The cryptocurrency market, which consists of digital coins such as Bitcoin and Ethereum, has exploded in popularity over the past few years, with huge increases in value causing some people to become crypto millionaires overnight.
However, with this increased attention has come increased scrutiny, and several high-profile hacking incidents have occurred on cryptocurrency exchanges over the past few years. Here are the 10 worst cryptocurrency hacking incidents in history.
10 Worst Cryptocurrency Hacking Incidents in History
1) Mt. Gox (2014)
It operated from July 2007 to February 2014, when it announced its closure and filed for bankruptcy protection from creditors due to hackings taking place over several years and approximately 850,000 BTCs stolen.
This was valued at roughly $450 million (at that time) but led to significant losses for investors. This is widely regarded as one of the worst hacking incidents in cryptocurrency history. MtGox announced that about 850,000 BTCs were missing due to malleability-related theft which had been underway since 2011.
In February 2014, Mt. Gox halted all bitcoin withdrawals and customer deposits, and its CEO Mark Karpelès resigned from the board of directors of the Bitcoin Foundation. This was one month after around $460 million worth of bitcoins were reportedly stolen via a hack on its network.
In July 2015, Mt. Gox announced that it had found 200000 missing bitcoins (worth roughly $116 million at that time), which had been transferred to an external address on its network in 2011.
2) Youbit (2017)
Youbit was hacked for a second time in December 2017, losing about 17 percent of its assets. Youbit was previously hacked back in April 2017, when 4,000 bitcoins were stolen. The latest loss has pushed its reserves below 100 billion won ($92 million).
It is planning to file for bankruptcy soon. (Source: Cryptocurrency exchange files for bankruptcy after the hack, Korea Herald, December 20, 2017.) The DAO (2016): This crowdfunding project was specifically designed to run on Ethereum’s blockchain network as a decentralized autonomous organization.
On June 17th, 2016, an attacker exploited a vulnerability in smart contract code and made off with 3.6 million ether tokens—worth $50 million at that time—in just over one hour.
The attack sent cryptocurrency prices tumbling, though they later recovered. Many projects have since taken steps to fix code vulnerabilities and prevent future attacks. Bitcoin (2010): In May 2010,
a bitcoin programmer named Laszlo Hanyecz offered to pay 10,000 bitcoins for a pizza on a bitcoin talk forum thread when one person said they would accept it for two large pizzas delivered to their house in Florida.
3) Bitfinex (2016)
Bitfinex, a Hong Kong-based cryptocurrency exchange which is currently ranked fourth-largest by daily trading volume, was hacked in August 2016. As a result of an attack that took place over several days, 119,756 BTC (worth around $72 million at that time) were stolen from users’ accounts.
Bitfinex issued BFX tokens to its customers as IOUs until they could be paid back with interest and successfully repaid all user funds by January 2017. The exchange also announced a buyback program to reduce its outstanding debt using 15% of future profits.
In early 2016, a breach of 850,000 Bitcoins from mining marketplace NiceHash led to losses of around $60 million at current prices. The exchange was forced to declare bankruptcy following the incident and has since returned 100% of user funds using other company capital.
Following an attack on Bithumb, South Korea’s largest cryptocurrency exchange, earlier in June 2018, around $31 million worth of cryptocurrency was stolen.
4) Bitstamp (2015)
Bitstamp is currently the world’s oldest bitcoin exchange and one of its largest, but that hasn’t stopped it from falling victim to hackers. In January 2015, four months after it was founded, Bitstamp was hacked and lost $5 million worth of bitcoin.
The perpetrators targeted a hot wallet (an online account linked to an Internet-connected computer) belonging to Bitstamp and acquired 19,000 bitcoins. It wasn’t until three days later that Bitstamp revealed they had been compromised through a security breach that allowed attackers to bypass two-factor authentication.
Unfortunately for Bitstamp, recovering from such a breach proved too costly and nearly bankrupted them before they even recovered all their stolen bitcoins.
While Bitstamp has recovered from its hack, it proved too costly for other companies. In 2016, Bitfinex was hacked and lost $72 million worth of bitcoins.
Since then, they’ve had to pay a $75 million settlement after their security system was found to be lacking and they were suspected of engaging in market manipulation by Tether Ltd.
