10 Biggest Crypto Heists of All Time – How Much Money Was Stolen?

Why Trust Techopedia Crypto
KEY TAKEAWAYS

The history of cryptocurrencies is marked by significant heists. These high-profile incidents underscore the need for continuous innovation, collaboration, and user education to create a safer and more resilient crypto ecosystem. As the industry advances, a collective commitment to enhancing security protocols will be instrumental in realizing the full potential of cryptocurrencies and blockchain technology.

Almost all cryptocurrencies are secured by cryptography, which keeps information secret and safe by transforming it into a form that unintended recipients cannot understand. This makes these digital assets extremely secure and almost impossible to counterfeit or double-spend.

However, some external factors can still pose security risks to cryptocurrencies. Phishing attacksmalware, or vulnerabilities in crypto wallets or exchanges are some more notable pain points that can prove costly for users.

Over the years, many bad actors were able to exploit such vulnerabilities, leading to millions of dollars worth of losses to investors.

In this article, we’ll be taking a look at 10 of the biggest crypto heists of all time.

10 Largest Crypto Hacks Ever Recorded

10. PancakeBunny: $200 Million

In May 2021, the popular Binance Smart Chain-based decentralized finance (DeFi) protocol PancakeBunny suffered a major exploit that allowed a hacker to make off with more than $200 million worth of crypto assets.

At the time, the team disclosed that the protocol was subject to a flash loan attack from an external actor. The attacker borrowed “a huge amount” of binance coin (BNB) before manipulating the asset’s price and dumping it on the platform’s BUNNY/BNB market.

Advertisements

9. Gate.io: $230 Million

The Gate.io hack, which took place in August 2018, reportedly involved North Korean hackers and resulted in the loss of around $230 million in digital assets. 

Gate.io was hacked for a total of $234,337,668.88, including:

  • $10,777.94 bitcoin (BTC)
  • $218,790 ether (ETH)
  • $Z3,783 zcash (ZEC)
  • $99,999,000 dogecoin (DOGE)
  • $3,043,268 XRP
  • $11,000 litecoin (LTC)
  • $175,866 ethereum classic (ETC)

It is worth noting that the exchange managed to cover up the hack until last year. On-chain sleuth ZachXBT eventually uncovered the hack in a series of tweets in November last year. 

8. KuCoin: $280 Million

Major crypto exchange KuCoin suffered from a security breach in September 2020. The hack resulted in the theft of $280 million worth of funds from KuCoin’s hot wallets, which are digital wallets connected to the Internet and used for immediate transactions.

During the attack, the hackers exploited vulnerabilities in KuCoin’s security infrastructure and managed to gain unauthorized access to the exchange’s systems. They then proceeded to transfer a wide range of cryptocurrencies, including BTC, ETH, and others, to their own wallets.

7. Wormhole: $325 Million

In early 2022, the DeFi platform Wormhole became the victim of a major crypto theft after an attacker exploited a security flaw to make off with close to $325 million. Wormhole is one of the most popular bridges that link the Ethereum and Solana blockchains. 

To carry out the attack, the attacker managed to forge a valid signature for a transaction that allowed them to freely mint 120,000 wrapped ETH (wETH) on the Solana blockchain, 93,750 ETH of which were then transferred to the Ethereum blockchain. 

Meanwhile, on 3 February 2022, Wormhole revealed that “all funds have been restored” and that its services have come back online. Certus One, the developers of Wormhole, offered the hackers a $10 million “bug bounty” for details of their “exploit” and return of the stolen cryptocurrency.

6. FTX: $415 Million

In January this year, now-bankrupt crypto exchange FTX announced that $415 million worth of crypto was hacked from its accounts since it filed for bankruptcy on 11 November 2022. 

This included “unauthorized third-party transfers” of $323 million out of FTX.com (the international business) and $90 million out of FTX US, the company explained in a report to creditors. Another $2 million of hedge fund Alameda Research’s crypto also was stolen, the report said.

The missing crypto could be connected to a hack of FTX’s systems that was uncovered shortly after the company collapsed. At the time, the stolen crypto was valued at $477 million.

