If you are following crypto space you probably noticed that every few months appears to be a new exchange that was hacked. It almost seems like there is no exchange that is safe from hackers. Even the biggest names in the industry today like Binance, for example, have been successfully hacked in the past. How can we trust our Bitcoins to some exchange and hope they will keep it safe for us. The issue is not just if they are going to be hacked you also have a risk of being scammed directly by the exchange.
As people tend to forget, what happened last Tuesday I created a list of all (known to me) hacks, so we can all remember the exchanges that got hacked.
Not your keys, not your bitcoin!
Not your keys, not your bitcoin is a common known saying and it most certainly holds true for all involved in the Crypto exchange hacks.
Here is the list
June – Bitrue – 9.3 Million XRP & 2.5 Million ADA
Bitrue is a Singapore-based cryptocurrency exchange that experienced a major hack to its hot wallet. The exchange announced the breach in a tweet, saying that the event was identified at around 1 a.m. local time Thursday. Luckily for users who lost their funds, funds are insured and Bitrue has reassured them that they will be fully repaid. Only 90 Bitrue users were affected, but the cryptocurrency that was stolen was worth nearly $5 million.
As for how the breach occurred, the exchange explained:
A hacker exploited a vulnerability in our Risk Control team’s 2nd review process to access the personal funds of about 90 Bitrue users. The hacker used what they learned from this breach to then access the Bitrue hot wallet and move 9.3 million XRP and 2.5 million ADA to different exchanges.
June – GateHub – 23,200,000 XRP
This UK and Slovenia-based cryptocurrency exchange suffered from a large hack during the summer. GateHub is a widely used wallet for multiple cryptocurrencies, including Bitcoin, Ripple, Ethereum, and Augur. It also features an integrated exchange function. Hackers were able to get hold of $10 million worth of Ripple. While it is still unclear as to how exactly the attackers supposedly gained access to a database that held valid access tokens for GateHub customers. So far, GateHub has managed to make some progress in recovering the stolen funds.
On June 1 we were made aware of the theft of 201,000 XRP … and immediately started an investigation. It turned out that the account robbed was managed through Gatehub.net, and that the offending account (r9do2Ar8k64NxgLD6oJoywaxQhUS57Ck8k) had stolen substantial amounts from several other XRP accounts, likely to be or have been managed through Gatehub.net.
May – Binance – 7,000 BTC
And to show that no exchange is safe and even that it is now the year 2019, people would think that exchanges have learned something from previous mistakes but hackers still managed somehow to use a phishing scam and malware to hack into Binance. The malicious actors ran off with $40 million worth of Bitcoin.
As it appears that hackers were able to compromise several high-net-worth accounts, whose bitcoin was kept in Binance’s so-called hot wallet—which, unlike cold wallets, are connected to the internet—and filch those funds in a single transaction. As a result, Binance promised to increase its security, but users are understandably wary. CZ even mentioned the possibility of a Bitcoin chain rollback but took his words back quickly as people were completely outraged by something like that.
We have discovered a large scale security breach today, May 7, 2019, at 17:15:24 (UTC). Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet.
March – Bithumb – 3 Million EOS & 20 Million XRP
This South Korean cryptocurrency exchange was the victim of a suspected insider job. It all started with a suspicious withdrawal, and the exchange immediately suspended all withdrawals on their platform, but it was too late. Who conducted the hack is still unknown, but since there is no evidence of outsider interference, many suspect that it was a Bithumb employee who stole the funds.
About 10:15 pm on the 29th, we detected abnormal withdrawal of the company’s cryptocurrency through Bithumb’s abnormal trading monitoring system. All the spilled cryptocurrency is owned by company, and all the member’s asset is under the protection of cold wallet. According to the company’s manual, Bithumb secured all the cryptocurrency from the detection time with a cold wallet and checked them by blocking deposit and withdrawal service.
