List of Crypto Exchange Hacks: Updated For 2023

Project information

In cryptocurrency when the owner died; he was the only one with knowledge of the password to a storage wallet. The malicious website operated for an unknown amount of time and was discovered in January 2018. Cryptojacking is the act of hijacking a computer to mine cryptocurrencies against the user’s will, through websites, or while the user is unaware. One notable piece of software used for cryptojacking was Coinhive, which was used in over two-thirds of cryptojacks before its March 2019 shutdown.

Nomad stated that if hackers returned 90% of their stolen funds, they could keep the other 10% and would not be legally prosecuted. Users that voluntarily returned funds would be declared white hat hackers and considered “testers” of the vulnerability. Wormhole is a DeFi service that acts as a bridge between blockchains, like the Solana and Ethereum blockchains. Cross-chain bridges allow users to exchange one type of currency for another one. On Wormhole, users often send Ether to the bridge protocol to be locked in a collateral contract on the Ethereum blockchain. Those users are then issued an equivalent amount of wETH on the Solana blockchain.

Coin exchange hacked

The exchange confirmed the security breach in an August 19 tweet, with Liquid revealing the wallet addresses implicated in the breach. The exchange noted that only it’s warm wallets were affected, adding that its assets are currently being moved into cold storage.” “Major cryptocurrency derivatives exchange​​ Deribit has halted withdrawals after suffering a $28 million hot wallet hack. It’s not the first time Coinbase has seen complaints from customers who lost money on their accounts in a SIM swap scam. One Indiana man lost $7,200 from their account in 2021 but failed to get his money back, CBS reported, noting it had been reporting on similar Coinbase hacks for months. Cryptocurrency exchange Binance temporarily suspended its blockchain network after hackers made off with around $570 million worth of its BNB token.

According to a company spokesperson, the hacker had access to the hot wallet infrastructure that enabled them to gain access to the funds. Approximately$4 millionin customers were withdrawn from the exchange through Poloniex which has not been recovered. Cryptocurrency exchanges, fell prey to a major security breach on May 7, 2019. Hackers used a variety of tactics — including phishing and viruses — to obtain a large number of two-factor authentication codes and API keys. The hackers made off with 7,074 BTC — worth more than $40 million on the day of the attack — in just one transaction. The Singapore-based cryptocurrency exchange DragonEx announced on its official Telegram channel that it was hacked on March 24, 2020.

A cross-chain bridge, BSC Token Hub, was exploited by hackers, resulting in the creation of extra Binance Coins and the withdrawal of 2 million BNB tokens. A bug in a smart contract enabled the hack, highlighting the need for tighter blockchain security. These recent incidents are certainly not new, and there have been a number of notable incidents involving different methods to steal cryptocurrency over the past year. In December 2017, NiceHash, a Slovenia-based cryptocurrency-mining marketplace suffered a data breach where hackers stole the contents of its Bitcoin wallet. KuCoin, one of the most popular exchanges for trading altcoins was hacked on September 25, 2020.

Crypto exchanges keep getting hacked, and there’s little anyone can do

BITPoint said 2.5 billion yen belonged to customers, while 1 billion yen was owned by the exchange. Bloomberg reported that shares of BITPoint’s parent firm, Remixpoint Inc., shed 19% after the hack. The crypto community united after this theft and finally began to actively exchange information in order to prevent further movements of stolen funds. In particular, the instant exchange ShapeShift has banned the trades of NEM coins.

On March 29, 2022, over $624 million was taken from the Ronin Network. It was an exploit hack by the North Korean hacking group called Lazarus Group. Ronin is a gaming-focused blockchain network best known for the Axie Infinity crypto game published by Sky Mavis. The hackers attacked Sky Mavis’s and Axie DAO Ronin validator nodes—the system used to verify crypto transactions. Mango Markets is a popular trading platform based on the Solana blockchain. In October, a user drained the platform to the tune of over $100 million by temporarily driving up the value of their tokens and taking a loan using the inflated tokens as collateral.

Cream Finance, $130M & $37M & $18.8M

The relatively small Italian cryptocurrency platform Altsbit was hacked on February 5, 2020. Almost all funds lost were stored by the exchange in hot wallets, reportedly about $70,000 in Bitcoin and Ether. Only a small portion of the assets held by the exchange was stored in cold wallets at the time.

Another Japanese crypto exchange to be hit by hackers ran off with $32 million of funds from hot and cold wallets that included Bitcoin, Bitcoin Cash, Ether, Litecoin and XRP. Roughly $23 million dollars involved in the hack belonged to the exchange’s customers. Given funds were stolen from offline and online wallets, the security systems of the exchange were thoroughly compromised by the hackers. The CEO of cryptocurrency exchange BitMart, Sheldon Xia has confirmed on Twitter that a large-scale security breach has occurred on its Ethereum and a BSC hot wallet systems.

Following this incident, the company decided to rebrand the exchange under the name YouBit. However, the exchange suffered another cyber attack and coin exchange hacked lost 17% of its assets on December 19, 2020. The company did not specific which cryptocurrency assets were stolen in the attack or the total amount.

Coin exchange hacked

The hackers had been skimming money for years with stolen private keys. Former employees claim weak security software and mismanagement allowed the hack to slip by. Mt. Gox paused all withdrawals on its platform and a few weeks later, the site went offline and the company removed all posts from its Twitter account. Binance reported that the hacker used multiple methods to steal the funds, including phishing and viruses. Funds were stolen from Binance’s hot wallet, which stored about 2% of Bianance’s total bitcoin holdings. The structure of the attack was sophisticated and slipped by Binance’s security checks.

