Decentralized Finance (DeFi) is gaining mainstream adoption as more individuals have resorted to utilizing its products and services, which include interaction with centralized exchanges. Biggest cryptocurrency hacks, are on a rise and are a barrier to DeFi adoption. From 2011 – 2020, users lost over $28.7 billion due to hacking attacks on crypto exchanges.
Thus, history has proven that crypto exchanges have become prime targets for hackers, particularly as the popularity and price of digital assets have increased. This article will provide a list of the biggest cryptocurrency hacks of all time.
Biggest Cryptocurrency Hacks Summary
| Exchange | Date | Amount Stolen (USD) |
|---|---|---|
| Ronin Network | March 2022 | $600 million+ |
| Poly Network | August 2021 | $600 million+ |
| FTX | November 2022 | $570 million+ |
| Binance | October 2022 | $570 million |
| Coincheck | January 2018 | $534 million |
| Mt. Gox | June 2011 | $460 million |
| Wormhole | February 2022 | $325 million |
| KuCoin | September 26 | $285 million |
| Bitmart | December 2021 | $196 million |
| Nomad Bridge | August 2022 | $182 Million |
Biggest Cryptocurrency Hacks: What is Crypto hacking?
Crypto hacking is accomplished through both simple phishing schemes that lure people to a bogus coin exchange and the use of sophisticated software tools that comprise a coin exchange. Hundreds of millions of dollars in crypto coins have been stolen over the last decade.
Biggest Cryptocurrency Hacks: How does Crypto Hack Happen
Recent incidents have unfortunately shown that hackers can access blockchains in certain situations. This includes the following scenarios:
51% Attack:
An attacker—or group of attackers—could take control of a blockchain by controlling the majority of its computational power, known as nodes. They can introduce an altered blockchain if they control 51% of the nodes, which is known as a 51% attack.
LEARN MORE: 51% ATTACK IN BLOCKCHAIN EXPLAINED! HOW TO PREVENT IT
This enables them to make changes to transactions that had not been confirmed by the blockchain prior to their takeover.
Smart Contract error
Smart contracts may contain security flaws or errors at times. When this happens, hackers look for a way to identify the flaws and launch an attack. Smart contracts’ common functions include assisting with the financial aspects of contract transactions and automating tasks.
If the network where a smart contract operates has a security flaw, hackers may be able to steal money from users without being detected because fraudulent activity is not reflected.
Where Cryptocurrency Hacks Happen
Most decentralized finance (DeFi) hacks happen at centralized crypto exchanges and crypto wallets.
Crypto exchange hacks
Crypto exchanges and their hot wallets have proven to be weak spots for storing your crypto. Exchanges typically keep cryptocurrency in reserve for liquidity as well as many of their customers’ private keys. As a result, they are an appealing target for hackers.
LEARN MORE: HOW CENTRALIZED EXCHANGE WORKS, SECURITY AND MORE!
Thieves target exchanges in order to gain access to cryptocurrency keys. If you do not keep your private keys on an exchange, they cannot be accessed, and your cryptocurrency is safe from exchange hacking.
Wallet Hacks
Like the saying, “Not your keys, not your crypto,” this implies that if you don’t control the keys to your crypto, you can’t control what happens to your crypto. Allowing someone else to store your keys for you, referred to as a “custodial relationship” between key owner and key holder, gives that entity control of your cryptocurrency.
LEARN MORE: HOW CRYPTO WALLET WORKS: IS CRYPTO WALLET SECURE?
Most hacks and thefts take place in a wallet, where private keys are kept. Wallets, which are software applications installed on mobile devices and computers, hold all private keys. They can also be written down on paper or stored on devices similar to USB thumb drives.
LEARN MORE: PRIVATE AND PUBLIC KEY IN BLOCKCHAIN EXPLAINED!
Wallets’ electronic and software versions are either connected to the internet (hot) or not connected (cold). Hot and cold storage methods are typically provided by cryptocurrency exchanges for their users; these methods are custodial because they hold your keys for you.
Applications (software) and devices can both be compromised. Hackers can steal your cryptocurrency because private keys are stored in application and device wallets.
Biggest Cryptocurrency Hacks
Crypto exchanges have become prime targets for hackers, thus deterring investors from putting their money in them. It has been argued that blockchain projects are secure, but repeated attacks in 2022 alone demolished this myth.
So far, over $1.6 billion worth of cryptocurrency has been stolen from users in 2022, according to blockchain data platform Chainalysis. Let’s take a look at some of the largest crypto hacks:
Ronin Network
In March 2022, the largest cryptocurrency hack to date targeted the network that supports the popular Axie Infinity blockchain gaming platform. Hackers broke into the Ronin Network and stole $625 million in Ethereum and the USDC stablecoin.
The theft was linked to the Lazarus Group, a North Korean state-backed hacking collective, according to US officials. A month later, Binance was able to recover $5.8 million of the stolen funds, but it would still be the largest hack in history.
Poly Network
A lone hacker exploited a vulnerability in the Poly Network decentralized finance platform in August 2021 and stole over $600 million. The developers of the project issued a Twitter appeal for the stolen funds, which included $33 million in Tether.
