The biggest thefts in the field of cryptocurrencies until 2022

Since 2011, there have been about 250 cases of theft of digital assets worth more than $12 billion on the Web. Every year, this “piggy bank” is replenished with new cases, which makes the owners of exchanges, wallets, investment companies and other services approach the protection of capital with greater responsibility. Hacks themselves are carried out both through the fault of the owners themselves, and because of weak protection. Below we will consider the largest thefts related to crypto-currencies for all this time, we will highlight their features and reasons.

year 2013

The biggest thefts of cryptocurrencies began in 2013, when the wallets of users and exchanges were not sufficiently protected. Consider the main events of this period.

Mt Gox – $390 million

The victim of one of the largest fraudulent schemes was the company Mt.Gox, which at that time carried out about 70% of all operations with BTC. At some point, almost 400 million worth of Bitcoin disappeared from customers’ wallets. During the investigation, it was possible to determine that over a 2-year period, the hacker was stealing cryptocurrency from people’s vaults, but the exchange considered this to be deposits and even credited a number of users with up to 40,000 BTC.

As a result of the largest theft, the head of the exchange platform, M. Karpeles, announced his resignation from the board. An analysis of the situation showed that during the activity, the management carried out many fraudulent schemes, which led to a deplorable situation. A year later, the company went bankrupt, which happened due to the accumulation of debt over $63 million and an increase in the number of creditors to 127,000 people. The exchange itself was also affected, losing about 120,000 BTC.

2016

In 2016, there were a number of events related to the theft of cryptocurrencies on exchanges or in users’ wallets. Let us briefly analyze the features of fraudulent activities and the amount of loss.

Bitfinex – 119,756 BTC

In 2016, Bitfinex was considered one of the largest Bitcoin exchanges, but over time, it lost its leadership to ANX. On August 4, a group of attackers managed to steal 119,756 BTC from client accounts by overcoming existing security systems. Over time, it became known that the theft occurred due to a vulnerability in the system’s multi-signature.

The secret to the success of the hackers turned out to be simple. According to the rules, the exchange has two keys, and the third one belongs to the BitGo blockchain company. The presence of the “trinity” allows for transfers. The hackers managed to intercept the BitGo key and use it to sign transactions.

Platform workers announced on social networks that the servers remained intact.

Representatives of the exchange told users that they plan to compensate for the costs. For this, a part of the coins purchased during the ICO process was used. At the same time, it was not possible to find the attackers and trace the path of the lost money. Despite the difficulties, the Bitfinex exchange still exchanges Bitcoins, Litecoins and Ethereum and fiat money.

2017

In 2017, there were several major thefts of cryptocurrencies that require special attention.

Tether – $30.9 million

Tezer developers decided to combine blockchain technology and fiat currencies. The result was the emergence of USDT – tokens that are pegged to the US dollar. Their purpose is to be used in trading goods using Bitcoin, Ethereum and other digital assets. At the same time, depositing one dollar into the account allows you to receive one USDT in return.

On November 19, 2017, one scammer managed to get into the main Tezer wallet and took away $30.9 million worth of cryptocurrencies from there. The scam was committed using a Bitcoin address. Users of digital coins accused the developers of collaborating with the Bitfinex exchange, which by that time had lost investors’ money. There were remarks that the creators of the exchange used the cryptocurrency for their own purposes.

To protect the reputation, the Tether administration managed to block the exchange and withdrawal of the attacker’s funds from the wallet. But against the backdrop of a major theft of cryptocurrency, the depreciation of digital assets began.

Ethereum – 153,037 ETH

In July 2017, another event occurred related to fraudulent activities in the field of digital assets. She touched on the Ethereum cryptocurrency, released in 2014. On July 20, 2017, the attacker transferred 153,037 ETH to the three largest wallets owned by Eternity, Edgeless Casino and Swarm City. An attacker was able to change wallet owners by exploiting a vulnerability.

At first, the creators of Swarm City noticed the theft. They briefed the Ethereum team and turned to white hat hackers for support. Thanks to coordinated actions, the specialists were able to return the stolen funds and ensure the safety of other accounts. “Treatment” succeeded, thanks to the use of the same vulnerability.

NiceHash – 4736.42 BTC

The largest theft in the field of cryptocurrencies can be attributed to the situation with NiceHash, a digital asset miner with a built-in market and the ability to rent power to users. On December 6, attackers were able to hack into the system and receive cryptocurrency in exchange. Representatives of the payment system noted that the hackers managed to hack the payment service and pull 4736.42 Bitcoins from the wallet. The administration said they plan to investigate and punish those responsible.

During that period, the total amount of stolen funds (taking into account the exchange rate) amounted to $ 80 million. The company said it returned 60% of the stolen money, but in 2019 the return program had to be frozen. The reason was a sharp decline in the company’s income.

