The entire history of crypto exchange hacks

November 19, 2018
When it comes to exchange hacks, the unique features of cryptocurrencies that make them ideal for digital transactions are actually disadvantageous for those who have been robbed.

Cryptos are divisible, fungible and transactions are irreversible. Those features make digital value transfers possible because it guarantees a coin can’t be spent twice. But it also means that if your cryptos are stolen, they are really gone.

The most recent sizeable heist was in June 2018 when Coinrail announced hackers had stolen $40 million in multiple cryptocurrencies. In fact, looking at the history of all kinds of crypto thefts, it becomes clear that the main targets for hackers are centralised exchanges. The reason why is quite simple.

All of the funds associated with traders’ accounts are held by the exchange itself, in wallets they control. Not only does this mean users on a centralised exchange have no control over their own wallets, it also creates very attractive targets for hackers. It’s a honeypot waiting to be exploited.

With a purpose of learning from the past, let’s take brief but complete look at the entire history of exchange hacks.

2014: The infamous Mt. Gox Incident

The Japan-based exchange used to be the world’s biggest bitcoin exchange with over 70% of worldwide trading volume. Hints of lacking security emerged in 2011 when a hacker took control of a computer belonging to an auditor of Mt. Gox and made away with an estimated $8.5 million worth in bitcoins. The exchange did manage to recover from the disaster, but sadly it was only a taste of things to come.

In 2014, after increasing delays in service, the exchange suddenly stopped all bitcoin withdrawals to look into the technical difficulties it was experiencing. In the process, the investigative team found out it had been subjected to transaction malleability attacks. The team said a bug in the bitcoin code allowed transaction details to be altered so that it could appear a transaction had not been sent, which allows the transaction to reoccur.

Shortly after the discovery, the Mt. Gox website went offline and the company filed for bankruptcy. An independent audit conducted afterwards determined bitcoins had been stolen over a period of time, beginning shortly after Mark Karpeles became CEO. In total, some 850,000 bitcoins were stolen estimated to be worth $473 million at the time. In today’s prices (1 BTC/6429 USD), that would amount to $5.5 trillion.

The price of bitcoin dropped nearly 36% at the time, and the Mt. Gox Incident is still one of the most infamous exchange hacks today. But it certainly wasn’t the last one.

The price of bitcoin dropped nearly 36% at the time, and the Mt. Gox Incident is still one of the most infamous exchange hacks today. But it certainly wasn’t the last one.


2016: Bitfinex believed to involved in Tether scam

In 2016, Bitfinex reported a loss of more than $60 million worth of bitcoin. Their own initial investigation failed to explain the cause of the hack. Later that same year, the FBI started their own investigation after a Bitfinex user claimed that over a million dollars in bitcoin had gone missing from the exchange account. Still, no real answers were ever found to reveal how the funds had been stolen.

If that wasn’t enough, Bitfinex has since received even more scrutiny as accusations have been made that the exchange was involved in artificially pumping the price of bitcoin to incredible heights in late 2017. Subsequent investigations were conducted to verify if there was any truth to the rumours that claimed the price inflation was related to sustaining the exchange rate of USDT — a Tether stable coin that many now believe has no reliable means of pegging the value of the token to USD, and some have even called it an outright scam.

2018: Coincheck heist becomes biggest exchange hack ever

Mt. Gox’s title as biggest exchange hack ever was only recently overtaken by Coincheck, also a Japan-based exchange. On January 26, 2018, the exchange suspended all deposits in NEM on their exchange. With tensions rising during the day, NEM Foundation president Lon Wong later confirmed the exchange was hacked at around 3AM local time. Via several unauthorised transactions, hackers had stolen 523 million NEM coins which were worth around $534 million at the time. It was and still is the single biggest exchange heist ever.

Looking at the aftermath, the hack did not have the same effect on the wider crypto community and crypto prices as the Mt. Gox hack had. Perhaps this is a sign of a more maturing and secure crypto industry where the mistakes of centralised exchanges don’t spook a global community of crypto traders that know how to keep their funds safe.

The complete list of exchange hacks

Those were just 3 examples of the many exchange hacks that happened over time. Here’s a complete list of the centralised exchange hacks that have occurred in the past few years:

2012

  • Bitcoinica $600K (50,000 BTC)
  • Bitfloor $250K (24,000)

2013

  • Vicurex $160K (1500 BTC; 225,000 TRC; 23,000 LTC)
  • Picostocks $3 million (6000 BTC)

2014

  • Mt. Gox: $480 million (850,000 BTC)
  • Cryptsy: $9.5 million (13,000 BTC; 300,000 LTC)
  • KipCoin: $690K (3000 BTC)
  • BitPay: $1.8 million (5000 BTC)

2015

  • Bitstamp: $5 million (19,000 BTC)
  • Bter: $1.75 million (7,000 BTC)

2016

  • Bitfinex: $60 million (120,000 BTC)
  • Shapeshift: $230K (315 BTC)
  • Gatecoin: $2.14 million (185,000 ETH; 250 BTC)
  • Bitcurex: $1.5 million (2300 BTC)

2017

  • Bithumb: $1 million (Coins undisclosed)
  • YouBit: $5.3 million (4300 BTC)

2018

  • Coincheck: $535 million (523,000,000 NEM)
  • BitGrail: $195 million (17,000,000 NANO)
  • CoinSecure: $3.3 million (438 BTC)
  • Coinrail: $40 million (in various tokens)
  • Bithumb: $31 million (Coins undisclosed)

Wondering how much money has been stolen from centralised exchanges in the past 4 years? $1.37 billion in total, or $1,377,220,000 to be exact.

. . .

Want to trade securely? Trade decentralised with Sparkdex.

Website — Newsletter — Twitter — Telegram — Reddit

By joining or subscribing to the links above you will only get Sparkdex specific content.

No items found.