Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/web-n-composite/crypto-hacks-list
Cryptocurrency hacks list
https://github.com/web-n-composite/crypto-hacks-list
awesome-lists blockchain crypto-hacks crypto-leaks cryptocurrency cryptocurrency-exchanges cryptocurrency-hacks cryptocurrency-leaks hacking risk-scoring
Last synced: 7 days ago
JSON representation
Cryptocurrency hacks list
- Host: GitHub
- URL: https://github.com/web-n-composite/crypto-hacks-list
- Owner: Web-n-Composite
- Created: 2022-10-14T18:19:31.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2023-04-14T15:36:19.000Z (over 1 year ago)
- Last Synced: 2024-10-15T16:42:10.730Z (22 days ago)
- Topics: awesome-lists, blockchain, crypto-hacks, crypto-leaks, cryptocurrency, cryptocurrency-exchanges, cryptocurrency-hacks, cryptocurrency-leaks, hacking, risk-scoring
- Homepage:
- Size: 927 KB
- Stars: 367
- Watchers: 19
- Forks: 6
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# crypto-hacks-list
**Cryptocurrency hacks list from January 2021 - updated weekly.**
October 2022 saw a surge in hacking activity, with the total hacked value for the month nearly reaching $718 million, according to blockchain analytics firm Chainalysis. The firm has labeled October as "the biggest month in the biggest year ever for hacking activity". So far, 11 different hacks on decentralized finance (DeFi) protocols have been reported, with cross-chain bridges being the biggest target for hackers.
Three bridge hacks this month accounted for 82% of October’s losses, with the largest being a $100 million exploit on the bridge between crypto exchange Binance’s BNB Smart Chain and Beacon Chain.
| Date | Amount stolen | Who? | What? |
|---|---|---|---|
| Feb 2021 | $45k | [Cryptopia](https://cryptopia.com/) | [Troubled NZ Crypto Exchange Cryptopia Suffers Another Hack in the Midst of Liquidation Process](https://news.bitcoin.com/troubled-nz-crypto-exchange-cryptopia-suffers-another-hack-in-the-midst-of-liquidation-process/) |
| Feb 2021 | $37m | [Alpha Homora](https://homora.alphaventuredao.io/) | [Alpha Homora loses $37 million following Iron Bank exploit](https://cointelegraph.com/news/alpha-homora-loses-37-million-following-iron-bank-exploit) |
| Feb 2021 | $14m | [Furucombo](https://furucombo.app/) | [Transaction batching protocol Furucombo suffers $14 million ‘evil contract’ hack](https://cointelegraph.com/news/transaction-batching-protocol-furucombo-suffers-14-million-evil-contract-hack) |
| Feb 2021 | $11m | [Yearn Finance](https://yearn.finance/)| [Hacker Spends $8.3 Million in Fees to Attack Yearn Finance](https://cryptobriefing.com/hacker-spends-8-3-million-fees-attack-yearn-finance/) |
| Mar 2021 | $3m | [PAID Network](https://paidnetwork.com/) | [PAID Network exploiter nets $3 million in infinite mint attack](https://cointelegraph.com/news/paid-network-exploiter-nets-3-million-in-infinite-mint-attack) |
| Mar 2021 | $31m | Meerkat Finance | [Dev says $31 million Meerkat Finance exploit was a ‘test’; will return funds](https://cointelegraph.com/news/dev-says-31-million-meerkat-finance-exploit-was-a-test-will-return-funds) |
| Apr 2021 | n/a | [Hotbit](https://www.hotbit.io/) | [Cryptocurrency Exchange Hotbit Hacked: Systems Paralyzed, 2 Million Users Affected](https://news.bitcoin.com/cryptocurrency-exchange-hotbit-hacked-2-million-users/) |
| Apr 2021 | $50m | [Uranium Finance](https://uranium.financial/) | [Binance Chain DeFi Exchange Uranium Finance Loses $50M in Exploit](https://www.coindesk.com/markets/2021/04/28/binance-chain-defi-exchange-uranium-finance-loses-50m-in-exploit/) |
| Apr 2021 | $80 | [EasyFi](https://t.co/LlxrTEucwR) | [EasyFi Hacked for Over $80 Million in MetaMask Attack](https://cryptobriefing.com/easyfi-hacked-over-80-million-metamask-attack/) |
| May 2021 | $25m | [xToken](https://xtoken.market/) | [xToken DeFi Project Hacked For Over $25M](https://thedefiant.io/xtoken-defi-project-hacked-for-over-25m) |
| May 2021 | $30m | [Spartan Protocol](https://spartanprotocol.org/) | [Binance Smart Chain's Spartan Protocol Loses $30M+ in Exploit](https://www.coindesk.com/markets/2021/05/02/binance-smart-chains-spartan-protocol-loses-30m-in-exploit/) |
| May 2021 | $200 | [PancakeBunny](https://pancakebunny.finance/) | [PancakeBunny tanks 96% following $200M flash loan exploit](https://cointelegraph.com/news/pancakebunny-tanks-96-following-200m-flash-loan-exploit) |
| May 2021 | $11m | [bEarn](https://www.bearn.fi/) | [DeFi Protocol bEarn Suffers $11M Flash Loan Attack](https://finance.yahoo.com/news/defi-protocol-bearn-suffers-11m-052524424.html) |
| May 2021 | $22m | [Value DeFi](https://valuedefi.io/) | [$22 Million Was Stolen From Three Defi Platforms Last Weekend](https://thedefiant.io/22-million-was-stolen-from-three-defi-platforms-last-weekend) |
| Jun 2021 | $27m | [Stablemagnet](http://www.stablemagnet.com/) | [THE STABLEMAGNET RUGPULL (JUNE 2021)](https://halborn.com/explained-the-stablemagnet-rugpull-june-2021/) |
| Jun 2021 | $20m | [Wintermute](https://www.wintermute.com/) | [Wintermute Makes "Optimistic"" Assumption](https://cryptobriefing.com/wintermute-makes-optimistic-assumption-loses-20m-optimism-tokens/) |
| Aug 2021 | $80m | [Liquid](https://www.liquid.com/) | [Liquid exchange hacked to the tune of $80 million](https://cointelegraph.com/news/breaking-liquid-exchange-hacked-to-the-tune-of-80-million) |
| Aug 2021 | $25m | [Popsicle Finance](https://popsicle.finance/) | [DeFi Protocol Popsicle Finance Hacked for $25 Million](https://decrypt.co/77620/defi-protocol-popsicle-finance-hacked-25-million) |
| Sept 2021 | $35m | [Vee Finance](https://vee.finance/) | [Vee Finance Hit for $35M in Second Major Exploit on Avalanche](https://www.coindesk.com/tech/2021/09/21/vee-finance-hit-for-35m-in-second-major-exploit-on-avalanche/) |
| Oct 2021 | $130m | [Cream Finance](https://app.cream.finance/) | [Hackers steal $130 million from Cream Finance; the company’s 3rd hack this year](https://therecord.media/hackers-steal-130-million-from-cream-finance-the-companys-3rd-hack-this-year/) |
| Oct 2021 | $68 | [Compound](https://compound.finance/) | [Bug bites DeFi protocol Compound again](https://forkast.news/headlines/bug-bites-defi-protocol-compound-again/) |
| Oct 2021 | $16m | [Indexed Finance](https://indexed.finance/) | [Indexed Finance Attacker Refuses to Return Stolen $16M, Team Approaching Authorities](https://beincrypto.com/indexed-finance-attacker-refuses-return-16-million-authorities/) |
