The Largest Cryptocurrency Thefts

At the end of January 2018, one of the largest cryptocurrency exchanges in Japan, Coincheck, was robbed by hackers. They stole XEM cryptocurrency worth 58 billion yen, which is equivalent to $533 million. This theft has an impressive scale, but such incidents began to occur more often. Since the cryptocurrency began spreading, hackers have stolen a total of $1.2 billion worth of bitcoins and ethers. This amount corresponds to their price at the time currency was stolen.

Let us dig into the history and look over major cryptocurrency thefts.

June 2011

The hack of Mt. Gox exchange can be considered the largest theft of bitcoins in history. It involved a group of professional hackers who exploited complex vulnerabilities and gained access to the computer of one of the auditors, and then to the exchange’s servers. Then they lowered the price of BTC to 1 cent per coin and withdrew about 2000 bitcoins. Later, the hackers made it possible to buy BTC at any price. As a result, by 2014, the exchange had lost about 850,000 bitcoins (~$480 million) and was forced to declare bankruptcy.

September 2012

BitFloor, a New York-based exchange, lost 24,000 bitcoins (~$250,000) because of hackers. A bit later, in April 2013, the exchange declared that it stops its work and compensated stolen funds to clients.

January 2015

19,000 BTC (~$5 million) were stolen from Bitstamp exchange. However, thanks to its reserves, the company compensated its customers for their losses.

March 2015

In the USA, two federal agents who participated in the shadow market Silk Road investigation were accused in fraud and misappropriation of arrested funds. One of them, a Secret Service special agent, embezzled ~$800,000 worth of seized bitcoins without permission. The second defendant, a DEA agent, received large amounts of cryptocurrency from Ross Ulbricht, the owner of Silk Road, for disclosing investigative information.

May 2016

Criminals hacked the servers of the Hong Kong exchange Gatecoin and withdrew 250 bitcoins and 185,000 ethers from its online wallets (worth ~$2 million). However, client’s cryptocurrencies were stored in separate cold wallets, so they remained untouched.

June 2016

The first decentralized autonomous organization and first massive Ethereum-based ICO, TheDAO, was attacked using the recursive call vulnerability. Hackers stole 3.5 million ETH (~$45 million).

August 2016

As a result of the hacking, the Hong Kong exchange Bitfinex lost 119,000 bitcoins (~$60 million). In April 2017, exchange clients received compensation for the stolen funds.

April 2017

Hackers stole information from the personal computer of an employee of the South Korean exchange Bithumb; this resulted in a leak of auction information and personal data of 31,000 users. For that error, the Korean Communications Commission issued to the exchange a fine in the amount of 60 million won (~$55,000). At the same time, another exchange from South Korea Youbit lost 4,000 bitcoins as a result of an attack. South Korea media attribute this attack to North Korean intelligence agencies.

July 2017

Hacker gang White Hat Group stole 153,000 ether (~$31 million) from Parity Wallet due to a vulnerability in its software. A week before that, other hackers stole ~$7 million worth of ether from Israeli startup CoinDash during an ICO. They managed to change the wallet address to receive investments.

November 2017

An ordinary user accidentally activated a vulnerability in Parity Wallet. As a result, ~$160 million worth of ether was lost, i.e. the coins were frozen due to a software bug. Around the same time, Tether announced the theft of ~$31 million worth of USDT tokens from the Tether Treasury wallet.

December 2017

The payment system of the NiceHash mining marketplace was hacked. Hackers stole 4700 bitcoins (~$63 million) and transferred them to an address, which is now monitored by all NiceHash users. This way the community wants to help solve the crime. In the same month, the South Korean exchange Youbit was cyberattacked again and lost 17% of its assets. This time they declared bankruptcy and decided to close down, again blaming neighbouring North Korea for their troubles.

The crypto community is sturdy in the assumption that North Korea has started a bitcoin hunt at the state level and desires to control a significant amount of this cryptocurrency. For example, the US NSA blames them for spreading the WannaCry ransomware virus, that encrypted victims’ data and demanded a ransom in BTC. Bobby Lee, the CEO of the Chinese exchange BTCC, also believes that North Korea is active in the cryptocurrency sector. At the same time, he admires such a policy, calling it reasonable.