March – CoinBene – Unknown
The CoinBene exchange went into maintenance and shortly after problems started to surface for CoinBene when funds began to mysteriously move out of the exchange’s hot wallet. Analysts and exchange users were worried, especially since the exchange was down for maintenance, a typical post-hack response. The exchange was in maintenance mode for a whole month and despite this fact the refused to admit that they were hacked and have refused to comment on it. Funds are definitely missing, but just how much is unclear as people from CoinBene don’t want to give out any information.
February – Coinmama – 450,000 User Emails & Passwords
This event is a slightly less conventional hack because instead of stealing money the hackers just stole information. Coinmama is a cryptocurrency exchange that was formed in 2013. Coinmama is registered in Slovakia but is owned by New Bit Ventures Limited that is headquartered in Israel. … However, Coinmama does not provide a platform for trading in cryptocurrencies nor does it allow users to sell cryptocurrency. There appears to have been little fallout from this hack, as Coinmama informed users rapidly once they learned that user data was being leaked on the dark web. To date, no cryptocurrency has been stolen.
Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017.
January – Cryptopia – 1,675 ETH
Unfortunately for Cryptopia, they suffered from another hack 15 days after the first one. That was the end of the exchange – they are now going through the liquidation process. The main problem is that they still hold all crypto deposits of all their users and pretend that it is a long going process of identifying holdings for each and every user.
January – Cryptopia – Min. 19,390 ETH
It all started with Cryptopia users having difficulty accessing their accounts, and it only went downhill from there. The company originally thought it was a technical issue, but later clarified on Twitter that it was a security breach. The exact amount stolen in the hack is still unknown.
Yesterday 14th January 2019, the Cryptopia Exchange suffered a security breach which resulted in significant losses. Once identified by staff, the exchange was put into maintenance while we assessed damages.
December – QuadrigaCX – 26,350 BTC
While this doesn’t quite qualify as a hack, it is too unbelievable to not include on this list.
QuadrigaCX was Canada’s largest cryptocurrency exchange owned by Gerald Cotten. Cotten was the only person who knew how to access the cold wallets belonging to the exchange.
In December, while on his honeymoon in India, Cotten died and took any information on how to access the cold wallets to his grave. QuadrigaCX had already been struggling and rumors of bankruptcy had been floating around, and with Cotten’s passing the exchange collapsed. Conspiracy theories started popping up that Cotten wasn’t actually dead, he had just pulled a very elaborate exit scam.
As investigations started into QuadrigaCX’s finances began, things took a bizarre turn. Six cold wallets were identified to belong to QuadrigaCX. However, when investigators looked at the wallets, five of them had been emptied around April 2018. No one is really sure what has happened, and investigations are still ongoing. Cotten’s widow has voluntarily returned $9 million in assets from Cotten’s estate to repay users.
September – Zaif – 5,966 BTC
This is yet another case where it’s unclear how hackers stole the funds. However, Zaif did file a criminal case with their local authorities, which makes it sound like they have an idea as to who did it. Either way, this Japanese exchange lost $60 million worth of cryptocurrency.
June – Coinrail – 1,927 ETH, 2.6 Billion NPXS, 93 Million ATX, 831 Million DENT Coins & large amounts of 6 other tokens
Despite the fact that Coinrail was a relatively small cryptocurrency exchange, it did a lot of business which drew the attention of hackers. Exact details of the attack are still unclear, and the exchange lost an estimated $40 million.
June- Bithumb – $31 Million Worth of XRP
Unfortunately, Bithumb’s hacking problems didn’t start in 2019. The exchange was hacked in 2018 as well (and you will see them again on our list), with hackers making off with substantial amounts of Ripple. This hack appears to be orchestrated by a group of North Korean hackers known as the Lazarus Group, who have been responsible for a number of cryptocurrency hacks over the years. Luckily for Bithumb users, the exchange promised to pay back any stolen funds.
May – Bitcoin Gold – $18 Million Worth of BTG
This is probably one of the stranger hacks on our list, as a cryptocurrency exchange wasn’t hacked but a cryptocurrency was. Bitcoin Gold was an offshoot of the original Bitcoin, which took a hard fork from Bitcoin as an attempt to decentralize (ironic given that Bitcoin is already decentralized).
