Olusegun KehindeCryptocurrency is a target for hackers and thieves, and there have been numerous high-profile hacks and thefts that have rocked the cryptocurrency industry and the internet. Here are the 15 biggest cryptocurrency hacks and thefts in history.
1. Terra (Luna) Collapse (2022)
In May 2022, TerraUSD (UST), an algorithmic stablecoin tied to the Terra (Luna) blockchain, lost its peg to the US dollar. This de-pegging triggered a catastrophic spiral, leading to the collapse of UST and a dramatic fall in the value of its sister token, Luna.
The crisis erased approximately $40 billion in market value and had massive repercussions across the crypto space. The Terra blockchain crash was caused by the inherent vulnerabilities in the design of the UST algorithmic stablecoin on the block, which relied on a balance between the Luna and UST tokens to maintain its value (Luna was used to maintain the peg of UST by expanding or contracting its supply according to market demand).
The Terra (Luna) collapse led to doubts about the viability of algorithmic stablecoins and led to increased regulatory scrutiny of the crypto industry.
2. Mt. Gox Exchange Hack (2014)
Mt. Gox, once the largest Bitcoin exchange, faced a devastating hack in 2014, leading to the loss of 850,000 BTC, valued at approximately $450 million at the time. This breach was attributed to a flaw in the exchange’s software, allowing hackers to alter transaction IDs and repeatedly withdraw funds. The incident caused significant market instability at the time.
3. DAO (Decentralized Autonomous Organization) Attack (2016)
The DAO, a decentralized investment fund built on Ethereum, was exploited due to a vulnerability in its smart contract code. An attacker drained over 3.6 million Ether, worth around $50 million, by exploiting a recursive calling vulnerability.
This event led to a contentious debate within the Ethereum community, ultimately resulting in a hard fork to restore the stolen funds, creating Ethereum (ETH) and Ethereum Classic (ETC).
4. Coincheck (2018)
In January 2018, the Japanese exchange Coincheck suffered a massive security breach, resulting in the loss of $534 million worth of NEM tokens. The hackers managed to infiltrate Coincheck’s systems due to lax security measures, including the absence of multi-signature wallets and cold storage for customer assets.
This incident is one of the most substantial monetary losses in crypto history and led to a tightening of regulatory measures in Japan.
5. Bitfinex (2016)
Bitfinex, at the time one of the leading cryptocurrency exchanges, experienced a major hack in 2016, with 120,000 BTC stolen, valued at $72 million at the time. The breach was linked to the exchange’s multi-signature wallets, which were supposed to enhance security. This led to a temporary crash in Bitcoin’s value and prompted Bitfinex to issue BFX tokens to affected users, representing their losses, which were later redeemed or converted into company equity.
6. Binance (2019)
Binance fell victim to a sophisticated hacking operation in May 2019, resulting in the theft of 7,000 BTC, equivalent to around $40 million. The attackers used a combination of phishing, viruses and other attacks to obtain a large number of user API keys, 2FA codes and potentially other information.
Binance covered the losses through its “SAFU” (Secure Asset Fund for Users) fund and the incident led to significant security overhauls and improvements in the platform’s infrastructure.
7. Poly Network (2021)
Poly Network, a decentralized finance (DeFi) platform, experienced the largest theft in DeFi history in August 2021, with over $600 million in various cryptocurrencies stolen. The attacker exploited a vulnerability in the platform’s contract calls, allowing them to withdraw the funds.
Remarkably, the hacker later returned the majority of the stolen assets after negotiations and even received a “bug bounty” for exposing the flaw.
Related: 10 Standard Techniques for Securing Your Personal Information on Crypto Exchanges
8. BitGrail (2018)
BitGrail, an Italian cryptocurrency exchange, reported a loss of 17 million Nano (formerly RaiBlocks), valued at around $170 million, in February 2018. The exchange and the Nano development team disputed the nature of the hack, with allegations of insolvency and poor security practices at BitGrail.