| Nov 2021 | $55m | [bZx](https://bzx.network/) | [DeFi Lender bZx Suffers Hack for Reported $55M](https://www.coindesk.com/business/2021/11/05/defi-lender-bzx-suffers-hack-for-reported-55m/) |
| Nov 2021 | n/a | [Snowdog](https://t.co/hG6Ploic59) | [OlympusDAO Fork Snowdog Hit By 90% Crash](https://cryptobriefing.com/olympus-dao-fork-snowdog-hit-by-90-crash/) |
| Dec 2021 | $150m | [Bitmart](https://www.bitmart.com/) | [Crypto exchange BitMart confirms hack resulting in loss of $150 million in crypto](https://www.theblock.co/linked/126367/crypto-exchange-bitmart-reportedly-hacked-for-100-million) |
| Dec 2021 | $78m | [AscendEx](https://ascendex.com/en/global-digital-asset-platform) | [Crypto exchange AscendEX hacked for $78 million in latest swindle](https://www.theblock.co/post/127231/crypto-exchange-ascendex-hacked-for-78-million-in-latest-swindle) |
| Dec 2021 | $120m | [Badger DAO](https://badger.com/) | [Badger DAO Protocol Suffers $120M Exploit](https://www.coindesk.com/business/2021/12/02/badger-dao-protocol-suffers-10m-exploit/) |
| Dec 2021 | $30m | [Grim Finance](https://www.grim.finance/) | [$30 million stolen from Grim Finance, audit firm blames new hire for vulnerability](https://www.zdnet.com/article/30-million-stolen-from-defi-protocol-grim-finance-audit-firm-apologizes-for-missing-vulnerability)/ |
| Dec 2021 | $31m | [MonoX Protocol](https://monox.finance/) | [Detailed analysis of the $31 Million MonoX Protocol Hack](https://slowmist.medium.com/detailed-analysis-of-the-31-million-monox-protocol-hack-574d8c44a9c8) |
| Jan 2022 | $6.8m | [LCX](https://www.lcx.com/) | [LCX loses $6.8M in a hot wallet compromise over Ethereum blockchain](https://cointelegraph.com/news/lcx-loses-6-8m-in-a-hot-wallet-compromise-over-ethereum-blockchain) |
| Jan 2022 | $35m | [Crypto.com](crypto.com) | [Crypto.com Says More Than $35 Million Stolen by Hackers](https://www.thestreet.com/investing/crypto-com-says-over-35-million-dollars-stolen-by-hackers) |
| Jan 2022 | $80m | [Qubit Bridge](https://docs.qbt.fi/) | [Qubit pleads with hacker to return $80 million of stolen funds](https://www.bitdefender.co.uk/blog/hotforsecurity/qubit-pleads-with-hacker-to-return-80-million-of-stolen-funds/) |
| Feb 2022 | $326m | [Wormhole](https://wormhole.com/) | [Blockchain Bridge Wormhole Suffers Possible Exploit Worth Over $326M](https://www.coindesk.com/tech/2022/02/02/blockchain-bridge-wormhole-suffers-possible-exploit-worth-over-250m/) |
| Feb 2022 | $36m | [IRA Financial Trust](https://www.irafinancialtrust.com/) | [Hackers Snagged $36 Million in Crypto in Breach of IRA Financial](https://www.bloomberg.com/news/articles/2022-02-14/ira-financial-hacked-36-million-in-cryptocurrency-stolen) |
| Feb 2022 | $13m | [Superfluid](https://www.superfluid.finance/) | [Polygon stablecoin Qi Dao exploited for $13M on Superfluid vested contract](https://cointelegraph.com/news/polygon-stablecoin-qidao-exploited-for-13m-on-superfluid-vested-contract) |
| Feb 2022 | $10m | [Project Dego Finance](https://docs.dego.finance/) | [DeFi Project Dego Finance Hacked: Exploiters Reportedly Drain Over $10M](https://cryptopotato.com/defi-project-dego-finance-hacked-exploiters-reportedly-drain-over-10m/#:~:text=According%20to%20the%20blockchain%20security%2C%20Ethereum%2C%20and%20Cronos) |
| Mar 2022 | $52m | [Cashio](https://cashio.app/) | [A Robin Hood-esque attacker steals $52 million from Cashio, then returns smaller amounts and pledges to donate the rest to charity](https://web3isgoinggreat.com/?id=robin-hood-esque-attacker-steals-52-million-from-cashio-then-returns-smaller-amounts-and-pledges-to-donate-the-rest-to-charity) |
| Mar 2022 | $625m | [Axie Infinity](https://axieinfinity.com/) | [Axie Infinity’s Ronin Network Suffers $625M Exploit](https://www.coindesk.com/tech/2022/03/29/axie-infinitys-ronin-network-suffers-625m-exploit/) |
| Mar 2022 | $11m | [Agave](https://agave.finance/) | [Defi Protocols Agave and Hundred Finance Suffer Hack of $11M](https://uk.finance.yahoo.com/news/defi-protocols-agave-hundred-finance-082932767.html) |
| Apr 2022 | $182m | [Beanstalk](https://bean.money/) | [Attacker Drains $182M From Beanstalk Stablecoin Protocol](https://www.coindesk.com/tech/2022/04/17/attacker-drains-182m-from-beanstalk-stablecoin-protocol/) |
| Apr 2022 | $80m | [Fei Protocol](https://fei.money/) | [Fei Protocol and Rari Capital Pools Hit By $80 Million Hack](https://beincrypto.com/fei-protocol-and-rari-capital-lose-80-million-dollars-in-pool-hack/) |
| Apr 2022 | $11m | [Elephant Money](https://elephant.money/) | [Hackers steal more than $11 million from Elephant Money DeFi platform](https://therecord.media/hackers-steal-more-than-11-million-from-elephant-money-defi-platform/) |
| Apr 2022 | $16m | [Deus Dao](https://deus.finance/) | [Deus DAO suffers another flash loan exploit, loses over $16M](https://cryptoslate.com/deus-dao-suffers-another-flash-loan-exploit-loses-over-16m/) |
| May 2022 | $10m | [Saddle Finance](https://www.saddle.finance/) | [Saddle Finance Loses Over $10 Million in Hack — Derev Blog](https://medium.com/coinmonks/saddle-finance-loses-over-10-million-in-hack-derev-blog-2ba4b5d66527) |
| Jun 2022 | $100m | [Harmony Bridge](https://bridge.harmony.one/) | [Harmony’s Horizon Bridge hacked for $100M](https://cointelegraph.com/news/breaking-harmony-one-s-horizon-bridge-hacked-for-100m) |
| Jun 2022 | $1.2m | [Inverse Finance](https://www.inverse.finance/) | [DeFi Protocol Inverse Finance Exploited for $1.2M](https://www.coindesk.com/tech/2022/06/16/defi-protocol-inverse-finance-exploited-for-12m/) |
| Jul 2022 | $9m | [Crema Finance](https://www.crema.finance/) | [$8.78M stolen in hack of DeFi protocol startup Crema Finance](https://siliconangle.com/2022/07/04/8-78m-stolen-hack-defi-protocol-startup-crema-finance/) |
| Aug 2022 | $200m | [Nomad Bridge](https://app.nomad.xyz/) | [Nomad crypto bridge loses $200 million in ‘chaotic’ hack](https://www.theverge.com/2022/8/2/23288785/nomad-bridge-200-million-chaotic-hack-smart-contract-cryptocurrency) |
| Aug 2022 | $611 | [Poly Network](https://poly.network/) | [Largest DeFi Hack: $611 Million Stolen from Poly Network](https://www.financemagnates.com/cryptocurrency/news/largest-defi-hack-611-million-stolen-from-poly-network/) |