Bitcoin Gold became the victim of a 51% attack, a rare occurrence where hackers managed to gain control of more than 50% of the network’s computing power. From there, attackers can prevent confirmations, allowing them to effectively stop payments between users and make changes to the network’s blockchain ledger. This type of attack was thought to be rare, if not impossible, until the Bitcoin Gold incident.
Using some complicated maneuvers, hackers put their Bitcoin Gold onto exchanges, traded them for other cryptocurrencies, then withdrew the amount. And because they had control of Bitcoin Gold’s blockchain ledger, they could simply return the original Bitcoin Gold back into their own wallet, essentially stealing money from exchanges.
May – Taylor – 2,578 ETH
Taylor is a cryptocurrency trading app, that raised a successful initial coin offering (ICO) in order to get funding. Unfortunately, not long after, hackers managed to gain access to a company device and took control of a password file. The malicious actors stole all of the Ethereum raised in the ICO, valued at $1.5 million. There were concerns that this was just another exit scam, but it appears that Taylor has slowly managed to rebuild.
April – CoinSecure – 438 BTC
CoinSecure, an Indian cryptocurrency exchange, lost Bitcoin valuing $3.5 million at the time of the hack. However, it seems like this one was an inside job. The owners of CoinSecure believe their former Chief Security Officer stole the funds. It seems they may have been onto something, as he was later arrested.
February – Bitgrail – 17,000,000 NANO
Over $170 million was stolen from the Italian exchange Bitgrail, and the details are a little fuzzy. While the owner, Francesco Firani, announced the hack, other Bitgrail employees denied it and said there was nothing wrong. People are sceptical as to whether this was an actual hack, or an attempt at an exit scam.
January – Coincheck – 523,000,000 NEM
Coincheck was the leading exchange in Japan, but the hack showed how remarkably unsecure the platform was. The hackers managed to spread a virus through email that allowed them to steal private keys. After that it was remarkably easy, as Coincheck did not use smart contracts or multi-signatures, and all coins were stored in the same wallet. The total value of cryptocurrency stolen is one of the highest ever, $533 million. Remarkably, the cryptocurrency exchange is still in business.
December – NiceHash – 4,736 BTC
NiceHash is a cryptocurrency mining marketplace that allows miners to rent out their hash rate to others. Their payment system was compromised, causing the contents of users Bitcoin wallets to be stolen. The exact amount stolen was never confirmed by NiceHash, but it is strongly believed to be 4,736 worth of Bitcoin, worth about $62 million at the time. This story ends on a happy note though, as NiceHash managed to return 60% of the stolen funds to users.
December – Youbit – Unknown
Youbit (formerly known as Yapizon) was a relatively small South Korean cryptocurrency exchange that had experienced a hack earlier in 2017. This time, hackers made off with 17% of the exchange’s holdings. This marked the end for Youbit, they filed for bankruptcy the same day.
July – Bithumb – $7 Million Worth of BTC & ETH
Bithumb makes yet another appearance on this list. At the time of this hack, Bithumb was the fourth-largest cryptocurrency exchange by volume worldwide. An unknown hacker managed to gain access to an employee’s personal computer and stole the details of over 30,000 Bithumb users. Not long after, users started to notice their accounts being drained.
April – Yapizon – 3,800 BTC
Before Yapizon changed their name to Youbit, they experienced their first hack. Malicious actors managed to run off with $5 million worth of Bitcoin and Yapizon did it’s best to mitigate the damages.
August – Bitfinex – 120,000 BTC
This Hong Kong-based cryptocurrency exchange had claimed to be the most secure exchange in the world. Unfortunately, that proved to be very untrue. Hackers made off with a large amount of Bitcoin through Bitfinex’s processing service – BitGo. The price of Bitcoin plunged as a result of the hack.
May – GateCoin – 250 BTC & 185,000 ETH
GateCoin was one of the first regulated cryptocurrency exchanges at the time, and its popularity made it a prime target for malicious actors. Hackers managed to gain access to user wallets and stole cryptocurrencies valued at $2 million. That was the nail in the coffin for GateCoin – the exchange never recovered.
