The biggest crypto heists of all time

Published at: Jan. 28, 2022

How to avoid cryptocurrency scams?

One of the best ways to protect your crypto investment is to secure a wallet and do your own research about the projects in the market.

Don't believe everything you're told. Instead, examine any claims made about investment, especially if they appear too good to be true or promise huge returns in a short period. Also, do not trust anyone who contacts you personally, whether a government official, a public personality, or a stranger, and asks for Bitcoin payments or offers you an "investment opportunity."

Whenever possible, enable two-factor authentication on your cryptocurrency wallet and exchange. Moreover, never give anyone your crypto wallet's private key or seed phrase, and keep that information offline in a cold wallet.

Check the URLs of websites two or three times. For example, when trying a phishing scam, scammers will replicate the URL of a valid site and replace letters and numbers, such as an "l" for "1" or a "0" for the letter "O."  Furthermore, any offer that requires an upfront cost should be rejected, regardless of the amount, especially if the price must be paid in cryptocurrencies.

What are the biggest cryptocurrency heists in history?

The biggest crypto heists to date are MT Gox, Bitgrail, Coincheck, KuCoin, PancakeBunny, Poly Network, Cream Finance, BadgerDAO, Vulcan Forged and Bitmart.

MT Gox

MT Gox was the first large-scale exchange hack, and it remains the most significant Bitcoin (BTC) heist from an exchange. The MT Gox robbery, on the other hand, was not a one-off occurrence. Rather, the site leaked cash from 2011 to February 2014.

Hackers stole 100,000 BTC from the exchange and 750,000 BTC from its consumers over a few years. These Bitcoin burglaries were valued at $470 million at the time, but they're now worth approximately ten times this amount. Shortly after the theft, MT Gox went into liquidation, with liquidators recovering roughly 200,000 of the stolen BTC.

Bitgrail

Bitgrail was a small Italian exchange that traded in obscure cryptos like Nano (XNO). The exchange was hacked in February 2018, just as the price of XNO soared from a few cents to $33. At least 17 million coins (the equivalent of about $150 million) were taken from Nano wallets.

Many users began to express their dissatisfaction with the exchange before the attack (significantly lower withdrawal limits and transaction problems). According to the investigations, the coins were stolen from cold—not hot— wallets. Investigations persisted throughout the preceding three years, with Italian authorities now charging Bitgrail's owner of being behind the attacks.

Coincheck

Coincheck, based in Japan, had $530 million worth of NEM (XEM) tokens stolen in January 2018. Hackers took advantage of the fact that the currency was kept in a "hot" wallet, which meant it was connected to the server and thus "online" (a cold wallet sees funds stored offline).

The stolen coins were identified and marked as such by NEM developers, although there was conjecture that the monies were available on dark markets.

However, given how much the coins lost in value following the attack, it's unlikely that many people would have thought this was a good deal (the coins are now worth 83% less than they were—roughly $90 million).

KuCoin

KuCoin announced in September 2020 that hackers had obtained private keys to their hot wallets before withdrawing substantial quantities of Ethereum (ETH), BTC, Litecoin (LTC), Ripple (XRP), Stellar Lumens (XLM), Tron (TRX) and Tether (USDT). Since then, experts have claimed that they have reasonable cause to assume that crypto heist hackers are North Korean.

PancakeBunny

This flash loan attack, in which hackers were able to siphon $200 million from the platform, occurred in May 2021 and is among the more severe cases of cryptocurrency theft. The hacker loaned a big sum of Binance Coin (BNB) before manipulating its price and selling it on PancakeBunny's BUNNY/BNB market to carry out the attack.

This allowed the hacker to obtain a large number of BUNNY via a flash loan, dump all of the BUNNY on the market to lower the price, and then repay the BNB using PancakeSwap.

Poly Network

In August 2021, a hacker exploited a vulnerability in Poly Network's infrastructure and stole funds totaling more than $600 million. They didn't get away with their reward, though, in an odd twist. Instead, the hacker approached the platform and agreed to return the majority of the funds, except $33 million in Tether (USDT) that had been frozen by the issuers.

But the saga didn't end there: $200 million of the stolen assets were locked away in an account that required the hacker's password, according to Poly Network. The hacker initially refused to hand over the hacked crypto.

That is, until Poly Network pleaded with them to release it, gave them a $500,000 reward for discovering the system flaw, and even offered them a job! Poly Network later revealed that the private key had been handed to them by "Mr. White Hat."

Cream Finance

Not only did hackers steal $130 million in the October 2021 incident related to robbing a cryptocurrency, but it was also Cream Finance's third attack of the year. Hackers took $37 million in February 2021 and $19 million in August 2021.

In the most recent attack, hackers used what was deemed a flaw in the DeFi platform's flash lending system. On the Ethereum network, they were able to take all of Cream Finance's tokens and assets, totaling $130 million.

BadgerDAO

A hacker succeeded in stealing assets from multiple cryptocurrency wallets on the DeFi network, BadgerDAO, in December 2021. The problem is thought to have started on November 10 when a malicious script was injected into the website's user interface.

