- Cryptocurrency thefts plummeted by over 50% in 2023, though the number of hacking incidents increased.
- The Ronin Network bridge heist in March 2022 remains the largest in history, with $625 million in assets stolen.
- Efforts to strengthen security continue as the industry evolves, despite significant breaches like those of Poly Network, BNB Bridge, Coincheck, Mt. Gox, and FTX.
One of the biggest selling points for cryptocurrencies is their security features, bolstered by cryptography. However, that doesn’t make them immune to external threats such as phishing attacks, malware, and vulnerabilities in wallets, among others. These attacks result in significant financial losses more often than the community might expect.
The good news is, according to Chainalysis, an on-chain analytics company, the total amount of funds stolen from cryptocurrency platforms dropped by more than 50% in 2023 compared to 2022. However, this drop coincided with a spike in the number of individual hacking incidents.
While the crypto industry is continually evolving and finding ways to address these risks, the article examines some of the biggest attacks that had a profound impact on this emerging sector.
Ronin bridge: $635 million
The largest cryptocurrency heist happened in March 2022, targeting the Ronin Network bridge, a part of the Axie Infinity blockchain. Attackers made off with a total of $625 million worth of assets, including Ethereum and USDC stablecoin. Officials from the United States ascribed this incident to the North Korean-backed Lazarus Group. A month later, Binance recovered $5.8 million of the pilfered money. As of March 2024, it continues to be the largest cryptocurrency hack in history.
Poly Network: $600 million
Next on the list is the Poly Network. The blockchain was hacked in August 2021 due to a vulnerability. The hackers were able to siphon $600 million. The developers took to social media and pleaded with the hacker to return the funds. Surprisingly, the hacker complied and returned $300 million within 48 hours. Interestingly, the hacker noted that the attack was executed just for fun.
BNB Bridge: $570 million
In October 2022, hackers targeted the Binance BNB Bridge and stole $570 million. The attack stemmed from a smart contract bug in the BSC Token Hub that allowed the creation and withdrawal of 2 million extra BNB tokens.
Coincheck: $534 million
Cryptocurrency exchange Coincheck fell prey to hackers in 2018. The attackers stole 560 million NEM coins from the platform’s hot wallet, valued at around $534 million at the time. To date, there have been no reports of who was behind the attack.
Mt. Gox: $460 million
The infamous Mt. Gox exchange was hacked multiple times between 2011 and 2014. The hacks resulted in cumulative losses worth $460 million. During the first hack, the attackers were able to manipulate the price of Bitcoin on the platform and managed to acquire about 2000 BTC. Several efforts were taken to strengthen the security on the platform but to no avail. Later, investigations into the 2014 attack revealed that the culprits were using a stolen unencrypted private key from 2011. This quickly spurred concerns that the attacks may have been an inside job.
FTX: $415 million
The controversial FTX exchange was also attacked in 2022 while it was filing for bankruptcy. Surprisingly, the attack took place just hours after the filing was made official. The attackers managed to get away with $415 million. After investigating the attack, prosecutors charged three individuals. The culprits reportedly orchestrated a SIM swap attack on an FTX insider, allowing them access to the funds.