April – ShapeShift – $230,000 Worth of Cryptocurrency
Over the course of a month, the cryptocurrency exchange ShapeShift was hacked three separate times. According to a detailed report by ShapeShift CEO Erik Voorhees, a former employee was responsible for all three hacks. The cryptocurrency pledged to rebuild, and they are one of the few who has managed to do so successfully.
February – BTER – 7,170 BTC
Another attack that is related to employees mistake occurred in China. A small cryptocurrency exchange Bter was hacked several times. Employees of the exchange organized the largest heist. In February 2015, 7000 BTC was stolen from a cold wallet. After that, all the activities of the company were suspended, and only a couple of years later the Bter management resumed withdrawing funds from their assets.
February – KipCoin – 3,000 BTC
You’ll see Linode further down on our list, but it was a hosting server for a few cryptocurrency exchanges. It was hacked again in 2014, which this time caused a security breach on the KipCoin server. The hackers managed to gain control of the entire platform by changing passwords internally. A month-long struggle ensued, in which the administrators managed to regain control of the exchange, but the hackers still lurked. At the time of the hack, KipCoin did not tell users what was happening in light of the Bitstamp hack and only later revealed the information.
January – Bitstamp – 19,000 BTC
The first licensed cryptocurrency exchange in Europe, Bitstamp, which is regulated by the Luxembourg Supervisory Authority in Finance (CSSF), was hacked in January 2015. Hackers sent a malicious file to the internal mail of employees. One of the Bitstamp’s employees neglected security rule №1 — do not open files from strangers, and followed the link on the device that has access to the BTC wallet of the exchange. As a result, 19,000 BTC was stolen, or about $5,100,000 at the day of the theft.
January – LocalBitcoins – 17 BTC
While this was a relatively small hack, it proved a point when it came to spending money on cybersecurity. Attackers used the LocalBitcoins live chat to distribute malware then made off with a relatively small profit.
January – 796 – 1,000 BTC
It was not a good start to the year for cryptocurrency exchanges in 2015. Chinese exchange 796 had its server compromised, and hackers tampered with withdrawal addresses to trick users. It worked, and major shareholders footed the bill so users didn’t have to lose funds themselves.
October – MintPal – 3,700 BTC
MintPal experienced their second hack in October (scroll down to read about the first one in July), but this one had a lot more twists and turns. Not long after the hack in July, MintPal was purchased by a company called Moolah (also known as Moopay Ltd), owned by Ryan Kennedy alias Alex Green.
After a failed relaunch of MintPal, Moolah announced it was closing its doors but users would be able to still use MintPal. However, user accounts were locked and users were able to track funds being removed from wallets and then watch them be sold on another platform. Kennedy was the only one with access to customer funds, and he was currently on the run.
Kennedy was arrested in 2016 for rape changes and is now in jail. He is now also facing charges of fraud from the UK police for his involvement in the MintPal hack.
July – Cryptsy – 13,000 BTC & 300,000 LTC
A trojan virus was inserted into the code of Cryptsy by a hacker going by the name of Lucky7Coin. As a result, Lucky7Coin (and potentially others) walked away with a staggering amount of cryptocurrency. The owner of Cryptsy, Paul Vernon, was accused of destroying evidence and stealing Bitcoin himself and the exchange declared insolvency. Vernon was successfully sued for $8.2 million in a class-action lawsuit.
July – MintPal – 8 Million VRC
Before MintPal’s unfortunate takeover by Alex Kennedy, they experienced another hack. The hacker found a weak point in the withdrawal system on the exchange, and managed to authorize a withdrawal from the Vericoin wallet. The sites Bitcoin and Litecoin wallets were also targeted, but nothing was stolen. The hack resulted in the loss of 30% of all Vericoin, which caused the Vericoin development team to decide on a hard fork in order to mitigate the damages.
