• Language & Exchange Rate Switch
  • Preference Settings
    Rise/fall colour
    Start-End Time of the Change
Web3 Exchange
Gate Blog

Your Gateway to crypto news and insights

Gate.io Blog 15 BIGGEST CRYPTO HACKS AND HEISTS

15 BIGGEST CRYPTO HACKS AND HEISTS

18 May 01:50


Cryptocurrencies have served as a significant improvement to the digital and financial system. Crypto as a form of digital payment has made online transactions faster, cheaper, and more accessible. People no longer worry about the security of their funds because they are pretty safe when kept as crypto coins. There has been a steady increase in fraudulent acts in the cryptocurrency space over the last two decades. As secure as cryptocurrencies are, third parties cannot effectively track transactions, which can pose a big disadvantage to investigators when dealing with fraud cases. Cyber hacks and heists have taken over a lot of accounts, subjecting their owners and investors to huge losses. Recent complaints have recorded over $4.5 billion of crypto assets losses due to illicit unauthorized transactions.

The sad news is that law enforcement cannot easily track these funds, making it difficult to find the mastermind behind the heist.

There is a need to provide even higher security measures on crypto platforms to prevent crypto hacks and heists. Let's check out some of the biggest crypto hacks and thefts, learn about these activities, and how to protect accounts against such events.


THE POLYNETWORK HEIST——$610 million




In 2021, Polynetwork- a cryptocurrency exchange platform, suffered a big heist in the history of crypto heists. Under the anonym- white hat, the hacker stole up to $610 million from the platform. The theft left poly network developers in disarray as major investors are already looking for a way out since their security has been compromised. However, due to swift actions, the platform could control about $330 million worth of the stolen assets and have frozen stable coins worth $33 million belonging to the hacker. Efforts and contacts have been made to negotiate terms with the hacker, but no mutual agreement has been reached so far.


THE RONIN HACK——$625 million



An analytic report from Elliptic reported that Ronin- the blockchain developer in charge of the Axie game, lost 173,600 Ethereum tokens and 25.5 million USDC coin tokens which sum to over $625 million.

According to a report by the US Treasury, this hack was carried out by the North Korean Lazarus group. The hackers bypassed the private access keys and carted away the assets. There has not been much progress made in recovering the coins, but legal actions and warrants have been issued to look into suspected accounts. This hack may have been the biggest DeFi hack in history.


2022 Q1 has been majorly driven by hacks on Ronin Bridge and Wormhole Network. Source: Chain analysis


THE COINCHECK HACK——$500 million



In 2018, the Coincheck security system was breached and led to the loss of over $500 million worth of digital coins. Inside reports proved that an external force did the heist. The stolen funds have been kept in a hot wallet, connected to an external wallet for withdrawal by the hacker. So far, Coincheck developers have been able to track accounts suspected to possess the stolen funds. Further actions are put into place to monitor the suspicious transfer of questionable coins from any account.


MT. GOX HACK——$460 million




This hack remains a mystery to date. In early 2014, hackers had access to Mt. Gox's private keys and stole coins from customers and the company. The hackers took advantage of the company's popularity then and exploited its weakness. They stole about 740,000 bitcoins from customers and 100,000 from the company itself. Mt. Gox company suffered a big blowout and went bankrupt after this event. Although, crypto reports referred back to the first time Mt. Gox's private keys were stolen. Then, actions were taken to subdue the hack, but it was not enough to curtail the damage already done. The total worth of stolen coins in 2014 was worth over $460 million at an average price.


THE WORMHOLE HACK—— $325 million



The wormhole is a digital currency platform that allows the exchange of cryptocurrencies from different platforms. A recent report from cybersecurity reported that wormhole systems had been compromised. The hacker forged a signatory and minted 120,000 wrapped Ethereum, equivalent to $325 million. Attempts have been made to follow up on the hacker's account, but it might take a while to recover the coins.


THE KUCOIN HACK—— $150million




Kucoin is one of the recent cryptocurrency exchange platforms with robust security protocols. A confidential investigation into the KuCoin hack proved a connection with North Korea. The heist conducted on their system led to the loss of approximately $150million in total from users' accounts. This hack remains unsolved as the masterminds have not been tracked. It is believed that the perpetrators went into hiding after hacking KuCoin. Kucoin remains active, even with more investors, despite the hack. They now have improved algorithms and security measures to protect them from future hacks.


THE BITMART HEIST—— $190 million




BitMart Exchange platform fell victim to a big heist when their private key was stolen. The cybercriminals accessed the Ethereum and Binance blockchain to steal crypto coins worth about $190 million. The criminals erased their steps using a decentralized exchange platform known as 1inch to convert the coins to Ethereum. The altered Ethereum coins are transferred to a private mixer platform known as Tornado cash. For now, it might be impossible to track and recover the lost coins; however, the company has made provisions to refund customers affected by the heist. Proper hygiene security measures have been implemented to prevent future hacks on the platform.


THE BITGRAIL HACK—— $2 million



tiiibier.com

Bitgrail suffered losses due to a hack carried out on their platform in early 2018. This hack led to cases of suspicions between the CEO, Firano Francesco, and NANO, the developer. Legal actions and investigations later proved that the CEO, Firano, was involved in a series of withdrawals made on the platform. These withdrawals were redirected to the NANO system. Further investigations proved that Firano had a private account with over 200 BTC, worth about $2 million as of 2018. Other shreds of evidence showed that the CEO facilitated the hack to bypass the payment of users and accumulate coins for himself.