Crypto Rush

A hacker had reportedly exploited a vulnerability in the exchange’s coding that allowed access to the private keys for the funds. Trading was halted as the hackers successfully transferred stolen funds of 76 Bitcoins from the exchange worth $50,000 at the time. Upbit is another Korean crypto platform that was the victim of a cyber security breach in 2019. Several large transactions were identified moving from their hot wallet and notified their users of a security breach. The theft occurred when the exchange wasallegedly moving assets between hot and cold storage facilities.

“On May 14th 2020, BlockFi experienced a temporary data breach that exposed some BlockFi client data. We promptly discovered the root cause and stopped the unauthorized intrusion into our systems.” Ferguson said his carrier told him in May it had received a SIM card change request, which he hadn’t made. He discovered the Coinbase theft the next day when he restored service to his iPhone. “Please note you are solely responsible for the security of your e-mail, your passwords, your 2FA codes, and your devices,” the exchange said, according to the filing.

The Bitrue hack is the second major case of this kind since the start of the month. South Korean crypto exchange GDAC announced the loss of more than $13 million when hackers took control of some of its hot wallets on April 9. And in March, over $1.5 million in bitcoin were stolen from crypto ATM manufacturer General Bytes. Bitrue is a popular Singaporean crypto exchange that was hacked for over 4.5 million dollars worth of cryptocurrencies on 27 June, 2019.

A compromised API key of the Cloudflare content delivery network account allowed injecting of a malicious script to the web interface. Cryptocurrency exchange Bitrue announced Friday on Twitter it has identified a “brief exploit” in one of its hot wallets. The breach led to the theft of around $23 million in a number of cryptocurrencies, including ether and shiba inu . “Japanese cryptocurrency exchange Bitpoint was hacked last week when hackers stole 3.5 billion yen ($32 million) from the exchange’s hot wallet, of which 2.5 billion yen were customer funds.” The hack is the latest in a string of attacks targeting cryptocurrency exchanges, which are some of the most high-value targets in the steadily growing cryptocurrency ecosystem.

  • Managed to create a large number of fake BTC and then flooded the exchange with the artificial supply.
  • An exploit occurred on a bridge between blockchains and the issue is “contained now,” Changpeng “CZ” Zhao, the billionaire co-founder of Binance, the world’s biggest crypto exchange, said on Twitter on Friday.
  • There are various types of cryptocurrency wallets available, with different layers of security, including devices, software for different operating systems or browsers, and offline wallets.
  • The company made the decision to spread the losses over all customers on the exchange to reduce the burden on the affected users.

However, the exchange suffered a wide-scale data breach that affected 450,000 user’s in 2019. The customer’s email addresses and passwords were leaked in a massive global hack that involved 24 websites and some 747 million records. Vietnam-based crypto exchange VinDAX was launched in March 2019 that is focused on token sales for new blockchain projects. In the same year, the exchange was thevictim of a hack for at least $500,000 worth of cryptocurrencies. The UK-based crypto platform Cashaa stopped all crypto-related transactions on July 11, 2020 after a hacker was able to withdraw 336 Bitcoins, valued at $3.1 million in a 3-minute window. The cause of the attack was the hackers installing malware on a computer used to perform withdrawals.

Can cryptocurrency be hacked due to bug vulnerabilities?

It is stored using blockchain technology and is not regulated by any bank, government, or financial institution. “our exchange was hacked during the night and almost all funds from BTC, ETH, ARRR and VRSC were stolen.” “Japanese exchange Liquid has been hacked with about $80 million in digital assets moved off the platform. Deribit exchange got its hot wallet compromised before midnight UTC on Nov. 1, the firm reported on Twitter.” A total of around $1.4 billion has been lost to breaches on cross-chain bridges since the start of 2022, according to data from blockchain analytics firm Chainalysis. In total, hackers withdrew 2 million BNB tokens — about $570 million at current prices — from BNB Chain said in a blog post on Friday.

The reported amount of assets lost during the incident was9.4%of its total holdings stolen, which equated to around $16 million at the time. The Cryptopia breach is regarded as one of the biggest hacks in New Zealand’s history. Cryptocurrency exchanges have become mainstream to allow individuals to buy, sell, exchange, and store cryptocurrencies. However, history has proven that exchanges have become targeted by hackers, particularly as the popularity and price of digital assets have increased. This article will provide a list of crypto exchanges that have been hacked and what we can learn from these incidents. In 2014, a whopping $460 million was stolen from Mt. Gox, a Tokyo-based bitcoin exchange.

According to Binance CEO, Changpeng Zhao, commonly known as “CZ”, some user two-factor authentication codes and API tokens were compromised during the attack. According to the Binance Blog, the attackers used a variety of methods to exploit Binance’s security systems including phishing, viruses and other vectors. Customers that were affected by the hack were reimbursed in full with funds taken from the exchange’s insurance account.

Most security discrepancies in the cryptocurrency space can be attributed to individuals and websites not taking the correct precautionary measures. Stolen funds are usually the result of storing cryptocurrencies in places that are simply not secure. Erasing or overwriting a block of already spent Bitcoin, known as “double spending”, is rendered impossible by the decentralised, chronological and computing, power-intensive characteristics of the Bitcoin blockchain.

Non-fungible token sales saw a small uptick over the last week as $658.4 million in NFT sales were recorded, up 3.35% in seven days. Out of 15 blockchains, Polygon-based NFT sales saw the largest increase in volume, jumping 106.68% … The company has assured users that they’re still in a “financially sound position” and its reserves cover the loss without affecting the insurance fund. Binance Coin is the native token of BNB Chain and was launched through an initial coin offering in 2017.