The 6 Worst Cryptocurrency Hacks of All Time
Last Updated on November 12, 2023 by Ameer Hamza
Cryptocurrency is notable for its transparency and security with cryptography. However, it has earned a reputation for being a frequent victim of cyber-attacks. Moreover, as cryptocurrency markets mature, cybercriminals’ efforts to siphon their assets intensify. Taking note of this, government involvement and self-regulatory initiatives across the industry are significantly enhancing security measures at all major crypto exchanges.
The following are some of the Cryptocurrency Exchanges that have faced terrible hacks in the course of their operation:
Coincheck is a Japanese cryptocurrency exchange that was hacked on January 26, 2018. The hackers acquired a total of 523 million NEM tokens worth 534 million dollars at the time. It took hackers a phishing attack to gain access to the necessary information from emails the employees had interacted with. Reports say that the hack was majorly enabled by technical difficulties and a shortage of employees. Additionally, the exchange stored the looted coins on a hot wallet connected to the internet. This was rather than an offline cold wallet which is the standard industry practice that provides an extra layer of protection from remote attacks.
Coincheck utilized its own capital to reimburse all affected customers. In April 2019, the company was bought by the traditional Japanese financial services corporation, Monex Group.
2. Mt. Gox
Mt. Gox started as a card trading platform in 2007 before becoming a bitcoin exchange (2010). The company’s hacking incident is simply an example of gross negligence and incompetence. The enterprise used to be recognized as one of the largest cryptocurrency exchanges in the world. However, the exchange was hacked in 2011. Cybercriminals stole 8.75 million dollars-worth of Bitcoin. The exchange promised they would step up their security game, but they fell victim to cyber theft again.
Mt. Gox lacked a version control software system and test environment. In 2014, hackers took advantage of this poor coding security and stole 850,000 BTC worth approximately $460 million. The lost coins were never fully refunded to the exchange’s customers, resulting in gradual bankruptcy for the company.
In August 2016, 120,000 BTC worth $72 Million was laundered from Bitfinex Exchange. Swiftly, they stopped all withdrawals and trading. The looted funds were blacklisted, preventing the possibility of cashing the BTC through another cryptocurrency exchange. They, however, did not recover their assets. Till date, the hackers have not been traced. As of April 2017, they were able to pay back their attacked customers using an Equity strategy.
4. Poly Network
Poly Network is an exchange that seeks to connect different blockchains so that they can work together. Its cross-chain transactions feature allows users to send assets among different blockchains without converting them via an exchange. In August 2021, hackers exploited a vulnerability in the network and siphoned $610 Million. However, they reached out to the hacker, established communication and regained control of the assets. They even offered the hackers the job of ‘Chief Security Adviser’. The hackers rejected and stated that they did it for FUN to expose the security holes in the platform’s digital contracts. Some experts speculate that the coins were somewhat difficult to launder.
Coinbene is a Singapore-based cryptocurrency exchange operated by Chinese workers. In March 2019, the company was attacked by hackers who cost them over $105 million worth of crypto. Initially, the exchange insisted they were closing down for maintenance. Yet, after an investigation by experts, the public discovered that they were hacked.
On September 25, 2020, KuCoin, another major cryptocurrency exchange, was hacked costing them about $275 – $285 million worth of bitcoin. However, with the intervention of smart blockchain tools and timely cooperation of other bitcoin exchanges and law enforcement agencies, KuCoin recovered about 84 percent of the stolen tokens and made up for the other losses through its capital and insurance. They further made a trailblazing move by establishing its Safeguard Program, which is designed to take advantage of their experience in handling the hack to assist other cryptocurrency platforms that might find themselves in that situation.