5) Coincheck (2018)
The Japanese exchange Coincheck became a target of hackers in January 2018. The thieves were able to steal more than $530 million worth of digital tokens, which was more than six times bigger than what was stolen during Mt. Gox, one of cryptocurrency’s most infamous hacks.
Then, in early March 2018, a Canadian exchange called Coinsecure reported that 438 bitcoins had been stolen from its holdings. In April 2018, it became clear that over 2,000 bitcoins had been taken from an Italian exchange called BitGrail—the news marked one of the biggest losses ever for a cryptocurrency company.
In June 2018, another huge hack took place when Bithumb, South Korea’s largest cryptocurrency exchange by volume had coins worth approximately $30 million stolen.
6) NiceHash (2017, 2018)
The first major cryptocurrency hacking incident happened in December 2017 when hackers stole around $78 million worth of bitcoin from a Slovenian-based mining pool called NiceHash. The platform allowed users to rent their unused computing power to other people to mine cryptocurrencies.
However, cybercriminals managed to breach NiceHash’s security protocol and siphon off 5,400 BTC that belonged to its customers.
While no one knows who carried out the hack, some suspect North Korea may be involved due to a series of similar attacks on cryptocurrency exchanges earlier that year that were attributed to hackers based in Pyongyang.
7) Bithumb (2018, 2019)
Bithumb, a South Korean cryptocurrency exchange, was hacked twice. In 2018, Bithumb reported that hackers stole 35 billion won (~US$31 million) from its users.
While in 2019 it was robbed of $17 million worth of cryptocurrencies. According to police investigations, Bithumb’s internal system used weak passwords and some of its employees might have taken part in insider trading.
Mt. Gox (2014-2015): Back in 2014, Mt. Gox was handling over 70% of all Bitcoin transactions worldwide. The company went under when hackers managed to steal 850,000 BTC which at that time was worth about $450 million. In 2015, Mt. Gox filed for bankruptcy and announced that it lost all of its users’ funds.
8) Bancor Network Token(2018 )
$12 million worth of cryptocurrencies was stolen from Bancor Network Token. The theft happened through a simple social engineering method where hackers sent phishing emails to employees of Bancor and managed to compromise multiple accounts.
It was later reported that a new wallet address had been opened for transactions using Ethereum Classic (ETC) tokens after Bancor had lost over $12 million worth of cryptocurrency in two hours. The hack led to several security checks for other currencies and exchanges including EtherDelta.
After just three days, Coinbase, one of the largest crypto exchange platforms is getting ready to start an investigation into insider trading within its company after it was revealed that a Coinbase employee profited by almost $8 million during bitcoin cash’s surge last week.
9) Parity Wallet Hack(2018 )
After more than $150 million was frozen in digital currency, security experts are questioning whether they’ve done enough to protect their cyber assets.
On Tuesday, November 6, Parity Technologies said a hack of its Ethereum software client froze 587 wallets containing a total of $156 million worth of ether—the unit of cryptocurrency used on Ethereum.
A vulnerability in Parity Wallet’s version 1.5+ allowed someone to steal over 153,000 ether (over $30M), tweeted Parity founder Gavin Wood. We are analyzing the situation and release further details shortly. It’s still unclear who is behind what may be one of the largest crypto hacks ever.
In July, Tokyo-based cryptocurrency exchange Coincheck said hackers stole about $530 million of digital currency from its users. The hack was more than double the size of Mt. Gox’s bitcoin heist in 2014 when about $340 million disappeared from that now-defunct exchange. In 2010, a hacker broke into an Mt.
10) The DAO Hack(2016 )
Ethereum is a cryptocurrency platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud, or third-party interference. In 2016, an organization called The DAO raised over $150 million USD worth of ether through a token sale to fund their venture capital projects.
However, one month after their crowd sale concluded they were hacked for more than 3M ETH. This hack made headlines globally and is considered to be one of Ethereum’s largest moments to date.
The hack itself happened when an unknown attacker made use of a recursive send bug which allowed them to withdraw ETH from The DAO’s main contract. This exploit enabled them to move funds into their own child DAO smart contract many times over.