeShift was hacked three times. According to a detailed report by ShapeShift CEO Eric Voorhees, a former employee is responsible for all three hacks. They pledged to restore the cryptocurrency, and they are one of the few who managed to do it successfully.


February 2015

The value of lost assets: 1,5 million US dollars.

image

The cold wallet of this Chinese exchange BTER was hacked, resulting in the loss of over $1.5 million worth of bitcoins. Reddit users were very suspicious, as hacking a cold wallet is extremely difficult, and suggested that the hack was an inside job.


February 2015

The value of lost assets: 3000 BTC

image

You will see Linode further down our list, but this was a hosting server for several cryptocurrency exchanges. It was hacked again in 2014, this time causing a security breach on the server KipCoin. The hackers managed to take control of the entire platform by changing the passwords inside. A month-long struggle ensued, during which the administrators managed to regain control over the exchange, but the hackers still hid. At the time of the hack, KipCoin did not tell users what was going on in light of the hack at Bitstamp, and only later revealed the information.


January 2015 — Bitstamp

The value of lost assets: 5,1 million US dollars.

image

Bitstamp was the first licensed cryptocurrency exchange in Europe. It was compromised when hackers sent a malicious email to Bitstamp employees, and only one employee followed the link and exposed the entire exchange. The attackers escaped with bitcoins, which were valued at $5.1 million at the time.


January 2015 – LocalBitcoins 

The value of lost assets: 17 BTC

image

Although it was a relatively small hack, it proved its worth when it came to spending money on cybersecurity. The attackers used the local Bitcoins chat to distribute malware, after which they left with relatively little profit.


October 2014 – MintPal

The value of lost assets: 3700 BTC

image

MintPal survived the second break-in in October (scroll down to read about the first break-in in July), but there were many more twists and turns in this case. Shortly after the July hack, MintPal was bought by Moolah (also known as Moopay Ltd), owned by Ryan Kennedy, also known as Alex Green.

After a failed restart of MintPal, Moolah announced that it is closing its doors, but users will still be able to use MintPal. However, user accounts were locked out and users could track withdrawals from wallets and then watch them sell on another platform. Kennedy was the only one with access to client funds and he was currently on the run.

Kennedy was arrested in 2016 on suspicion of rape and is now in prison. Now he is also facing charges of fraud by the British police for his part in the break-in of MintPal.


July 2014 – Cryptsy

The value of lost assets: 13 000 BTC и 300 000 LTC

image

A Trojan virus was inserted into Cryptsy’s code by the hacker, Lucky7Coin. As a result Lucky7Coin (and possibly others) have left with a staggering amount of cryptocurrencies. Owner of Cryptsy, Paul Vernon was accused of destroying evidence and stealing bitcoins, and the exchange declared insolvency. Vernon was successfully class-sued for $8.2 million.


July 2014 – MintPal

The value of lost assets: 8 миллионов VRC

image

Before the failed takeover of MintPal by Alex Kennedy, they experienced another break-in. The hacker found a weak spot in the withdrawal system on the exchange and managed to authorize the withdrawal from the wallet Vericoin. Bitcoin and Litecoin wallet sites were also attacked, but nothing was stolen. The hack resulted in the loss of 30% of everyone's Vericoin, which led the Vericoin development team to decide to hard fork in order to mitigate the damage.


March 2014 — Mt.Gox

The value of lost assets: 850 000 BTC

image

You might be surprised to see this name again and be associated with one of the biggest hacks of all time. The investigation is still ongoing and the situation is far from clear, but it looks like when Mt.Gox was originally hacked in 2011, the attackers also stole some private keys. Hackers gained access to a large amount of bitcoins and began to empty wallets.

Allegedly due to an error in the systems, the Mt.Gox exchange interpreted these withdrawals as deposits for almost two years. It was a huge mistake that cost users $45 million and ended the cryptocurrency exchange. Mt.Gox filed for bankruptcy within a month, causing the price of bitcoin to drop by 36%. The former CEO of Mt.Gox was arrested in 2015 after he was found to be in possession of $2 million worth of bitcoins, which were allegedly stolen in a hack.

In 2017 a Russian citizen named Alexander Vinnik was arrested by US authorities for a key role in laundering bitcoins that had been stolen in a hack. The story isn’t over yet, but there doesn’t seem to be a clear solution in sight either.


March 2014 – Poloniex

The value of lost assets: 97 BTC

image

In the same month, hackers managed to use the wrong withdrawal code of this cryptocurrency exchange in the United States. While the company did not reveal exactly how much was stolen, the figure was explained on the Bitcointalk forum. There are still rumors about whether the hack was an inside job or not.


November 2013

The value of lost assets: 484 BTC

image

The Czech exchange Bitcash lost bitcoins after its servers were hacked. The attackers gained access to the email and sent out a phishing scam, posing as Bitcash, in order to obtain customer information, which they then used to steal funds.


May 2013 — Vicurex

The value of lost assets: 1454 BTC

image

While the hack Vicurex has never been accurately confirmed (some believe it was an inside job), the cryptocurrency exchange has announced that it has lost most of its reserve funds to the hackers. Vicurex, which is on the verge of bankruptcy, froze all withdrawals, causing several former clients to sue the company for withholding their money.


September 2012 – BitFloor

The value of lost assets: 24 000 BTC

image

At the time of the hack, BitFloor was the fourth largest exchange in the US market. The attackers managed to gain access to the servers and find unencrypted backup wallet keys. From there, they simply siphoned funds otaling $250,000.


May 2012 – Bitcoinica

The value of lost assets: 18457 BTC<

image

Unfortunately for Bitcoinica, just two months after the initial hack, they suffered another hack. This led many to suspect that the initial security problems that arose from the March attack on Linode, were never effectively resolved. The site was immediately taken down and the exchange permanently shut down.


March 2012 – Linode

The value of lost assets: 43000 BTC

image

It’s a little tricky. Linode is a web hosting provider that hosts cryptocurrency exchanges Bitcoinica and Slush. Linode itself was hacked, and the attackers managed to steal significant amounts of Bitcoin from both exchanges.


June 2011 – Mt. Gox

The value of lost assets: 2643 BTC

image

Although it was a relatively modest hack at the time, it was only the beginning of the problems for Mt.Gox. In the course of this hack, hackers were able to gain access to a computer belonging to an auditor on a cryptocurrency exchange. The hacker changed the price of bitcoins to $0.01, bought them at an artificially low price, and fled with a small fortune.


Conclusion:

Hackers will never stop attacking cryptocurrency exchanges as long as they remain profitable. While a good cryptocurrency exchange will have several security measures in place. Do your due diligence when signing up for an exchange to make sure you don’t become a victim.