THE DAO HEIST—— $70 million



news.softpedia.com

Early in 2016, a platform known as The Decentralized Autonomous Organization (DAO) was launched. The platform's goal was to serve as an investment platform for crypto projects. Like every other decentralized platform, it would operate without central access; hence, it would work solely on smart contracts agreed on by stakeholders.

Before its release, this project met the interest of many investors, and they contributed a lot of money at an early stage. The crowdfunding campaign generated about $12.7 million worth of Ethereum. Unfortunately, an unauthorized person planted a bug in the smart contract; this served as an entry point for the hack. Over $70 million worth of Ethereum was withdrawn from the DAO's smart contract.

Although some investors could get some of their investment back, the DAO project eventually crashed and went down the drain. As fascinating as the project was, the innovation suffered a significant loss that made users question its credibility and security.


THE BITFINEX HACK—— $78 million




Upon the release of Bitcoin, Bitfinex was one of the earliest exchange platforms. Their operation and credibility from 2016 drove lots of traders into their platform. Unfortunately, a phishing heist was carried out on their platform; the hackers tapped into their communication and gained access to users' details. This access facilitated a breach in security that led to the loss of approximately 120,000 BTC. This was worth over $78 million in 2016.

Further investigation into the heist led to the arrest of the hackers, but Bitfinex had already lost some investors before the balance could be restored to their system. Bitfinex offered each user 1BFX for every $1 BTC they lost on their platform to resolve the issue. The BFX token, as of then, could be traded for other crypto coins or iFinex shares.


THE QUADRIGA HEIST—— $190 million




There was a heist on QuadrigaCX, a crypto exchange platform based in Canada, where the number of lost tokens will probably remain a mystery forever. QuadrigaCX's owner, Gerald Cotten, died due to a fatal disease that could not find a cure for its treatment. Upon his death, the management found out that the company's assets had been kept in private storage that only Gerald had access to.

Consequently, since the only person with access to the asset was no longer available, users began to panic and request withdrawals and exchanges for their tokens. This caused a great uproar in the system because they could not afford to pay all the users with accumulative tokens worth over $190 million as of 2019. Upon more investigation, it was discovered that several fake accounts were allegedly created by the CEO- Gerald. The $190million estimated loss remains unpaid and unresolved because there is no access to the private key.


THE PAID NETWORK HACK—— $3 million




Around March 2021, PAID network, a Defi platform, suffered an issue with its algorithm and a hacker created millions of personal tokens while PAID network was vulnerable. Users unknowingly invested in these tokens but PAID network was able to curb the action at an early stage. The fake tokens created by the hacker were worth over $180 million; due to early intervention, some of these tokens were converted to Ethereum in wrapped form, while the rest were lost as a result of inflation. The hacker was only able to get away with $3 million worth of tokens from the platform.


THE PANCAKEBUNNY HEIST—— $200 million



Source: swapcodex.com

In mid-2021, the PancakeBunny security was breached, and the exploitation led to the loss of over $200 million worth of crypto coins from the platform. The tokens drained by the hacker were released in the market at a ridiculously low rate, causing a decline up to 95% in the initial price value. The hacker made about $3million from this heist; further investigation has not been able to produce the mastermind behind this heist.


THE PARITY HACK—— $30 million




In 2017, an anonymous user named 'devops199' exploited the Parity smart contract and transferred 44,000ETH from the parity wallets. This hack was similar to the attack on the DAO project. The Parity hack was addressed at an early stage. When this hack was discovered, the CEO, Xavier, protected large investors from losing their funds by transferring over 377,000ETH to a secure, accessible account. When the Parity smart contract bug was fixed, about 150, 000 ETH (about $30 million)was stolen already.


THE PLUSTOKEN SCAM—— OVER $2 Billion



This heist was personalized and carried out by private owners on naive users. Some fraudsters launched a fake platform called Plus token. The platform allowed users to create accounts and trade on their behalf with the investments. Many users fell victim to this cause and invested a lot of money into the platform. They were convinced by the fake screenshots uploaded by the fraudsters.

These screenshots showed a series of successful withdrawals completed by other investors. Little did they know that the screenshots were fake. After accumulating over $2 billion on the platform (Bitcoin, Ethereum, and EOS), the fraudsters transferred the money to their private accounts and credited some early investors to avoid suspicion. They later left the investors in disarray and carted away their funds. The Chinese authority was able to arrest some of the fraudsters but could not recover the money to pay the investors.

Source: Chain Analysis


CONCLUSION



There is an increase in crypto hacks and heists. Even with constantly improving security measures, hackers still find a way to outsmart users and steal their funds. Protection of wallet and account details must be prioritized to avoid more crypto heists. However, fraud can be reduced by enabling a private key that safeguards an account against unauthorized third parties.



Author: Gate.io Observer M. Olatunji
Disclaimer:
* This article represents only the views of the observers and does not constitute any investment suggestions.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all other cases, legal action will be taken due to copyright infringement.
ETH/USDT -0.10%
BTC/USDT + 0.92%
GT/USDT + 19.16%
Unbox Your Luck and Get a $6666 Prize
Register Now
Claim 20 Points now
New User Exclusive: complete 2 steps to claim Points immediately!

🔑 Register an account with Gate.io

👨‍💼 Complete KYC within 24 hours

🎁 Claim Points Rewards

Claim now
Language and Region
Exchange Rate
Go to Gate.TR?
Gate.TR is online now.
You can click and go to Gate.TR or stay at Gate.io.