Users' transactions may have been intercepted while the script was active. The attacker took 896 BTC valued at roughly $50 million at that time.

Vulcan Forged

In December 2021, hackers stole $135 million from Vulcan Forged, a blockchain gaming startup. They stole private keys to 96 separate wallets before draining 4.5 million PYR tokens from them.

Bitmart

In December 2021, a hack of Bitmart's hot wallet resulted in the theft of about $200 million. At first, it was thought that $100 million had been stolen via the Ethereum blockchain, but additional research found that another $96 million had been stolen via the Binance Smart Chain blockchain.

Over 20 tokens were taken, including altcoins such as BSC-USD, Binance Coin (BNB), BNBBPay (BPay), and Safemoon, as well as substantial quantities of Moonshot (MOONSHOT), Floki Inu (FLOKI) and BabyDoge (BabyDoge).

Why is cryptocurrency theft increasing?

Crypto fraudsters, especially scammers, prey on naive buyers in the physical world by reading the fine print in contracts.

Understandably, crypto heists pique the public's interest. The first consideration is the massive amount of money to be stolen—legacy financial organizations are rarely robbed of such large sums of money. Second, because cryptocurrencies have only lately piqued the public's interest, any hack is bound to generate headlines.

On top of that, hackers have discovered that stealing cryptocurrency is more straightforward than stealing cash or electronic money in the banking system. As a result, it is becoming more widespread. Moreover, as cryptocurrency is commonly stored in huge sums and can be transferred instantly and anonymously from anywhere using only a private key or passcode, crypto hackers target it.

Let's take a look at the biggest crypto thefts of all time in this article. Also, the article will outline why crypto exchanges keep getting hacked; why are crypto heists getting larger and what we can do to protect ourselves from crypto heists.

Tags
Business
Cryptocurrencies
Hackers
Scams
Fraud
Kucoin
Coincheck
Related Posts
Better Business Bureau: Crypto Scams Are The Second Riskiest in North America
A report published by the Better Business Bureau (BBB) says that cryptocurrency-related scams are continually growing, becoming the second most risky of 2019 among North Americans. According to research from trust-gauging organization published on March 2nd, scams averaged about $3,000 in losses for businesses and charities within Canada and the United States. The usual tactic, the study claims, is that of false promises of a "significant" return on investment in cryptocurrencies. With such figures on the table, it represents a notable uptick since their 2018 report’s numbers, which put average losses at $900. Trading in crypto exchanges with security breaches …
Blockchain / March 10, 2020
‘Nobody is holding them back’ — North Korean cyber-attack threat rises
North Korea-backed cyberattacks on cryptocurrency and tech firms will only become more sophisticated over time as the country battles prolonged economic sanctions and resource shortages. Former CIA analyst Soo Kim told CNN on Sunday that the process of generating overseas crypto income for the regime has now become a “way of life” for the North Koreans: “In light of the challenges that the regime is facing — food shortages, fewer countries willing to engage with North Korea [...] this is just going to be something that they will continue to use because nobody is holding them back, essentially.” She also …
Blockchain / July 12, 2022
Mastercard launches new crypto fraud protection tool
The financial service provider Mastercard will launch a new crypto service related to risk management on Tuesday Oct. 3. Mastercard’s new service, Crypto Secure, is aimed to help banks find and prevent fraud on crypto merchant platforms. Crypto Secure combines the usage of artificial intelligence, blockchain data and public records of crypto transactions, along with other sources, to determine crime-related risks of crypto exchanges within the Mastercard network. Mastercard already has a similar service with fiat currency transactions available to banks. The president of cyber and intelligence business for Mastercard, Ajay Bhalla, said this development helps its partners stay compliant …
Adoption / Oct. 4, 2022
FTX hacker reportedly transfers a portion of stolen funds to OKX after using Bitcoin mixer
Hackers who drained FTX and FTX USA of over $450 million worth of assets just moments after the doomed crypto exchange filed for bankruptcy on Nov. 11, continue to move assets around in an attempt to launder the money. A crypto analyst who goes by ZachXBT on Twitter alleged that the FTX hackers have transferred a portion of the stolen funds to the OKX exchange, after using the Bitcoin mixer ChipMixer. The analyst reported that at least 225 BTC — worth $4.1 million USD — has been sent to OKX so far. 1/ Myself and @bax1337 spent this past weekend …
Blockchain / Nov. 29, 2022
'Haunts me to this day' — Crypto project hacked for $4M in a hotel lobby
The co-founder of Web3 metaverse game engine “Webaverse” has revealed they were victims of a $4 million crypto h after meeting with scammers posing as investors in a hotel lobby in Rome. The bizarre aspect of the story, according to co-founder Ahad Shams, is that the crypto was stolen from a newly set up Trust Wallet and that the hack took place during the meeting at some point. He claims the thieves could not have possibly seen the private key, nor was he connected to a public WiFi network at the time. The thieves were somehow able to gain access …
Nft / Feb. 7, 2023