March – Mt.Gox – 850,000 BTC
You might be surprised to see this name again, and attached to what is one of the biggest hacks of all time. The investigation is still ongoing and the situation is far from clear, but it appears that when Mt.Gox was originally hacked in 2011, some private keys were also stolen by malicious actors. The hackers gained access to a large number of Bitcoin and started emptying wallets. Purportedly due to an error in the Mt.Gox systems, the exchange was interpreting these withdrawals as deposits for nearly two years. It was a huge error, costing users a total of $45 million and marking the end of the cryptocurrency exchange. Interestingly, some of the stolen funds may potentially be recovered.
March – Poloniex – 97 BTC
In the same month, hackers managed to take advantage of an incorrect withdrawal code of this US-based cryptocurrency exchange. While the company did not report exactly how much was stolen, the figure has been explained on the Bitcointalk forum. There is still some speculation as to whether the hack was an inside job or not.
November – BitCash – 484 BTC
The Czech-based exchange Bitcash lost Bitcoin after a hack on their servers. The attackers gained access to emails and sent out a phishing scam, pretending to be Bitcash to obtain customer information, which they then used to steal funds.
May – Vicurex – 1,454 BTC
While the hack of Vicurex has never exactly been confirmed (leading some to believe it was an inside job), the cryptocurrency exchange announced it had lost most of its reserve funds to attackers. Vicurex, claiming near bankruptcy, froze all withdrawals, leading several former customers to sue the company for withholding their money.
September – BitFloor – 24,000 BTC
At the time of the hack, BitFloor was the fourth largest exchange on the US market. Attackers managed to gain access to the servers and found unencrypted backup wallet keys. From there, they simply siphoned out the funds, worth a cumulative $250,000.
July – BTC-e – 4,500 BTC
This is the first proven story when exchange operators are becoming greedy and peculate money that doesn’t belong to them. Alexander Vinnik, the operator of BTC-e, was arrested for money laundering and computer hacking. He was one of the staff members who performed DDoS attacks, stole API creds, initiated Liberty Reserve deposits, and injected large amounts of USD into the system which were quickly sold for BTC.
BTC-e.com was considered a golden standard of reliability and had a chance to change the reputation of Russia being the money-laundering country.
May – Bitcoinica – 18,457 BTC
Unfortunately for Bitcoinica, they suffered another hack just two months after their initial hack. This led many to suspect that the original security issues from the Linode attack in March had never actually been effectively dealt with. The site was immediately shut down and the exchange was ultimately closed for good.
March – Linode – 43,000 BTC from Bitcoinica & 3,000 BTC from Slush
This one is a little complicated. Linode is a web hosting provider, and they hosted the cryptocurrency exchanges Bitcoinica and Slush. Linode itself was hacked, and the attackers managed to steal significant amounts Bitcoin from both exchanges.
October – Mt.Gox – 2609 BTC
Bad luck struck Mt.Gox again in October 2011. The exchange lost the other 2609 BTC due to some sort of programming error. To put it simply, Mt Gox accidentally created transactions that can never be redeemed.
October – Bitcoin7 – 11,000 BTC
In this case, hackers from Russia and Eastern Europe managed to gain access to Bitcoin7’s servers. This also gave them access to the exchange’s main BTC depository and two backup wallets. Bitcoin7 continues to exist with an obviously spammy website (steer clear!).
July – Bitomat – 17,000 BTC
Bitomat was a cryptocurrency exchange based in Poland and was the 3rd largest exchange platform at that time. Due to the accidental wallet destruction during the server reboot, they lost keys to all BTC wallets, resulting in a loss of 17k BTC.
Bitomat was using Amazon Web Services Elastic Cloud Computing to host virtual machines; the AWS warning goes that if an instance is taken offline all the data stored can be lost permanently. It appeared that Bitomat happened to be storing backups and the current state of their wallet in an EC2 virtual machine, so it’s possible that they had little chance of recovering the old funds from the wallet.
June – Mt.Gox – 2,643 BTC
While at the time this was a relatively small hack and the amount was neglectable, it was just the beginning of problems for Mt.Gox. In this hack, attackers were able to gain access to a computer belonging to an auditor at the cryptocurrency exchange. The malicious actor changed the price of Bitcoin to $0.01, purchased them at the artificially low price and made off with a small fortune.