| Sept 2022 | $8m | [Vulcan Forged](https://vulcanforged.com/) | [Play-to-Earn Gaming Platform Vulcan Forged Raises $8M in Series A Funding](https://www.coindesk.com/business/2022/09/21/play-to-earn-gaming-platform-vulcan-forged-raises-8m-in-series-a-funding/) |
| Sept 2022 | $160m | [Wintermute](https://www.wintermute.com/) | [Crypto Market Maker Wintermute Hacked for $160M, OTC Services Unaffected](https://www.coindesk.com/business/2022/09/20/crypto-market-maker-wintermute-hacked-for-160m-says-ceo/) |
| Oct 2022 | $100m | [Binance](https://www.binance.com/en) | [Binance Smart Chain Halts After $100M Crypto Theft!](https://www.techarp.com/money/binance-100m-crypto-theft/) |
| Oct 2022 | $90m | Mirror Protocol | [DeFi Hack Worth $90M Unveiled Seven Months Following The Theft](https://www.thecoinrepublic.com/2022/05/31/defi-hack-worth-90m-unveiled-seven-months-following-the-theft/) |
| Oct 2022 | $21m | [Transit Swap](https://www.transit.finance/) | [Transit Swap loses over $21M due to code bug exploit, issues apology](https://cointelegraph.com/news/transit-swap-loses-over-21m-due-to-internal-bug-hack-issues-apology) |
October 2022 – Binance
**The value of lost assets: 570 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206696766-3874d011-1271-4d52-ae5f-a09fdd6102e5.png)
The cryptocurrency exchange Binance temporarily suspended its blockchain network after hackers stole [570 million worth of](https://www.cnbc.com/2022/10/07/more-than-100-million-worth-of-binances-bnb-token-stolen-in-another-major-crypto-hack.html) target BNB tokens.
Binance said late on Thursday Oct 6 that a bridge connected to its token chain had been attacked BNB, [allowing hackers to move](https://www.cnbc.com/quotes/BNB.CM=/) BNB off-chain tokens. The so-called cross-chain bridges are tools that allow you to transfer tokens from one blockchain to another.
August 2021 – PolyNetwork
**The value of lost assets: 610 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206680936-d717b0ef-aeac-4cff-8aa2-899b6d5fd184.png)
Cryptocurrency exchange PolyNetwork, [due to](https://coinmarketcap.com/alexandria/glossary/cross-chain) the cross-chain protocol which was compatible for Bitcoin (BTC),Ethereum (ETH) and Neo (NEO) cryptocurrencies. The cross-chain transaction feature PolyNetwork allows users to transfer assets between different blockchains without having to convert them through exchanges.
[According to programmer](https://mobile.twitter.com/kelvinfichter/status/1425290462076747777) Kelvin Fichter, the protocol creates digital self-managed safes on two different blockchains. It then allows the user to withdraw funds from one box only after they receive confirmation from the other box that the corresponding amount of assets has been deposited into it.
The hacker (or hackers) managed to find a way to trick the safe box into releasing the funds stored in it without obtaining legal permission from another blockchain. They took advantage of this vulnerability on 10th August to steal over $610 million in total.
Fortunately, this story has a happy ending. The team [Poly Network](https://twitter.com/PolyNetwork2/status/1425123153009803267) made contact with the hacker shortly after the attack, [which eventually led to the return](https://www.reuters.com/technology/crypto-platform-poly-network-says-hacked-funds-returned-2021-08-23) of all $ 610 million worth of stolen assets.
September 2020
**The value of lost assets: 280 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681034-55c9cafc-1140-456c-bc0e-60100d4926d4.png)
Next on our list is KuCoin, another major crypto exchange that was hacked on 25th September 2020 , stripping $285 million of user assets. In this case, it can be noted that the [quick and accurate actions](https://news.bitcoin.com/kucoin-boss-on-strategy-after-hack-we-chose-to-act) on the part of the exchange, coupled with close cooperation with other companies in the cryptocurrency industry, allowed KuCoin to survive after the incident.
Within a week of the hack [Chainalysis](https://blog.chainalysis.com/reports/kucoin-hack-2020-defi-uniswap), the blockchain data processing company traced all the stolen funds and was able to get on the trail of the criminals. Their Reactor crypto-forensic tool kept the money out of sight, despite criminals trying to mask the movement of funds through coin mixers and [decentralized exchanges](https://coinmarketcap.com/alexandria/glossary/decentralized-exchange-dex) which usually leave no trace.
Through the use of blockchain tools and cooperation with other exchanges and law enforcement agencies, [KuCoin](https://twitter.com/lyu_johnny/status/1326465021346373632) returned the stolen tokens, and covered the remaining [losses from his own capital and](https://coinmarketcap.com/alexandria/glossary/insurance-fund) insurance fund. Moreover, after the attack, [the exchange established](https://www.kucoin.com/land/guardian) the Safeguard Program to enable other crypto companies to benefit from their invaluable experience in dealing with the consequences of a hack, if they find themselves in a similar situation.
With a skillful approach to resolving the incident KuCoin, she earned the respect of customers and rightfully ranked sixth among the [leading cryptocurrency exchanges]("https://coinmarketcap.com/rankings/exchanges/) with daily trading volume of about $ 1.92 billion as of August 2021.
February 2020
**The value of lost assets: 70 thousand US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681202-681ccb8b-0f2b-4603-9b79-771022b0b310.png)
The Italian exchange Altsbit only existed for a few months before it was hacked. The exchange initially [reported a hack](https://www.infosecurity-magazine.com/news/crypto-exchange-loses-almost-all/) claiming almost all funds had been stolen. After more thorough research, it turned out that Altsbit lost less than half of the stored cryptocurrency.
[Altsbit announced that](https://altsbit.com/order?url=dp-btc) it only had enough funds for a partial refund and [that they would close](https://cointelegraph.com/news/hacked-italian-exchange-altsbit-to-shut-down-in-may-2020) in May 2020. [The hacker group Lulzsec](https://twitter.com/LulzSec/status/1226018613666041857) claimed to be responsible for the hack, although it is still unclear how they managed to pull it off. Approximately 70,000 worth of cryptocurrencies were stolen.
