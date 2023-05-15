While centralised exchanges have historically been the primary target for hackers, DeFi platforms have recently been targeted as well. Here’s a look at some of the biggest hacks that have occurred in the crypto industry.

Crypto-related crimes are a burgeoning plague in the sector, but perhaps what is more concerning is that the number of thefts has risen constantly over the last few years. According to reports from Chainalysis, illicit addresses received $14 billion in 2021, roughly doubling the amount of $7.8 billion received in 2020. Furthermore, hackers were responsible for stealing $3.8 billion in 2022, up from $3.3 billion in 2021. While centralised exchanges have historically been the primary target for hackers, DeFi platforms have recently been targeted as well. Here’s a look at some of the biggest hacks that have occurred in the crypto industry.

Bitfinex - $3.6 billion

The Bitfinex crypto exchange, based in Hong Kong, said that it had suffered a major security breach in August 2016, in which around 2,000 approved transactions were sent to a single wallet from users' segregated wallets. As a result, nearly 120,000 bitcoins, worth about US$72 million at the time, were stolen from the exchange. Based on Bitcoin’s current price, the stolen goods represent around $3.24 billion.

Later in 2022, US federal authorities arrested a New York couple, Ilya Lichtenstein and Heather Morgan, in connection to the crime. The Department of Justice (DOJ) alleged that the two attempted to launder these stolen Bitcoins, although it is still unknown who was responsible for the initial hack. In February 2022, the Justice Department seized 94,000 of these stolen bitcoins.

Binance - $570 million

In another case of theft from a centralized exchange, hackers stole around $570 million worth of BNB tokens from Binance. As a side note, BNB is the native token of the blockchain network, Binance Smart Chain (BSC). Binance, BNB, and the BSC are all components of a larger ecosystem.

In October 2022, the BSC Token Hub, a cross-chain bridge, was exploited by hackers who minted extra Binance Coins (BNB) and withdrew 2 million of these tokens. A BSC token hub serves as a bridge between the BNB Chain (BSC) and the BNB Beacon Chain (BEP2). It was later reported that the hack was carried out through a bug in a smart contract.

Coincheck - $534 million

In January 2018, Japanese crypto exchange Coincheck suffered an attack that wiped out $523 million worth of NEM coins, which was around $534 million at that time. NEM is the cryptocurrency developed for the New Economy Movement network.

The breach was allegedly carried out by manipulating the exchange's hot wallet, which is a digital assets wallet accessible via the Internet. The exchange eventually revealed that hackers gained access to their system due to a staff shortage and that they were unaware of the intrusion until a few hours later. The attack was reported to have affected 260,000 Coincheck customers.

Coincheck managed to continue operating after the hack and was bought by Monex Group, a Japanese financial services company, a few months later. In August 2022, Coincheck announced that it would compensate its users as it sought to resume more of its operations.

Mt. Gox - $473 million

Over 850,000 bitcoins were stolen from Tokyo-based crypto platform Mt. Gox in a sequence of transactions between 2011 and 2014, making it the most infamous hack on a centralized exchange. During its peak, Mt. Gox was said to process around 70 percent of all Bitcoin transactions, making it a prime target for hackers.

The stolen assets were worth around $473 million when the hacks were carried out. Initially, no information surfaced on how the massive theft took place, but later it was revealed that the coins were stolen from the company's hot wallet. On closer inspection, it was revealed that the private keys of the wallet were compromised in September 2011, which were used to constantly steal new deposits.

Wormhole - $325 million

The Wormhole exploit is perhaps the biggest theft that occurred on a DeFi platform to date. Wormhole functions as a cross-chain bridge, which is used to facilitate the transfer of assets from one blockchain to another.

In February 2022, the bridge was exploited, resulting in the theft of $325 million. It was reported that a hacker, or hackers, manipulated the protocol's validation system and faked the verification process while minting wrapped ETH (WETH). After the mint was complete, 94,000 tokens were swapped on Ethereum and the rest on Solana in exchange for other altcoins. In this process, around 120,000 tokens were lost, which were worth around $325 million at that time. Despite offering a $10 million bounty on the hacker, the network's attempts to recover funds have been largely unyielding as of yet.

Conclusion:

Such incursions go to show that blockchain security has not been able to keep with up other technological innovations in the sector.

Last month, more than $103 million was stolen from crypto projects, bringing the total crypto exploit loss in 2023 to $429.7 million, according to auditing firm CertiK. The previous month saw significant crypto exploits, including sandwich attacks through MEV trading bots, a $22 million hot wallet exploit at the Bitrue exchange, and a $13 million theft from the South Korean exchange, GDAC.