Blockchain technology is widely considered extremely difficult to hack. But this can be tricky because while hacking a blockchain—the underlying technology of cryptocurrencies—is extremely difficult, hacking a cryptocurrency platform or exchange is a different ball game. Just like other companies or services, cryptocurrency exchanges and other crypto platforms can be compromised. As you will find in this article, hackers can exploit weak cybersecurity, plant malware and trojan horses on targeted apps and sites, access private keys through unauthorized means, or even exploit bugs on smart contracts. In all of these, it is worth noting that it is not the blockchain technology that was hacked but the platform providers.
In this article, we focus on the biggest crypto hacks in history. These hacks involve large-scale attacks on various cryptocurrency exchanges and platforms. Has these hacks contributed, amongst others, to the general mistrust in making investments in the crypto market? Without a doubt, sure. According to Chainanalysis, by November 2022, over $1.6 billion had already been stolen from users through hacks. This has been a persistent concern to crypto users globally. Today, more frequently, new crypto hacks make the news. As cryptocurrency adoption continues to grow, crypto hacks are becoming more common.
In descending order, let’s look at the five biggest crypto hacks that shook the crypto industry, exposing some of the vulnerabilities of crypto exchanges and blockchain networks.
5. The Mt. Gox Hack
It is impossible to begin this list without mentioning Mt. Gox, an acronym for “Magic: The Gathering Online Exchange”. The biggest cryptocurrency exchange within 2010 to 2014, Mt. Gox takes us down memory lane to the early beginnings of the crypto world. A Tokyo-based crypto exchange, Mt. Gox accounted for over 70% of bitcoin transactions. In that year, the first major crypto-exchange hack took place. A total of 25,000 bitcoins, worth approximately $400,000 at the time, were lost by Mt. Gox. Again in February 2014, Mt. Gox lost another 750,000 bitcoins worth around $473 million at the time. Some sources report 650,000 to 850,000 range of bitcoin lost.
At first, there was no clear explanation of how the hacks happened. But upon further investigation, it was revealed that the coins were stolen from the crypto exchange’s hot wallet. Hot wallets, being live, online cryptocurrency wallets, are not as secure as cold wallets. This cost Mt. Gox not only hundreds of thousands of bitcoin in customer and own funds but also its existence. Mt. Gox declared bankruptcy in 2014.
4. The Coincheck Hack
Coincheck was one of Japan’s largest crypto exchanges. Also Tokyo-based like Mt. Gox, Coincheck once held the unfortunate honor of being the biggest digital currency theft victim in history. In 2018, Coincheck announced that 523m NEMs had been stolen from the crypto exchange after a hack. At the time it was detected, this was estimated at 58 billion yen or $534 million.. Consequently, the value of NEM dropped by 20% as soon as word got out.
Similar to Mt. Gox hack, the NEM coins stolen from Coincheck crypto exchange were kept in a hot wallet, connecting a part of the crypto exchange to the internet. Although CoinCheck survived the historic hack and continued to operate, Coincheck was months later bought by a Japanese financial services company, Monex Group.
3. The Binance Hack
Binance, the largest cryptocurrency exchange in the world, was hacked in October 2022 to the tune of $570 million. According to Binance’s BNB Chain announcement, hackers stole 2 million BNB tokens from the network on October 6. The hackers successfully got their hands on as much as $110 million worth of coins and transferred them out of BSC while a further $429 million remained in the BNB wallet.
The hackers exploited a cross-chain bridge, the BSC Token Hub, resulting in the creation of extra Binance Coins (BNB) out of thin air and the withdrawal of 2 million BNB tokens. The BSC Token Hub bridges the BNB Beacon Chain (BEP2) and the BNB Chain (BEP20 or BSC). BNB is the native token of the crypto exchange. After the breach or hack, the network was temporarily suspended by validators until it was confirmed safe to use by Binance co-founder and CEO Changpeng Zhao. Binance released a software update that froze the hackers’ accounts, and announced it would introduce new on-chain governance.
Read also: What is BNB?
2. The FTX Hack
FTX, before it collapsed in November 2022 and shortly after declared bankruptcy, was one of the largest crypto exchanges in the crypto industry. In the middle of one of the most shocking implosions in financial history over apparent misuse of billions of dollars in user funds, FTX crypto exchange was hacked on 11 November 2022. Hackers stole more than $600 million from its crypto wallets.
FTX crypto exchange confirmed the hack occurred on its Telegram channel. According to a message pinned by FTX’s General Counsel Ryne Miller, FTX app and site were each attacked with malware and trojans. Suspicions—or better put conjectures—circulating online is that the hack was an insider job.
Read also: FTX: Does FTT have a future?
1. The Ronin Network Hack
The current holder of the title of “largest cryptocurrency hack” is the Ronin Network. Ronin is an Ethereum sidechain built for play-to-earn nonfungible token (NFT) game, Axie Infinity. In March 2022, hackers breached the network and stole around $625 million worth of USDC (25.5 million) stablecoin and Ether (over 173,600).
According to Ronin, the hacker accessed the private keys to validator nodes whereby five out of nine validator nodes got compromised. (Five nodes is the threshold required to approve a transaction in the network). With access to four validator nodes, the hacker got in. After the hack, hacker shorts Ronin & AXS (Axie token) believing that as news about the hack broke out tokens will plummet. But when no one noticed, the hacker got liquidated on short. officials speculated that a North Korean state-backed hacking collective, the Lazarus Group, was responsible for the hack.
Notably, of the five biggest crypto hacks above, three involve crypto exchanges—specifically centralized crypto exchanges. This is not very surprising. Centralized crypto exchanges are generally known to be more prone to hacks involving cybersecurity issues and even social engineering techniques. For decentralized crypto exchanges, as long as smart-contract codes are efficiently and securely written, they are less prone to cyber threats. This is not to say decentralized crypto exchanges don’t also come with their own risks, including risk of hacking. Decentralized crypto exchanges require users to take full responsibility for the safety and security of their crypto assets, while bugs in smart contracts are a major security threat. Also, cross-chain bridges—software that enables the transfer of assets between blockchain networks—are becoming increasingly vulnerable to hacks.
Read also: What are the top 5 centralized crypto exchanges you should know?
Read also: Top 5 Decentralized Crypto Exchanges You Should Know
To avoid or minimize crypto hacks, it is important for crypto users to be vigilant in and out of crypto platforms. Crypto exchanges and networks can be compromised by hackers at any time. This is why education about cryptocurrency and blockchain technology is essential.
Credit: Joshua Armstrong writes on cryptocurrency and blockchain technology.