One of the obstacles to the mainstream adoption of digital currency has been hacking. Some high-profile thefts have occurred on various cryptocurrency exchanges and platforms, deterring investors from putting their money in them.
It has been argued that blockchain projects are secure, but back-to-back attacks in 2022 shattered this myth. Over $20 billion worth of cryptocurrency was stolen from users in 2022, according to blockchain data platform Chainalysis. Take a look at the largest crypto hacks to date.
- Hacking remains a major barrier to cryptocurrency adoption.
- Cryptocurrency exchanges are a major target for hackers, with over $20 billion stolen in 2022.
- The first major exchange to suffer from a hack was Mt. Gox, which lost 7% of all bitcoins in existence at the time.
- With the emergence of decentralized finance, hackers have also targeted smart contract platforms.
- One of the most important safety rules for long-term investors is to keep cryptocurrencies offline if you are not actively trading or spending them.
Ronin Network: $625 Million
The largest cryptocurrency hack to date was conducted in March 2022 and targeted the network that supports the popular Axie Infinity blockchain gaming platform. Hackers breached the Ronin Network and made off with around $625 million worth of Ethereum and the USDC stablecoin. The U.S. officials said that a North Korean state-backed hacking collective, Lazarus Group, was linked to the theft. Binance was able to recover $5.8 million of the stolen funds a month later, but it would still be the largest hack in history.
Poly Network: $611 Million
In August 2021, a lone hacker pounced on a vulnerability in the Poly Network decentralized finance platform and made off with over $600 million. The project’s developers issued an appeal on Twitter for the stolen funds, which included $33 million Tether. The Poly Network then established several addresses for the funds to be returned and the unknown hacker began to cooperate. After only two days, around $300 million had been recovered and it emerged that the hacker had targeted the network “for fun” or as a challenge.
FTX: $600 Million
In November 2022, FTX, one of the most powerful players in the crypto industry, declared bankruptcy. On the day it filed for Chapter 11 bankruptcy, more than $600 million was stolen from its crypto wallets. Many FTX wallet holders reported $0 balances in their FTX.com and FTX US wallets.
The crypto exchange confirmed the hack on its Telegram channel, saying: ''FTX has been hacked. FTX apps are malware. Delete them. Chat is open. Don't go on FTX site as it might download Trojans." FTX General Counsel Ryne Miller later tweeted that the crypto exchange was making ''every effort to secure all assets, wherever located."
Binance: $570 million
In one of the most high-profile attacks in cryptocurrency history, the Binance exchange was hacked for $570 million in October 2022. A cross-chain bridge, BSC Token Hub, was exploited by hackers, resulting in the creation of extra Binance Coins (BNB) and the withdrawal of 2 million BNB tokens. BNB is the native token of the crypto exchange. A bug in a smart contract enabled the hack, highlighting the need for tighter blockchain security.
The amount of cryptocurrency stolen from exchanges and other platforms in 2022.
Coincheck: $534 Million
In January 2018, the Japanese exchange Coincheck suffered an attack to the tune of $523 million NEM coins valued at about $534 million. The vulnerability was created by a hot wallet, which is a live cryptocurrency wallet and not as safe as an offline cold storage wallet. At the time, the Coincheck hack was larger even than the notorious Mt. Gox hack; NEM Foundation president Lon Wong described it as "the biggest theft in the history of the world."
Coincheck was able to survive the hack and continued to operate, despite being bought out a few months later by the Japanese financial services company Monex Group.
Mt. Gox: $473 Million
The first major crypto hack occurred in 2011 when the crypto exchange Mt. Gox lost 25,000 bitcoins worth approximately $400,000. At that time, the crypto exchange was handling nearly 70% of all bitcoin transactions.
The attack didn't stop and Mt. Gox was attacked again in 2014. It lost almost 650,000 of its customers' bitcoins, and around 100,000 of its own. At the time that was 7% of all bitcoins, and worth around $473 million. Initial reasons for the coins' disappearance were unclear, but later evidence showed that the coins were stolen from the company's hot wallet.
Wormhole: $325 Million
The decentralized finance platform Wormhole was targeted in February 2022, with $325 million taken by hackers. The attack had been made possible by an upgrade to the project’s GitHub repository, which was not then deployed to the live project. The popular cryptocurrency bridge had to plug the hole in the project’s finances after the funds were not recovered. This was also the largest theft that included Solana, one of the rivals to Ethereum's dominance in the worlds of DeFi and NFTs. Up to $47 million was taken in the blockchain's native SOL token.
Bitmart: $196 Million
December 2021 saw a hack of the Bitmart centralized exchange with losses of $196 million. The hack was first spotted by a security analysis firm, which noted BitMart addresses being drained of their balance. Around $100 million in various cryptocurrencies were funneled via Ethereum, with another $96 million exiting through Binance Smart Chain. All of the tokens were moved to an address labeled by Etherscan as the “BitMart Hacker.''
Nomad Bridge: $190 Million
Only one month before the Wintermute breach was a more significant hack of Nomad Bridge, which drained $190 million of the project’s funds. Nomad is a cryptocurrency bridge that lets users swap tokens between blockchains, but those have become the latest target for hackers. That is due to the considerable value of assets they hold and the complexity of the smart contract code on which they run. Nomad Bridge later recovered $36 million of the stolen funds.
Beanstalk: $182 Million
This hack involved the exploitation of a decentralized finance (DeFi) platform. The attacker used a DeFi product called a “flash loan,” which allows users to borrow large amounts of cryptocurrency for very short periods. After borrowing $1 billion, the hacker took a 67% controlling stake in the project and approved a transfer of funds to their wallet before repaying the loan and disappearing. The entire process of executing the hack took only 13 seconds.
Wintermute: $162 Million
Wintermute, a leading cryptocurrency market maker, was attacked in September 2022. The project lost around $160 million in a hack, and it made things worse for Wintermute because they owed $200 million to other participants in the market. A 10% bounty was offered by the CEO to the hacker if they returned the funds.
How Do Hackers Steal From a Cryptocurrency Exchange?
Most cryptocurrency thefts occur due to compromised credentials, such as by stealing a user's password or private keys. In some cases, hackers may even use phishing, keyloggers, or SIM-swapping to gain access to the user's account. In larger attacks, the hackers may target an exchange directly by exploiting weaknesses in its security protocols or trading software.
How Do You Keep Cryptocurrency Safe From Hackers?
The most important rule for storing bitcoins or other cryptocurrencies is to keep your digital assets in an offline wallet where you control the private keys. Most digital currency thefts occur due to wallets or keys being left in an online computer, leaving them vulnerable to malware. Beyond that, it is also important to use secure passwords and two-factor authentication for every account, especially those used for cryptocurrency trading.
What Happened to the FTX Crypto Exchange?
The bankruptcy of the FTX exchange was one of the largest scandals in cryptocurrency history. While there were many factors that contributed to the collapse, the biggest mistake was the decision to commingle user assets with those of Alameda Research, a trading firm that was nominally separate from FTX. Alameda took risky bets with FTX customers' funds, creating a liquidity crisis for both companies. Sam Bankman-Fried and other executives have been accused of a wide range of crimes from securities fraud to money laundering.
The Bottom Line
With the addition of new products, the cryptocurrency industry has grown rapidly in the last few years. The sector may even be advancing too fast, as it is being hacked more and more frequently. Back-to-back hacks have exposed the vulnerability of the crypto industry and undermined investors' confidence. To avoid further damage to sentiment, developers need to bring more security to the blockchain networks.