5. Mt. Gox: $450 Million

Mt. Gox is probably the best-known cryptocurrency robbery in history, with over 850k bitcoins stolen between 2011 and 2014. Mt. Gox, which once was one of the largest bitcoin exchanges, operated out of Tokyo, Japan, and handled around 70% of all BTC transactions globally.

In February 2014, Mt. Gox suddenly halted all BTC withdrawals, citing technical issues with their platform. It was soon revealed that the exchange had been hacked, and approximately 850,000 BTC, worth around $450 million at the time, had been stolen from their wallets. 

The exact details of the hack and who was responsible are still unclear, but it is believed that the theft occurred due to security vulnerabilities in Mt. Gox’s system.

Some experts suggest that the stolen funds were gradually siphoned off over a long period of time leading up to the attack.

4. Coincheck: $540 Million

In January 2018, Japan-based cryptocurrency exchange Coincheck lost $530 million worth of NEM (XEM) tokens after suffering from a hack. The identity of the Japanese hackers who broke into the security system is still a mystery. 

Following the investigation, Coincheck revealed that hackers were able to gain access to their system due to a staffing deficit at the time. The hackers were able to comprise the system successfully due to funds being kept in hot wallets and insufficient security measures in place.

It is worth noting that XEM is currently trading at around $0.028, down by more than 98% compared to its all-time high of $1.87 recorded in January 2018. Therefore, the Coincheck hack is worth much less in today’s prices. 

3. BNB Chain: $570 Million

In October 2022, hackers stole around $570 million worth of BNB tokens from a blockchain bridge used in the BNB Chain, previously known as Binance Smart Chain.

“An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC,” Binance CEO Changpeng Zhao said at the time. 

In the attack, hackers drained 2 billion BNB tokens from the cross-chain bridge. However, thanks to quick-acting, a vast sum of these stolen tokens were frozen, so only around $110 million of the stolen tokens were unrecoverable.

2. Poly Network: $610 Million

Interoperability protocol Poly Network suffered a major exploit in August 2021, losing around $610 million worth of crypto funds, marking the second-largest heist in the crypto industry to date. 

By exploiting a vulnerability in its system, a hacker transferred approximately $610 million of Poly Network’s most valuable digital assets to three addresses they controlled on Ethereum, Binance Smart Chain, and Polygon.

In a positive turn of events, the hacker announced on August 11, 2021, that they intend to return the tokens, asking for multi-signature addresses to make the transfers. They claimed that the purpose of the theft was to reveal vulnerabilities and secure Poly Network.

The hacker started returning funds in slices, yielding the final tranche of stolen funds by 23 August. In return, Poly Network offered a $500,000 bounty for the hacker and even offered them a job as “chief security advisor.”

1. Ronin Network: $620 Million

Ronin Network, an Ethereum sidechain used for the popular blockchain game Axie Infinity, was hacked to the tune of $620 million in March 2022, becoming the largest theft in the history of crypto. 

The hack was made possible due to compromised private keys. At the time, the Ronin Network used a set of nine validator nodes to approve transactions on the bridge, and a deposit or withdrawal requires approval by a majority of five of these nodes. 

The attacker managed to gain control of four validators after hacking one device and then hacked Axie DAO to obtain the 5th validator.

After gaining access to Sky Mavis systems, the attacker authorized two withdrawals, draining 173,600 ETH (worth around $595 million at the time) and 25.5 million USDC from the Ronin bridge contract.

The Bottom Line

In conclusion, the world of cryptocurrencies, while promising numerous benefits in terms of security and financial sovereignty, remains vulnerable to a range of external threats. As highlighted by the series of major crypto hacks outlined in this article, even the most sophisticated security measures can be bypassed by determined hackers.

As the adoption of digital currencies and DeFi continues to grow, so does the need for robust security protocols, user education, and continuous improvement in technology safeguards.

Advertisements

Related Reading

Related Terms

Advertisements
Ruholamin Haqshanas
Crypto Journalist
Ruholamin Haqshanas
Crypto Journalist

Ruholamin is a crypto and financial journalist with over three years of experience. In addition to Techopedia, he has been featured in major media outlets including Cryptonews, Investing.com, 24/7 Wall St, The Tokenist, Business2Community, and has also worked with some prominent crypto and DeFi projects. He holds a bachelor's degree in Mechatronics. Ruholamin enjoys reading about technological developments, writing and observing nature.