Cryptocurrency heists have become a thing of the past. In the old days, hacking into a cryptocurrency exchange and transferring coins would be no easy task. However, over the years, various security measures have been implemented to ensure that cryptocurrencies cannot be hacked as easily as they did before. This post takes a look at the biggest cryptocurrency heists ever committed in history.
Mt. Gox: Mt. Gox is a bitcoin exchange based in Shibuya, Tokyo. It was founded in July 2010 by Jed McCaleb and Mark Karpeles as the first bitcoin exchange service to have trading volume over 100,000 BTC per day. It was hacked in 2014, losing around 850,000 bitcoins in customer funds. In April 2013 it emerged that hackers had broken into Mt. Gox’s systems and stolen an estimated $250 million worth of the virtual currency. In June 2013, the company filed for bankruptcy, but continued to operate as usual until it suspended trading on 19 February 2014. The company blamed technical problems for its failure to regain control of its assets. On 6 February 2014 MtGox announced that it was closing down all operations due to a DDoS attack that crippled its site and stole millions of dollars in bitcoin from its customers’ accounts.
Bithumb: Bithumb was one of the biggest cryptocurrency exchanges in the world, with a daily trading volume in excess of $1 billion. On February 20th, 2019, it was hacked and lost an estimated $40 million worth of cryptocurrencies. The theft is said to be the largest crypto hack ever recorded. The hack occurred when hackers exploited a weakness on Bithub’s online wallet service and drained its reserves, which included bitcoin and other altcoins. The hackers were able to steal about $32 million worth of digital currencies from the exchange’s hot wallet and another $20 million from cold storage. The company said that it will reimburse affected users by sending their tokens back to them at a rate of 1 BTC per token (or $1,600). However, this won’t happen immediately because recovery efforts are still ongoing.
Bitfinex: The Bitfinex Heist was a cyberattack on the Hong Kong-based cryptocurrency exchange Bitfinex, which led to the loss of nearly 120,000 BTC, at that time worth approximately US$72 million. The theft occurred on August 2, 2016, when hackers broke into the exchange’s system and stole 119,756 BTC from three separate addresses. The theft was revealed in an official statement by Bitfinex CEO Jan Ludovicus van der Velde on August 4th 2018. In mid-August 2016, Bitfinex announced that a security breach had occurred and that some users’ Bitcoin wallets had been compromised. It stated: “The breach has been contained and we are working now to fix any issues that may arise.” In October 2016, Bitfinex suspended trading after its website was hacked. It was later revealed that an employee had stolen US$2 million from customer accounts before resignation.
Coincheck: In January 2018, Coincheck was hacked for $500 million worth of digital coins. This is the largest cryptocurrency theft in history. Coincheck is an exchange that allows users to trade Bitcoin and other cryptocurrencies. The company’s website has been down since the hack took place and the company has not made any official statements about how they will handle the situation (or how much their customers will be compensated). The hack occurred on January 26th at around 11:00 AM JST (Japan Standard Time). According to NEM Foundation president Lon Wong, several thousand million XEM coins were transferred to an address outside of Japan. The exact amount has not been revealed by authorities but it is believed that it was somewhere between $500 million and $600 million USD worth of XEM tokens.
Youbit: The bitcoin exchange Youbit has been hacked several time, after a second attack in just a month. The company announced on its website that it had suspended bitcoin transactions as it investigates the hack. We are now investigating the incident and will take appropriate measures according to law and regulation,” said an official statement on Wednesday. The company said it would resume trading later in the day. It warned users to take care with their private keys, which act as passwords for their cryptocurrency accounts and allow them to move funds between wallets. The South Korean exchange said earlier this month that it lost 17% of its assets to a hacking attack during which hackers gained access to customer information such as names, e-mail addresses, phone numbers and even addresses.
NiceHash: The NiceHash marketplace was hacked and the site is getting a lot of negative attention. Many users are reporting that their wallets have been emptied, and coins have been transferred to others’ accounts. NiceHash is a website that allows users to sell their computing power in order to mine cryptocurrencies like Bitcoin. The company says that its services are protected by 256-bit SSL encryption, which makes it very difficult for hackers to access the system. There’s no word yet on what exactly happened at NiceHash, but it appears that something went wrong with its security protocols.
Conclusion: Cryptocurrency can be stolen from exchanges whether they take security seriously or not.