Hacker attacks on cryptocurrency exchanges have taken the industry by storm. Thefts can range from a few million to hundreds of millions of dollars, hurting not only businesses but also their customers and investors.
Exchange executives should focus on flaws in their systems that could facilitate the theft of cryptocurrencies. The impact of security breaches like the attack on the now-defunct Mt. Gox continue to be felt by the crypto industry. Earlier this week, Japan’s Zaif exchange confirmed a hack in which $246 million of its assets were stolen, causing serious problems for its customers.
Below is a list of the 10 biggest hacks of all time on crypto exchanges based on the amount lost.
In January 2018, Japan-based crypto exchange Coincheck suffered the largest crypto loss in history. At a news conference, the company’s chief of operations confirmed the theft of 500 million NEM tokens, which at the time was worth roughly $530 million. Rumors initially surfaced when Coincheck’s platform abruptly halted operations. The company was not registered with Japan’s financial regulator, the FSA.
2. Mt. Gox
The loss from Mt. Gox was not as big as Coincheck’s, but it was certainly much more shocking and devastating. In 2014, the young cryptocurrency market had relatively few major exchanges. The largest of these was Mt. Gox, which was responsible for 70% of bitcoin’s global transactions in 2013. In this hack, 850,000 BTC were stolen, which at the time was worth approximately $460 million. The theft is shrouded in suspicion of fraud by Mt. Gox itself. At various times, large volumes of the stolen assets were transferred to other exchanges, causing major volatility in bitcoin’s price.
As previously mentioned, Zaif suffered a $60 million crypto hack across bitcoin, Bitcoin Cash and MonaCoin. According to reports, there was a “delay” between when the hack occurred and when it was reported, which Japan’s financial regulator is inquiring about. Withdrawals and deposits are currently suspended. Zaif owner Tech Bureau is working with Fisco to compensate users for their loss.
In February 2018, BitGrail exchange suffered a hack in which 17 million NANO tokens were stolen, which was equivalent to $ 170 million. In response, the coin’s value plummeted 20% in a matter of minutes. Bitgrail’s owner suggested modifying the ledger to recover losses, which Nano said they would never do.
Bitfinex suffered the second-largest bitcoin hack ever. In August 2016, 120,000 BTC were stolen, which was worth $72 million. Hackers exploited a vulnerability with Bitfinex’s multi-signature portfolios used to store their clients’ funds. This type of portfolio has keys divided among several owners in an attempt to mitigate risk. Criminals created a wallet with Bitfinex partner BitGo for the heist.
In June 2018, Bithumb, the world’s sixth-largest cryptocurrency exchange, lost more than $30 million. The company stated that all affected customers would be covered by reserve funds. The robbery had an impact on the market, causing the bitcoin price to fall $200 in value shortly after the attack was made public. In 2017, the company suffered another hack in which the personal data of 30,000 customers was compromised.
7. Double spend
In May 2018, a hacker attacked several cryptocurrency exchanges simultaneously, causing losses estimated at $18.6 million. The miner acquired 51% or more of the network’s hashing power, which temporarily placed control of the network in their hands. The tactic, which is known as “double spending,” points to 388,200 BTG that has moved to a Bitcoin Gold wallet.
Bitstamp officials were targeted by a malicious phishing scheme, resulting in fake emails designed to obtain secret data about the company. In January 2015, the exchange suffered a loss of 19,000 bitcoins, worth $5.1 million at the time. Bitstamp’s cryptocurrency reserves were held in cold storage, disconnected from the internet.
In April 2018, India-based Coinsecure was hacked by one of its own employees. The employee had access to a private key belonging to a director, transferring 438,318 BTC to a private portfolio. The robbery caused a $3 million loss. The company has assured users that the security of the exchange has not been compromised.
EtherDelta had its DNS server hijacked by a hacker in December 2017, losing about 308 ether worth approximately $250,000 at the time. EtherDelta is a decentralized exchange, meaning that its employees have no control over the company’s funds. The criminal, who reportedly created a phony EtherDelta website, was linked to an Ethereum address comprised of $4.3 million in ETH.