November 2019
**The value of lost assets: 51 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681281-cfa44410-3c44-4d2f-8332-0505d2451df6.png)
The South Korean exchange Upbit suffered a major hack when the hackers escaped with 342 000 ETH at the time of the hack they were valued at $51 million. Rumors circulated that [this was an inside job](https://www.hackread.com/upbit-cryptocurrency-exchange-hacked-ether-stolen) the stolen cryptocurrency was allegedly taken from an Upbit cold wallet. This turned out to be a false alarm. Fortunately, Upbit he promised to cover the losses.
However, [the story does not end there](https://cointelegraph.com/news/upbit-hack-stolen-eth-worth-millions-on-the-move-to-unknown-wallets). The stolen cryptocurrency was on its way. Whoever took it moved it between wallets, though it’s not clear what purpose this would serve. [As of January 2020](https://cointelegraph.com/news/crypto-exchange-upbit-finishes-security-update-in-response-to-2019-hack) Upbit has completed a major security update after a brief suspension of service.
November 2019
**The value of lost assets: 500 thousand US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681351-38c4e8da-1fca-4530-83f4-425ea1725ab8.png)
Based in Vietnam VinDAX, this is a relatively small crypto exchange that mainly sells tokens for relatively unknown blockchain projects. The hackers don’t care about the size of the exchange, they only care about the money, [and they managed to](https://bitcoinexchangeguide.com/vietnam-crypto-exchange-vindax-hacked-losing-500000-in-cryptocurrencies/) half a million dollars worth of cryptocurrencies from VinDAX.
In response VinDAX, he sent an email to the projects [affected by the theft](https://www.theblockcrypto.com/post/46408/little-known-asian-crypto-exchange-vindax-got-hacked-lost-half-a-million-usd-worth-of-tokens) asking for funds. It is unclear whether any of the projects accepted the proposal or not.
July 2019
**The value of lost assets: 30 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681435-c9fb1428-dc05-4785-8bb3-50d8b91e5ff2.png)
The Japanese exchange Bitpoint noticed an error in its outgoing money transfer system and immediately suspended its services. However, it was too late. Due to a security breach, [hackers](https://www.theverge.com/2019/7/12/20691700/bitpoint-hack-bitcoin-ripple-cryptocurrency-exchange-stolen-funds) stole over 30 million worth of cryptocurrencies.
[Luckily,](https://cointelegraph.com/news/hacked-bitpoint-exchange-finds-23m-in-stolen-crypto) Bitpoint was able to recover $2.3 million in stolen cryptocurrencies from overseas exchanges. [Bitpoint stated that it would](https://cointelegraph.com/news/bitpoint-hack-shows-that-regulators-scrutiny-does-not-equal-safety) pay compensation to its users, but did not say when this would happen.
June 2019
**The value of lost assets: 5 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681570-874a088b-be8c-4a52-92d3-ce7e921da9e8.png)
The Singapore exchange [Bitrue has suffered a major](https://www.investopedia.com/terms/h/hot-wallet.asp) hot wallet hack. [Only](https://cointelegraph.com/news/singaporean-exchange-bitrue-gets-hacked-losing-5-million-in-xrp-cardano) 90 Bitrue users were affected but the stolen cryptocurrency was worth nearly $5 million. Luckily for users who lost their funds, [Bitrue assured them that](https://twitter.com/BitrueOfficial/status/1144066874147131392) they would be fully refunded.
June 2019
**The value of lost assets: 10 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681656-7fcd42ce-7498-43d1-a7c7-5b7720199a1f.png)
A cryptocurrency exchange GateHub based in the UK and Slovenia suffered a major hack [when hackers](https://www.theblockcrypto.com/linked/26370/hackers-stole-as-much-as-10m-in-ripple-in-a-gatehub-hack) stole $10 million worth of Ripple. While it is still unclear exactly how the hackers gained access to [users’ funds, the](https://cointelegraph.com/news/report-nearly-10-million-in-xrp-stolen-in-gatehub-hack) criminals managed to gain access to the encrypted secret keys. So far GateHub some progress has been made [in recovering](https://www.fxstreet.com/cryptocurrencies/news/gatehub-provides-update-on-the-10-million-xrp-hack-201906131706) the stolen funds.
May 2019 — Binance
**The value of lost assets: 40 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681733-2f75f30b-52cf-41c0-916f-a5006eaed78a.png)
Cryptocurrency exchange Binance affected by approximately the amount 7000 BTC. Hackers still managed to use phishing and malware to hack Binance. The attackers escaped with $40 million worth of bitcoins. [As a result](https://techcrunch.com/2019/05/10/binance-security-hack), Binance has promised to increase its security, but users are understandably wary.
It appears that customer data may also have been stolen. In August 2019, someone began to share information about checking customers from Binance on the channel Telegram. It is claimed that this data was also taken [during the hack and that](https://www.coindesk.com/binance-kyc-issue) up to 60,000 users could be affected.
March 2019
**The value of lost assets: 7 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681768-091978dd-02f1-467c-b808-53e556e00210.png)
The Singapore crypto exchange DragonEx was attacked, as a result of which hackers stole $7 million worth of cryptocurrency. [The North Korean hacker group Lazarus](https://selfkey.org/the-7-most-notorious-hacking-groups-of-all-time/) claimed responsibility for this. The hackers set up a legitimate-looking [fake company and](https://cryptonews.com/news/north-korea-used-linkedin-telegram-in-usd-7m-crypto-exchange-5705.htm) convinced DragonEx employees to download malware onto their computers via message on Telegram and LinkedIn.
DragonEx took full responsibility [for the hack and](https://tokenpost.com/Crypto-exchange-DragonEx-lost-7M-in-hack-announces-compensation-plan-1568) will refund money to those who lost funds. The exchange is also working with the police to see if they can recover the stolen cryptocurrency.
March 2019 – Bithumb
**The value of lost assets: 13 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681813-5e0fe727-f6fe-4101-b92e-ea1ca275d9c9.png)
A South Korean cryptocurrency exchange Bithumb has been the victim of alleged insider work. It all started with a suspicious withdrawal, [and the exchange](https://www.coindesk.com/crypto-exchange-bithumb-hacked-for-13-million-in-suspected-insider-job) immediately suspended all withdrawals on its platform, but it was too late. Who carried out the break-in is still unknown, but since there is no evidence of outside interference, many suspect that the funds were stolen by an employee at Bithumb.
March 2019 – CoinBene
**The value of lost assets: 100 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681853-a6af6f1d-ec46-48d8-a6c3-6cfe2dbf2067.png)
A cryptocurrency exchange CoinBene that began to experience problems when funds began to mysteriously leave the exchange’s hot wallet. [Analysts were concerned](https://cointelegraph.com/news/analysts-claim-coinbene-transactions-recent-activity-consistent-with-exchange-hack) that the exchange was down for maintenance, a typical post-hack reaction. [Despite](https://www.ccn.com/exchange-coinbene-swears-it-wasnt-hacked-traders-fear-the-worst/) assurances from CoinBene that nothing happened, the [exchange was down for a month](https://cointelegraph.com/news/over-100-million-missing-coinbene-claims-maintenance-a-month-of-questions-point-toward-a-hack).