Over time, it was announced that compensation would resume in the near future. Note that due to the current situation, the old management quit, and the new team eliminated the existing vulnerabilities.  

2018

2018 was also rich in events, in which several major thefts of various cryptocurrencies took place. For example, consider the most serious situations.

CoinCheck – 523 million NEM

At the start of 2018, scammers hacked the CoinCheck cryptocurrency platform using a virus program sent and activated via e-mail. The result was the theft of customer private keys and 523 million NEM. At that time, this amount was equivalent to 533 million dollars. The reason for the problem was the fact that the money was not in a cold wallet, which is reliable and protected from hacking.

The employees of the exchange confessed to the loss of funds and the wrong approach to managing the storage. The mistake was the rejection of smart contracts with multi-signatures and the storage of funds in one wallet. Note that such a large theft did not lead to a collapse, because it did not matter much for the market. The total loss amounted to 0.25% of the total number of digital assets. Saved by the quick reaction of the representatives of the exchange, aimed at eliminating the problem.

Bitgrail – 17M Nano

In February 2018, the Bitgrail exchange platform was a small service that works with various digital assets. One of the cryptocurrencies was Nano or XRB. At the beginning of 2018, the value of the coin increased to $33, after which the attackers hacked into the platform and stole 17 million XRB. 

Users began to note that they noticed difficulties before the attack began. An analysis of the situation showed that the cryptocurrency managed to be stolen from their cold wallets, which, it would seem, are more secure. Thanks to the investigation, it was possible to establish that the main culprit of the situation is the owner of Bitgrail. It was he who caused the attacks or did nothing to eliminate them.

2019

No less large thefts in the cryptocurrency sphere occurred in 2019. They affected both exchanges and wallets. Let’s take a look at some of the most important events below.

Binance – 7074 BTC

In 2019, there was a serious event related to the hacking of the major crypto exchange Binance. 7074 Bitcoins were stolen from it, which at that time was about $40 million. The platform administration said on May 7 that hackers gained access to customers’ API keys, 2FA codes, and other data. Various methods were used for hacking, including phishing, virus and other types of attacks. The attackers gained access to the Binance crypto wallet, which contained about 2% of the money.

The attackers carried out 44 operations, which allowed them to steal 7074 BTC. 

The reaction of the exchange was instantaneous. Its representatives announced their intention to cover the costs of users and compensate for the costs of customers. For the payment of funds, it was planned to use money from the SAFU fund, specially created for such cases. During the operation of the exchange, it was constantly filled up due to the accrual of a 10 percent commission.

CoinBene – $105 million

In March 2019, representatives of the CoinBene platform announced suspicious activity and the movement of a large flow of funds from the wallet to another program. At first, the developers announced they were leaving for maintenance, but over time, rumors of a hack began to appear. The investigation showed that the funds were transferred to Etherdelta, where the attackers sold them for ETH.

2020

The events of 2020 did not pass by, in which there were also fraudulent cases with the theft of digital assets.

KuCoin – $281 million

In September 2020, representatives of the exchange confirmed that attackers were able to access private keys from hot wallets. As a result of the hack, the scammers managed to withdraw a large amount in different cryptocurrencies: Bitcoin, Ethereum, Litecoin, Tron, Tether USDT, XRP and others. Experts note that the blame for this situation should be placed on North Korean hackers.

2021

Improving the protection of exchanges and wallets could not protect large platforms and users themselves from losses. Below are a few situations that are worthy of attention.

Africrypt – 69,000 BTC

One of the largest investment platforms Africrypt in 2021 experienced a large-scale theft of funds. The attackers stole almost 69,000 BTC, which is about $2 billion at the current exchange rate. The developers said that the scammers managed to hack the platform and steal money. The owners of the funds asked not to contact the police, because this could complicate the return of the cryptocurrency.

Investors ignored the recommendation and hired representatives from Hanekom Attorneys to determine the cause of the theft. As a result, it was possible to determine that access to the platform was lost a week before the theft was announced. Later, the South African police took over the case, which turned to the cryptocurrency exchange and tried to put scammers into using digital coins.

Tracing the stolen funds was a difficult task, as the scammers used special mixers. As a result, the site became unavailable. Note that at the time of creation, representatives of the platform promised a yield of 3640% per year. Against this background, the company’s actions are considered one of the largest scams.

Poly Network – $600 million

Another major cryptocurrency theft took place on August 11, 2021. Representatives of the Poly Network service announced the theft of digital assets in the amount of $ 0.6 billion. The platform is an aggregator that combines different blockchain technologies. Representatives of the service informed about the hack via Twitter and asked for a refund. 