The Poly Network then set up several addresses where the funds could be returned, and the unknown hacker began to cooperate. After only two days, the hacker had recovered around $300 million, and it was revealed that the hacker had targeted the network “for fun” or as a challenge.
FTX
FTX, one of the most powerful players in the crypto industry, declared bankruptcy in November 2022. More than $600 million was stolen from its crypto wallets on the day it filed for Chapter 11 bankruptcy. Many FTX wallet users reported having no funds in their FTX.com and FTX US wallets.
LEARN MORE: FTX REVIEW 2023: FTX SECURITY, COINS, & MORE!
On its Telegram channel, the crypto exchange confirmed the hack, saying, “FTX has been hacked.” Later, FTX General Counsel Ryne Miller tweeted that the cryptocurrency exchange was making “every effort to secure all assets, wherever they may be located.”
Binance
In October 2022, the Binance exchange was hacked for $570 million in one of the most high-profile attacks in cryptocurrency history. Hackers exploited a cross-chain bridge, BSC Token Hub, resulting in the creation of extra Binance Coins (BNB) and the withdrawal of 2 million BNB tokens. BNB is the crypto exchange’s native token. The hack was enabled by a bug in a smart contract, emphasizing the need for tighter blockchain security.
LEARN MORE: BINANCE REVIEW 2023: BINANCE COIN, IS BINANCE LEGIT? AND MORE!
Coincheck
In the final days of January 2018, Coincheck was attacked. The hot wallet of the exchange was the target of the hack, as it is in most cases, and 523 million NEM tokens were stolen from it. Despite all of the previous lessons, the exchange continued to store user funds, as well as its own, in the hot wallet, which did not use multi-signature protection.
Did the thieves sell the stolen goods? Hardly. Following the theft, the crypto community came together and began to actively exchange information in order to prevent further movements of stolen funds. The instant exchange ShapeShift, in particular, has prohibited the trading of NEM coins.
Mt. Gox
Mt. Gox was one of the most well-known and famous cryptocurrency exchanges to be hacked. The Japanese-based exchange was the largest trading platform in 2014, handling more than 70% of all Bitcoin transactions worldwide. Several security breaches occurred during the exchange’s early years.
However, a devastating hack in 2014 resulted in the loss of 740,000 bitcoins owned by customers and 100,000 owned by the exchange. Given the number of bitcoins that had been mined and were in circulation at the time, this was a significant hack.
The total theft amount was estimated at $460 million, making it the largest hack in history at the time, and ultimately crashing the Bitcoin price. Following the incident, the company suspended all deposits and withdrawals and declared bankruptcy in Japan. Mt. Gox did significant damage to the industry’s reputation, and it took years to recover and restore trust in centralized exchanges.
Wormhole
Hackers stole $325 million from the decentralized finance platform Wormhole in February 2022. The attack was made possible by a GitHub repository upgrade that was not then deployed to the live project.
After the funds were not recovered, the popular cryptocurrency bridge was forced to plug the hole in the project’s finances. This was also the largest theft involving Solana, one of Ethereum’s main competitors in the worlds of DeFi and NFTs. The blockchain’s native SOL token received a total investment of $47 million.
KuCoin
KuCoin, a licensed exchange, was attacked by unknown malicious actors. According to an official announcement, on September 26, 2020, at 03:05:37 (UTC+8), KuCoin detected some large withdrawals, following which the company suspended asset deposit and withdrawal services.
According to KuCoin representatives, further investigation revealed that the hackers used a security breach to gain access to the exchange’s hot wallets, from which more than $285 million was stolen.
Although KuCoin has confirmed that they were able to recover approximately $240 million of the stolen funds (84%), the remaining $45.55 million (16%) is in the hands of the KuCoin hacker. $222 million (78%) was recovered by internal efforts from the KuCoin team as well as its exchange partners, $17.45 million was recovered by law enforcement officials and security institutions, and the remaining $45.55 million (16%) is in the hands of the KuCoin hacker.
Bitmart
A $196 million hack of the Bitmart centralized exchange occurred in December 2021. A security analysis firm first discovered the hack, which resulted in BitMart addresses losing their balance.
Approximately $100 million in various cryptocurrencies was routed through Ethereum, with another $96 million exiting via Binance Smart Chain. Etherscan labeled all of the tokens as belonging to the “BitMart Hacker.”
Nomad Bridge
Only one month before the Wintermute breach, the Nomad Bridge was hacked, draining $190 million from the project’s funds. Nomad is a cryptocurrency bridge that allows users to exchange tokens between blockchains, but it has recently become a target for hackers.
This is due to the high value of the assets they own and the complexity of the smart contract code on which they operate. Nomad Bridge eventually recovered $36 million in stolen funds.
Biggest Cryptocurrency Hacks: Conclusion
The cryptocurrency industry has expanded rapidly in recent years, thanks to the introduction of new products. The sector may be advancing too quickly, as it is increasingly being hacked.
Back-to-back hacks have exposed the crypto industry’s vulnerability and eroded investor confidence. To avoid further damage to sentiment, developers must strengthen blockchain networks.