One of the strangest aspects of this hack is the unwillingness of Coinbene to admit that something is wrong. [The hack also came on the heels of](https://cointelegraph.com/news/bitwise-tells-us-sec-that-95-of-volume-on-unregulated-crypto-exchanges-is-suspect). Bitwise Asset Manager report that accused Coinbene of fictitious trading to manipulate the cryptocurrency market. The details are still extremely vague, [but it is believed that](https://cointelegraph.com/news/over-100-million-missing-coinbene-claims-maintenance-a-month-of-questions-point-toward-a-hack) more than $100 million worth of cryptocurrencies were stolen in the hack.
February 2019
**The value of lost assets: 26 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206681943-f705e7f3-0000-4b17-a7c8-7ac5ab7b6a8e.png)
By a strange coincidence Youbit (previously known as Yapizon) was renamed to Coinbin. Already facing two massive hacks, you might think that Coinbin would be especially careful. However, this hack was an inside job.
[It appears that the a ](http://www.businesskorea.co.kr/news/articleView.html?idxno=29374) former CEO of Youbit was still working for Coinbin and embezzling the company’s funds. This employee allegedly had access to private keys and could withdraw funds from multiple accounts. [As a result](https://cointelegraph.com/news/south-koreas-coinbin-files-for-bankruptcy-with-26-mln-loss-cites-employee-embezzlement), Coinbin filed for bankruptcy and shut down, but still owes $30 million to users.
February 2019 — Coinmama
**Information leak: 450 000 user email addresses and passwords**
![image](https://user-images.githubusercontent.com/114734003/206682021-1a589262-5d35-4a30-b37d-43338277bc20.png)
This is a slightly less traditional hack because instead of stealing money, the hackers simply stole information. Coinmama is one of the largest [cryptocurrency brokers with](https://www.coinmama.com/) over a million active users. The impact of this hack appears to have been minor, as Coinmama quickly informed users once they [became aware that](https://www.ccn.com/breaking-major-crypto-brokerage-coinmama-hacked-450000-users-affected-in-massive-worldwide-breach) user data was being leaked onto the dark web. To date, not a single cryptocurrency coin has been stolen.
January 2019 – Cryptopia
**The value of lost assets: 24 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682070-fcdba00e-dc59-4144-a3b9-bcf161213bf0.png)
Unfortunately for Cryptopia , [they suffered](https://www.saturn.network/blog/cryptopia-exchange-hacked-again) another hack 15 days after the first one. That was the end of the New Zealand exchange – now they are going through the process of liquidation.
*Update 2020* Cryptopia is still in liquidation, but it has now been [revealed that the](https://bitcoinist.com/hacked-exchange-cryptopia-breached-aml-requirements/) exchange did not comply with anti-money laundering (AML) requirements when creating new user accounts. For more than 900,000 active user accounts, there is no customer data other than usernames and email addresses.
Fewer than 1% of users have completed customer identification, which is an important part of the AML procedure that ensure that customers are who they say they are. Thousands of cryptocurrency accounts worth more than [$3 million have been](https://www.rnz.co.nz/news/business/409243/cryptopia-anti-money-laundering-compliance-issues-revealed-to-court) traced to uninhabited islands or physical addresses that didn’t exist. Currently, many of those who lost funds in a hack are not eligible for a liquidator refund because there is not enough information about who owns which accounts.
While it’s unfortunate that it Cryptopiawas hacked twice in a row within a month, it’s clear that the exchange didn’t do its due diligence. Given that the majority of Cryptopia’s active users were from outside New Zealand, more needed to be done to enforce anti-money laundering measures.
December 2018
**The value of lost assets: 9 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682142-d2446fd8-3f2d-4972-9e8f-70b883e1af24.png)
QuadrigaCX was the largest cryptocurrency exchange in Canada, owned by Gerald Cotten.[Cotten was the only person](https://www.bloomberg.com/news/articles/2019-02-04/crypto-exchange-founder-dies-leaves-behind-200-million-problem) who knew how to access cold wallets owned by the exchange.
In December, [during his honeymoon in India](https://archive.is/GAheG) Cotten died and took any information on how to access cold wallets to his grave QuadrigaCX already experienced difficulties, there were rumors of bankruptcy, and with the death of Cotten, the stock exchange collapsed. [Conspiracy theories](https://decrypt.co/5853/complete-story-quadrigacx-190-million) began to surface that Cotten was not actually dead, he just pulled off a very elaborate exit scam.
When the investigation into finances began QuadrigaCX, things took a strange turn. Six cold wallets were found to belong to QuadrigaCX. However, when investigators looked through the wallets, [five of them](https://www.bloomberg.com/news/articles/2019-03-01/quadriga-has-6-cold-wallets-but-they-don-t-hold-any-crypto) were emptied around April 2018. Nobody knows exactly what happened and the investigation is still ongoing. [Cotten’s widow](https://www.coindesk.com/quadrigacx-founders-widow-will-cough-up-9-million-to-repay-users) voluntarily returned $9 million in assets from Cotten’s estate to pay users off.
*2020 update* A year later, what exactly happened to QuadrigaCX is still very unclear It is still claimed that Cotten is not actually dead, and there have been several attempts to exhume his body. The original request was denied, [however](https://coingeek.com/lawyers-increase-pressure-for-quadrigacx-ceo/) a new request has been made by lawyers representing those who have lost their funds.
There are also alleged ties to a shady bank in Panama called [Crypto Capital](https://finance.yahoo.com/news/quadrigacx-lawyers-claim-crypto-capital-100021555.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAHpAB2ko0IYfSMUCFf-d8wE8K9Q4OFNognHM_5yn8Zpa6-hhQwp3laK_kDt8cOxYfTEPMtg0YHQJRtN53C3kZ6iBkz3afwiICAWl8vwHyowl9C3fV3SLrT3mLwoWCcGllYVoph6h-8DNhrMb63px5PCM4v3dmG9djYkKNDy7zDBD) Exchange lawyers suspect that some of the missing funds may be stored in Crypto Capital, and have turned to all former users for help in this matter.
As of January 2020, [the FBI is involved](https://thenextweb.com/hardfork/2020/01/15/cryptocurrency-bitcoin-quadrigacx-fbi-investigation-gerald-cotten-crypto/) The FBI Victim Specialist contacts former users and directs them to a portal where they can get more information. It remains unclear whether we will ever get answers about what actually happened on the exchange.
October 2018
**The value of lost assets: 5,7 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682213-f1aa297e-fed5-49d7-b6d9-f56f45618d82.png)
This hack is still being debated as [many believe it was part](https://selfkey.org/the-ultimate-list-of-exit-scams-how-to-spot-one/) of an exit scam. MapleChange is a small Canadian [cryptocurrency exchange that has](https://news.bitcoin.com/maplechange-purported-hack-exit-scam/) experienced an unusual surge in exchange activity since October. Later that month, the exchange announced that it had been hacked and that all funds (worth $5.7 million) had been withdrawn. As a result, MapleChange has announced that it is closing its doors for good.