Experts note that the considered theft is the largest in the field of DeFi.

The reason for the hack was the presence of a vulnerability in the platform. However, many believe that the theft itself was planned. Poly Network representatives asked exchange platforms to blacklist coins that come from hackers. At the same time, Tether announced that it had frozen $33 million. The rest of the funds were returned by the attacker.

For some time, the hacker blackmailed the system and agreed to return the stolen goods after receiving a reward of $0.5 million. For this, he spoke about the vulnerability that was identified, and the developers were able to quickly fix it. In addition, the attacker was offered employment in the company.

Pancake Bunny – $200 million

In May 2021, a group of hackers managed to attack a large platform and withdraw an amount equivalent to $200 million. To implement their plan, the hackers took a large amount of BNB, and subsequently manipulated the price and dumped the funds on the market. This made it possible to get lots of Bunny tokens via flash credit and dump them for a price drop.

Bitmart – $196 million

The Bitmart cryptocurrency wallet became another victim of the attackers. In December 2021, hackers managed to withdraw 100 million through the Ethereum blockchain, and the rest through the Binance Smart Chain. Many cryptocurrencies were stolen, including BNB, BSD-USD, Safemoon and others.

Other cases

In 2021, there were a number of major thefts in the cryptocurrency sphere:

  • Vulkan Forged lost $135 million in December. Hackers gained access to personal wallets and stole 4.5 million PYR tokens from them.
  • badgerDAO. In December, an attacker was able to steal money from various crypto wallets on a DeFi platform. The result was a loss of $130 million, of which $9 million was recovered.
  • Cream Finance. Hackers were able to steal $130 million during an attack in October 2021. A year later, the company managed to rob the company twice more. The result was a loss of $130 million.
  • liquid. In August 2021, a company from Japan announced that outsiders had gained access to wallets. The hackers managed to steal about $100 million in the form of 69 different digital assets.

2022

2022 was no exception, in which the theft of digital assets also occurred. Not only exchanges and user wallets are under attack, but also NFT games.

Axie Infinity – 173,600 ETH and 25.5 million USDC

The developers of the game Axie Infinity announced the theft of digital assets worth over $ 0.5 billion. Representatives of the company noted that the reason was social engineering, so we are not talking about any technical failures. Attackers stole over 540 million worth of cryptocurrencies from the Ronin network. It is she who underlies the mentioned NFT project. Information about the largest theft in the field of such games was announced by the developer himself – Sky Mavis.

The attackers managed to steal 173,600 ETH and 25.5 million USDC.

At the same time, token owners lost the ability to withdraw funds or deposit them into the network. It is up to the developer to take steps to remedy the damage. Elliptic analysts said that this is the second largest theft of cryptocurrencies in the 13-year history of cryptocurrencies. At this stage, the funds are in the hacker’s wallet, which is being monitored.

Wormhole – 120,000 wETH

No less major theft was the robbery of the Wormhole cryptocurrency platform. The attackers managed to steal over $300 million, taking into account the exchange rate. The mentioned service is a bridge between Solana and decentralized networks. The hacker found a vulnerability and took advantage of it to steal. As a result, Wormhole specialists had to close until the circumstances and reasons for the theft of 120,000 eETH were clarified.

What is the reason for the growth of cryptocurrency theft and how to protect yourself

The reason for hacker attacks and theft of digital assets is often greed. Cryptocurrency theft allows you to get a large amount of money with the prospect of a price increase. This is happening against the backdrop of increased demand for digital assets and the reluctance of owners to talk about such losses.

In practice, it turned out that stealing a cryptocurrency is easier than hacking a bank account or stealing fiat money.

In addition, the movement of digital assets is difficult to track, so the fraudster is very likely to remain unrecognized. Not surprisingly, the number of break-ins and thefts not only does not decrease, but continues to grow.

But there are a number of steps to protect yourself from hacking:

  • Hiding data about a personal wallet. You can’t “light it up” on open projects.”
  • Reliable storage of private keys and seed phrases, the loss of which inevitably leads to the loss of the cryptocurrencies themselves.
  • Checking any attachments about investments.
  • Refusal to cooperate with suspicious subjects.
  • Enable 2-factor authentication.
  • Checking the URL before conducting transactions for the fact of fake sites.
  • Rejection of offers with the condition of prepayment, regardless of the conditions.

Results

Above, we have reviewed the biggest thefts of cryptocurrencies related to exchanges, wallets, NFT games, investment platforms and other platforms. All these cases make us think about the security of online services and reconsider options for protecting cryptocurrency savings. But even with a careful approach, the risk of theft of digital assets remains, so exchanges and large projects always have a “financial cushion” to pay compensation and solve problems.

Leave a Reply

Your email address will not be published.