9. KuCoin (2020)
In September 2020, KuCoin, a Singapore-based cryptocurrency exchange, reported a security incident resulting in the unauthorized transfer of approximately $281 million in cryptocurrencies from its hot wallets. The breach was linked to leaked private keys.
KuCoin responded swiftly, working with other exchanges and projects to recover the majority of the funds and improving its security measures to prevent future incidents.
10. Wormhole Network Hack (2022)
The Wormhole network, a popular bridge between Ethereum and Solana, was hacked for approximately $325 million in February 2022.
The attacker exploited a vulnerability in the platform’s token bridge, which facilitates the transfer of assets between different blockchains. They were able to forge a large amount of Wormhole’s wrapped Ethereum tokens on Solana without depositing the corresponding ETH on Ethereum.
11. The Ronin Network Hack (2022)
In March 2022, the Ronin Network, an Ethereum sidechain developed for the popular blockchain game Axie Infinity, suffered a security breach, leading to a loss of over $620 million in cryptocurrency. Attackers compromised the private keys of five out of nine validator nodes, enabling unauthorized withdrawals of 173,600 Ethereum and 25.5 million USDC.
12. BitMart Hack (2021)
In December 2021, BitMart, a global cryptocurrency exchange, experienced a large-scale security breach, resulting in the loss of approximately $196 million across various cryptocurrencies. The attackers exploited a stolen private key to withdraw assets from BitMart’s hot wallets.
13. Harmony Protocol Bridge Theft (2022)
In June 2022, Harmony’s Horizon bridge, enabling asset transfers between Ethereum, Binance Chain and Harmony, was compromised, resulting in a loss of approximately $100 million. The attackers exploited vulnerabilities in the bridge’s smart contracts to drain the funds.
14. Liquid Exchange Hack (2021)
In August 2021, Liquid, a Japan-based cryptocurrency exchange, reported a breach in which hackers obtained control over the exchange’s wallets, leading to a loss of more than $90 million in various cryptocurrencies.
15. The Bitrue Hack (2019)
In June 2019, Bitrue, a Singapore-based cryptocurrency exchange, was hacked for $4.2 million in user assets, including 9.3 million Ripple (XRP) and 2.5 million Cardano (ADA). The attackers exploited a vulnerability in the exchange’s risk control team’s second review process, allowing them to access the personal funds of about 90 Bitrue users.
Frequently Asked Questions (FAQs)
1. How can I protect my cryptocurrency from potential hacks?
Use hardware wallets for storing your cryptocurrencies, enable two-factor authentication (2FA) on all services, be wary of phishing attempts, and only use reputable exchanges and wallets.
2. What should I do if I’m affected by a cryptocurrency hack?
Immediately report the incident to the platform involved, change your passwords and remove any API keys linked to your account. Follow the platform’s updates for affected users.
3. Are smart contracts safe to use given their vulnerabilities?
While smart contracts offer powerful functionalities, some can contain vulnerabilities. Only interact with smart contracts audited by reputable firms and widely recognized in the community for their security.
4. Can stolen cryptocurrencies be recovered?
Recovery depends on various factors, including the nature of the hack, the response of the involved platform and sometimes the cooperation of the wider crypto community. While there have been instances of fund recovery, it’s not guaranteed.
5. How do cross-chain bridges work, and why are they targeted by hackers?
Cross-chain bridges enable the transfer of assets between different blockchains. They’re targeted due to the significant value they often hold and the complexity of their security, which can present exploitable vulnerabilities.
6. What measures are exchanges and platforms taking to prevent future hacks?
Exchanges and platforms are implementing enhanced security measures such as multi-signature wallets, cold storage, real-time monitoring systems and insurance funds like Binance’s SAFU to mitigate the risks and impacts of potential hacks.
Olusegun Kehinde
ebenezermarijone
EzeP
Olaniyi4