What made people suspicious was the immediate removal of the MapleChange website, social media accounts, and channels Discord and Telegram. The lack of communication led many to believe there was no hack, [despite](https://blockonomi.com/maplechange-hacked-scam/) MapleChange’s insistence that they were simply taking a break to decide how to proceed.
Instead of deciding to give anyone [back the money,](https://www.ibtimes.com/cryptocurrency-exchange-maplechange-hacked-exit-scam-allegations-surface-2728232) the crypto exchange gave away what little they had left to the developers who created the remaining coins. There is still no consensus on the Internet as to whether this was all a hack or another scam.
September 2018
**The value of lost assets: 60 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682304-b217116c-22dd-4ea5-9872-60aabd6ded68.png)
This is another case where it is not clear how the hackers stole the funds. [However](https://www.coindesk.com/crypto-exchange-zaif-hacked-in-60-million-6000-bitcoin-theft), Zaif filed a criminal case with the local authorities, which suggests that they have an idea of who did it. Either way, this Japanese exchange lost $60 million worth of cryptocurrencies.
June 2018
**The value of lost assets: 40 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682594-b41fa5da-bf30-4d22-986c-011ddb11d030.png)
Although the South Korean exchange Coinrail was a relatively small cryptocurrency exchange, it was doing a lot of business, which attracted the attention of [hackers](https://www.coindesk.com/coinrail-exchange-hacked-loses-possibly-40-million-in-cryptos).The exact details of the attack are still unclear, and the exchange lost about $40 million.
June 2018
**The value of lost assets: 31 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682644-13133909-77ac-4c5d-bd23-1e9f11c672f3.png)
Unfortunately, hacking problems Bithumb did not start in 2019. The exchange was also hacked in 2018, (and you will see them again on our list), with the hackers stealing a significant amount of Ripple. This hack appears to have been orchestrated by a group of North Korean [hackers known as the](https://www.zdnet.com/article/north-korea-blamed-for-two-cryptocurrency-scams-five-trading-platform-hacks/) Lazarus Group, who have been responsible for a number of cryptocurrency hacks over the years. [Luckily for users Bithumb,](https://www.zdnet.com/article/south-korean-crypto-exchange-bithumb-hacked/) exchange promised to return all stolen funds.
May 2018 – Bitcoin Gold
**The value of lost assets: 18 million US dollars**
![image](https://user-images.githubusercontent.com/114734003/206682703-b3973ee2-5905-4970-be91-ac4f4c10453d.png)
This is probably one of the strangest hacks on our list, since it was not a cryptocurrency exchange that was hacked, but a cryptocurrency. Bitcoin Gold was a fork [of the original Bitcoin that was](https://www.investopedia.com/tech/what-bitcoin-gold-exactly/) hard forked by Bitcoin in an attempt at decentralization (ironic, given that Bitcoin is already decentralized).
[Bitcoin Goldwas the victim](https://www.investopedia.com/terms/1/51-attack.asp) of a 51% attack, a rare case in which hackers managed to gain control of more than 50% processing power of a network. From there, attackers can prevent confirmations, allowing them to effectively stop payments between users and make changes to the network’s blockchain ledger. This type of attack was considered rare, if not impossible, until the Bitcoin Gold hack.
Using complex maneuvers, the hackers placed Bitcoin Goldtheirs on exchanges, exchanged them for other cryptocurrencies, and then withdrew the amount. [And since they](https://fortune.com/2018/05/29/bitcoin-gold-hack/) controlled the ledger of the Bitcoin Gold blockchain, they could simply put the original Bitcoin Goldback into their wallet, effectively stealing money from the exchanges.
May 2018 – Taylor
**The value of lost assets: 1,5 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682776-aa7cf7cc-d975-406e-84de-64744676ba4f.png)
Taylor is a cryptocurrency trading app that has had a successful initial coin offering (ICO)for funding. Unfortunately, [the hackers managed to](https://medium.com/smarttaylor/updates-on-the-taylor-hack-incident-8843238d1670) gain access to the company’s device shortly after and gain control of the password file. The attackers stole everything Ethereum collected during the ICO, in the amount of $1.5 million. There were fears that this was another exit scam, but [it appears that Taylor](https://medium.com/smarttaylor/development-update-march-2019-31fd5ad8707d) has gradually been able to recover.
April 2018 — CoinSecure
**The value of lost assets: 3,5 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682832-a4000c67-2e43-44a1-9b2d-f805c8e94e22.png)
CoinSecure, an Indian cryptocurrency exchange, lost $3.5 million worth of bitcoins during a hack. However, it looks like it was an inside job. The owners CoinSecurebelieve their former head of security stole the funds. Looks like they [messed something up, as](https://www.livebitcoinnews.com/coinsecure-hack-investigation-brings-new-evidence-to-light/) he was later arrested.
February 2018
**The value of lost assets: 170 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682886-2ab216a8-4280-424c-9206-a9e273e53ef5.png)
Over $170 million Bitgrail was stolen from the Italian stock exchange, and the details are a little blurry. While the owner, Francesco Firani, announced the break-in, other employees denied it and said there was [nothing wrong with it](https://fortune.com/2018/02/11/bitgrail-cryptocurrency-claims-hack/). People are skeptical about whether this was a real hack or an [attempted exit scam.](https://fortune.com/2018/02/11/bitgrail-cryptocurrency-claims-hack/).
January 2018 — Coincheck
**The value of lost assets: 533 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682926-6f7ed445-f113-43b1-8c3f-01cdba4c1fac.png)
Coincheckwas the leading exchange in Japan, but the hack showed how insecure the platform was. The hackers managed to spread the virus via email, allowing them to steal the private keys. After that, it was [surprisingly easy, as](https://blockonomi.com/coincheck-hack/) Coincheck did not use smart contracts or multi-signatures, and all the coins were stored in one wallet. The total value of the stolen cryptocurrency is one of the highest ever, with an estimated value of $533 million at the time of the hack.
It is noteworthy that the cryptocurrency exchange is still operating. [It started](https://www.coindesk.com/coincheck-exchange-has-now-reinstated-all-cryptos-since-january-hack) offering full service again in November 2018. While the hack was believed to have been carried out by [North Korean hackers](https://thenextweb.com/hardfork/2019/06/17/russian-hackers-coincheck-hack/) the malware was created by Russian hacker groups.
December 2017 – NiceHash
**The value of lost assets: 62 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206682965-76b74c7c-ae7e-46e9-86cd-7203066fcc07.png)
NiceHash is a cryptocurrency mining market that allows miners to rent out their [hashrate to others](https://www.coindesk.com/62-million-gone-cryptocurrency-mining-market-nicehash-hacked). Their payment system was compromised, resulting in the content of users’ bitcoin wallets being stolen. The exact amount stolen has never been confirmed by NiceHash, but it is believed to be 4736 Bitcoin worth about $62 million at the time. This story [ends on a happy note as](https://news.bitcoin.com/nicehash-returns-60-of-coins-stolen-in-the-hack/) NiceHash managed to return 60%of the stolen funds to users.
December 2017
**The value of lost assets: Unknown.**
![image](https://user-images.githubusercontent.com/114734003/206683028-f0088651-6335-4701-947d-fb772710490e.png)
Youbit (formerly known as Yapizon) was a relatively small South Korean cryptocurrency exchange that was previously hacked in 2017. [This time the hackers stole](https://cryptovest.com/news/another-bitcoin-exchange-hacked-youbit-files-bankruptcy-after-losing-users-coins/) 17% of the exchange’s assets. This was the end for Youbit, [the same day they](https://www.bbc.com/news/technology-42409815) filed for bankruptcy.
July 2017 – Bithumb
**The value of lost assets: 7 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206683059-a0140e3b-fa3f-4c3b-a795-1430700a5d4a.png)
Bithumbreappears on this list. At the time of the Bithumb hack, it was the fourth largest cryptocurrency exchange in the world. An unknown hacker managed to gain access to an employee’s [personal computer and](https://www.bleepingcomputer.com/news/security/fourth-largest-cryptocurrency-exchange-was-hacked-users-lose-ethereum-and-bitcoin/) steal the data of over 30,000 Bithumb users. Shortly thereafter, users began to notice that their accounts were being emptied.
April 2017
**The value of lost assets: 5 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206683097-97bfb415-1915-4f9e-8ff2-ef4c0f642c13.png)
Before Yapizon changed their name to Youbit, they were hacked for the first time. The attackers [managed to escape with](https://cointelegraph.com/news/korean-bitcoin-exchange-yapizon-confirms-5-mln-hack-all-customers-to-pay-with-balances) $5 million worth of bitcoins. Yapizon did their best to mitigate the damage.
August 2016 — Bitfinex
**The value of lost assets: 350 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206683145-5ff1d9e6-ea58-4d7b-9fc9-7f8500d58553.png)
This Hong Kong-based cryptocurrency exchange claims to be the most secure exchange in the world. Unfortunately, this turned out to be very untrue. Hackers stole a large amount of bitcoins through a processing service Bitfinex–BitGo. [The price of](https://www.coindesk.com/bitfinex-bitcoin-hack-know-dont-know) bitcoin plummeted as a result of the hack.
May 2016 – GateCoin
**The value of lost assets: 2 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206683187-dd8d0396-a2e6-437b-985d-f3e785da76d8.png)
At the time, GateCoin was one of the first regulated cryptocurrency exchanges, and its' popularity made it a prime target for attackers. The hackers managed to gain access to [users’ wallets and](https://thenextweb.com/hardfork/2019/03/14/gatecoin-cryptocurrency-exchange-dead/) steal $2 million worth of cryptocurrencies. It was the nail in the coffin for the GateCoin, the stock exchange never recovered.
April 2016 – ShapeShift
**The value of lost assets: 230 thousand US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206683245-994381bd-276a-4043-b053-23e2ab475d03.png)
Within a month, the cryptocurrency exchange ShapeShift was hacked three times. [According to](https://news.bitcoin.com/looting-fox-sabotage-shapeshift/) a detailed report by ShapeShift CEO Eric Voorhees, a former employee is [responsible for all three hacks](https://www.coindesk.com/digital-currency-exchange-shapeshift-says-lost-230k-3-separate-hacks). They pledged to restore the cryptocurrency, and they are one of the few who managed to do it successfully.
February 2015
**The value of lost assets: 1,5 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206683304-e909bbc1-1c2c-4144-9db8-8b30459fb905.png)
[The cold wallet](https://www.investopedia.com/terms/c/cold-storage.asp) of this Chinese exchange BTER was hacked, resulting in the loss of over [$1.5 million worth of bitcoins](https://siliconangle.com/2015/02/15/another-one-chinese-bitcoin-exchange-bter-com-claims-to-have-lost-7170-btc-in-major-hack/). Reddit users were very suspicious, as hacking a cold wallet is extremely difficult, and suggested that the hack was an inside job.
February 2015
**The value of lost assets: 3000 BTC**
![image](https://user-images.githubusercontent.com/114734003/206683367-39a7dbab-d51b-4e03-a0a5-c58352ea7b14.png)
You will see Linode further down our list, but this was a hosting server for several cryptocurrency exchanges. It was hacked again in 2014, this time causing a security breach on the server KipCoin. The hackers managed to take control of the entire platform by changing the passwords inside. A month-long struggle ensued, during which the administrators managed to regain control over the exchange, but the hackers still hid. [At the time of the hack,](https://coinjournal.net/chinese-exchange-kipcoin-hacked/) KipCoin did not tell users what was going on in light of the hack at Bitstamp, and only later revealed the information.
January 2015 — Bitstamp
**The value of lost assets: 5,1 million US dollars.**
![image](https://user-images.githubusercontent.com/114734003/206683401-ba43aeb1-8f43-4e7e-90cd-eee6a5dd25b4.png)
Bitstamp was the first licensed cryptocurrency exchange in Europe. [It was compromised when](https://www.coindesk.com/unconfirmed-report-5-million-bitstamp-bitcoin-exchange#targetText=According%20to%20the%20report%2C%20the,someone%20posing%20as%20a%20reporter) hackers sent a malicious email to Bitstamp employees, and only one employee followed the link and exposed the entire exchange. The attackers escaped with bitcoins, which were valued at $5.1 million at the time.
January 2015 – LocalBitcoins
**The value of lost assets: 17 BTC**
![image](https://user-images.githubusercontent.com/114734003/206683453-eb068be6-4818-4bd9-aaaf-71111efbd28b.png)
Although it was a relatively small hack, it proved its worth when it came to spending [money on cybersecurity](https://www.coindesk.com/localbitcoins-user-funds-stolen-chat-client-hack). The attackers used the local Bitcoins chat to distribute malware, after which they left with relatively little profit.
October 2014 – MintPal
**The value of lost assets: 3700 BTC**
![image](https://user-images.githubusercontent.com/114734003/206683517-85f32fe3-83c9-4e2a-9dcf-aa295b2e997f.png)
MintPal survived the second break-in in October (scroll down to read about the first break-in in July), but there were many more twists and turns in this case. Shortly after the July hack, [MintPal was](https://www.coindesk.com/moolah-acquires-troubled-altcoin-exchange-mintpal) bought by Moolah (also known as Moopay Ltd), owned by Ryan Kennedy, also known as Alex Green.
After a failed [restart of MintPal](https://www.coindesk.com/moolah-mintpal-closure-bankruptcy), Moolah announced that it is closing its doors, but users will still be able to use MintPal. However, user accounts were [locked out and users could](https://www.theguardian.com/technology/2014/oct/23/british-serial-entrepreneur-missing-bitcoin-apparently-stolen) track withdrawals from wallets and then watch them sell on another platform. Kennedy was the only one with access to client funds and he was currently on the run.
[Kennedy was](https://news.bitcoin.com/ryan-kennedy-rapist/) arrested in 2016 on suspicion of rape and is now in prison. [Now he is also](https://www.coindesk.com/former-dogecoin-exchange-ceo-faces-fraud-charges-uk) facing charges of fraud by the British police for his part in the break-in of MintPal.
July 2014 – Cryptsy
**The value of lost assets: 13 000 BTC и 300 000 LTC**
![image](https://user-images.githubusercontent.com/114734003/206683600-bb35c3c2-8218-4c30-a628-022e0a40e1f1.png)
A Trojan virus was inserted into Cryptsy’s code by the hacker, Lucky7Coin. As a result Lucky7Coin (and possibly others) have left with a staggering amount of cryptocurrencies. [Owner of Cryptsy, Paul Vernon](https://www.coindesk.com/cryptsy-bankruptcy-millions-bitcoin-stolen) was accused of destroying evidence and stealing bitcoins, and the exchange declared insolvency. Vernon was [successfully class-sued](https://cointelegraph.com/news/former-bitcoin-exchange-cryptsy-ceo-ordered-to-pay-82-mln-in-class-action-lawsuit) for $8.2 million.
July 2014 – MintPal
**The value of lost assets: 8 миллионов VRC**
![image](https://user-images.githubusercontent.com/114734003/206683694-4e6c754a-02d1-45ad-b31a-1602b4c07f1e.png)
Before the failed takeover of MintPal by Alex Kennedy, they experienced another break-in. The hacker found a weak spot in the withdrawal system on the exchange and managed to authorize the withdrawal from the [wallet Vericoin](https://www.ledger.com/remembering-the-mintpal-hack/). Bitcoin and Litecoin wallet sites were also attacked, but nothing was stolen. The hack resulted in the loss of 30% of everyone's Vericoin, [which led](https://www.coindesk.com/bitcoin-protected-vericoin-stolen-mintpal-wallet-breach) the Vericoin development team to decide to hard fork in order to mitigate the damage.
March 2014 — Mt.Gox
**The value of lost assets: 850 000 BTC**
![image](https://user-images.githubusercontent.com/114734003/206683772-5f1e1ccc-132b-47b1-8399-476a15b7279a.png)
You might be surprised to see this name again and be associated with one of the biggest hacks of all time. The investigation is still ongoing and the situation is far from clear, but it looks like when Mt.Gox was originally hacked in 2011, the attackers also stole some private keys. Hackers gained access to a large amount of bitcoins and began to empty wallets.
Allegedly due to an error in the systems, [the Mt.Gox](https://medium.com/@jimmysong/mt-gox-hack-technical-explanation-37ea5549f715) exchange interpreted these withdrawals as deposits for almost two years. It was a huge mistake that cost users $45 million and ended the cryptocurrency exchange. Mt.Gox filed for bankruptcy within a month, causing the price of bitcoin to drop by 36%. [The former CEO of Mt.Gox](https://cointelegraph.com/news/aug-21-digest-mark-karpeles-re-arrested-in-japan-world-wide-web-consortium-to-launch-web-payments-working-group) was arrested in 2015 after he was found to be in possession of $2 million worth of bitcoins, which were allegedly stolen in a hack.
[In 2017 a Russian citizen named](https://cointelegraph.com/news/absolutely-bizarre-aspects-of-22-bln-btc-e-mt-gox-hacking-incident) Alexander Vinnik was arrested by US authorities for a key role in laundering bitcoins that had been stolen in a hack. The story isn’t over yet, but there doesn’t seem to be a clear solution in sight either.
March 2014 – Poloniex
**The value of lost assets: 97 BTC**
![image](https://user-images.githubusercontent.com/114734003/206683812-f831108a-2103-4f15-93ff-3d7b82a7dc02.png)
In the same month, hackers managed to use the wrong withdrawal code of this cryptocurrency exchange in the United States. While the company did not reveal exactly how much was stolen, [the figure was](https://bitcointalk.org/index.php?topic=499580) explained on the Bitcointalk forum. There are still rumors about whether the hack was an inside job or not.
November 2013
**The value of lost assets: 484 BTC**
![image](https://user-images.githubusercontent.com/114734003/206683856-da0ef00e-8f27-46aa-b923-b1c322b33675.png)
The Czech exchange Bitcash lost bitcoins after its servers were hacked. [The attackers](https://www.coindesk.com/czech-bitcoin-exchange-bitcash-cz-hacked-4000-user-wallets-emptied) gained access to the email and sent out a phishing scam, posing as Bitcash, in order to obtain customer information, which they then used to steal funds.
May 2013 — Vicurex
**The value of lost assets: 1454 BTC**
![image](https://user-images.githubusercontent.com/114734003/206683893-234e1d57-857e-4b7a-9d7b-24a00fec421b.png)
While the hack Vicurex has never been accurately confirmed (some believe it was an inside job), the cryptocurrency exchange has announced that it has lost most of its reserve funds to the hackers. Vicurex, which is on the verge of bankruptcy, [froze all withdrawals, causing](https://www.coindesk.com/former-customers-sue-vircurex-exchange-over-frozen-crypto-funds) several former clients to sue the company for withholding their money.
September 2012 – BitFloor
**The value of lost assets: 24 000 BTC**
![image](https://user-images.githubusercontent.com/114734003/206683950-b62dacf2-97a4-4a04-9aac-0e096e77535f.png)
At the time of the hack, BitFloor was the fourth largest exchange in the US market. The attackers managed to gain [access to the servers and](https://bitcoinmagazine.com/articles/bitfloor-hacked-250000-missing-1346821046) find unencrypted backup wallet keys. From there, they simply siphoned funds otaling $250,000.
May 2012 – Bitcoinica
**The value of lost assets: 18457 BTC<**
![image](https://user-images.githubusercontent.com/114734003/206683997-3f0138b3-7d3e-4183-bc92-5f50335290a5.png)
Unfortunately for Bitcoinica, just two months after the initial hack, they suffered another hack. This led many to suspect that the initial security problems that arose from the March attack on Linode, were never effectively resolved. The site was immediately [taken down and](https://bitcoinmagazine.com/articles/Bitcoinica_An_Obituary-1336979566) the exchange permanently shut down.
March 2012 – Linode
**The value of lost assets: 43000 BTC**
![image](https://user-images.githubusercontent.com/114734003/206684049-234e73b5-060b-405a-ae4b-e47bc89e145c.png)
It’s a little tricky. Linode is a web hosting provider that hosts cryptocurrency exchanges [Bitcoinica and Slush](https://www.theregister.co.uk/2012/03/02/linode_bitcoin_heist/). Linode itself was hacked, and the attackers managed to steal significant amounts of Bitcoin from both exchanges.
June 2011 – Mt. Gox
**The value of lost assets: 2643 BTC**
![image](https://user-images.githubusercontent.com/114734003/206684076-bee8c813-3bd4-4f5c-b185-0682aaf59448.png)
Although it was a relatively modest hack at the time, it was only the beginning of the problems for Mt.Gox. In the course of this hack, hackers were able to gain access to a computer belonging to an auditor on a cryptocurrency exchange. [The hacker](https://www.ledger.com/hack-flasback-the-mt-gox-hack-the-most-iconic-exchange-hack/) changed the price of bitcoins to $0.01, bought them at an artificially low price, and fled with a small fortune.
Conclusion:
Hackers will never stop attacking cryptocurrency exchanges as long as they remain profitable. While a good cryptocurrency exchange will have several security measures in place. Do your due diligence when signing up for an exchange to make sure you don’t become a victim.