While the crypto boom of 2017 has brought many new investors and traders to this new market, it
has also attracted the attention of many hackers.
In today’s article, we shall be looking at the biggest cryptocurrency hacks of all time which serve as a
reminder to take all possible security measures.
Bitfinex
Bitfinex is a cryptocurrency exchange that has gained around two million users and has a daily volume of billions of dollars’ worth of transactions.
But the company suffered an attack in August 2016, in which 120,000 bitcoins were stolen by an anonymous hacker. This was the second largest of cryptocurrency hacks that ever happened at that time. The sum was estimated to be around $72 million. Today, this would mean a much a larger sum.
The hack took place due to Bitfinex’s using multi-signature wallets which were introduced 12 months
prior to the hack, which ironically was meant to enhance fund security.
But there was a coding issue. Theoretically, Bitfinex had to hold two keys, and BitGo one and a
transaction would require that all parties to independently use their keys.
But instead, BitGo just copied what Bitfinex did. And when hackers accessed Bitfinex’s servers, they
were also able to get to the wallets. This cryptocurrency hack led to a drop of 20 percent in Bitcoin.
The DAO
Most hackers target Bitcoin funds. But that doesn’t mean that there weren’t any altcoins that suffered from the hand of hackers. The biggest altcoin, Ether, was also a victim of such attack.
The hack occurred because of the DAO smart contract which was running on the Ethereum blockchain, that operated like a venture capital fund.
This enabled those that bought the coins in the crowdfunding in DAO to vote on which companies the fund should receive investment funds.
In the first ICO phase, 12.7 Ether ($150 million) were raised, which made it the biggest token sale of
that time. 14 percent of all Ether in circulation was owned by the DAO.
But in June 2016, a loophole in the DAO code enables a hacker to create a “Child DAO.” They were
able to use this to implement a recursive function into the withdrawal request which made DAO
continue to give more Ether for the same amount of DAO tokens. $50 million were siphoned through
this vulnerability.
This cryptocurrency hack was what made the Ethereum blockchain fork which resulted in the creation of Ethereum Classic, which is the old version of the blockchain, and the new version of Ethereum.
Coincheck
The Coincheck is Tokyo-based crypto exchange which suffered a security breach in January 2018 that affected NEM holders.
This attack dethroned Bitfinex and made it the second-largest crypto hack of all time of cryptocurrency hacks. The hacker stole 500 million NEM coins which had an estimated value of $550 million at that time, but then the coin’s price suffered a 20 percent drop after the news went public. The amount stolen was around five percent of the total supply of NEM.
The hacker was able to enter the network undetected and stay like that for eight hours, time in
which he was able to take funds and send them to 11 separate accounts. All these accounts are now
labelled with coincheck_stolen_funds_do_not_accept_trades : owner_of_this_account_is_hacker.
The company stated that they will give back the funds to 260,000 affected customers using capital
from their own pocket. They will be given ¥88.549 for each NEM coin.
NiceHash
NiceHash, a Slovenian marketplace for renting has for mining cryptos, was hacked in December.
It is yet unknown just how much was stolen, but it is estimated that wallet which held 4,736.42
Bitcoins was the victim of the hack. The sum was estimated at that time to be around $70 million. Its CEO Marko Kabal resigned from his position after the hack, and the platform relaunched itself on Dec. 22, 2017.
But in spite of its loss, NiceHash managed to recover quite well and to keep an active user base. The company announced that they will be returning the funds to those that lost their money in the attack:
“We are happy to announce we have been able to reserve the funds required to restore balances from
a group of international investors. Old balances will, therefore, be restored by January 31, 2018. We
need this interim period to ensure all legal paperwork is processed correctly, so please be patient
while we do this.”
Mt. Gox
The Mt. Gox incident is the most known of cryptocurrency hacks that ever happened in the crypto world. It is currently the biggest and most publicized Bitcoin hack to date. Before the hack, Mt Gox was one of the biggest crypto exchanges in the space which handled more than 70% of all Bitcoin transaction.
In 2011, one of the computers of the company’s auditors was compromised by the hacker. This gave him access to the exchange, allowing him to modify the value of Bitcoin to one cent. Then a huge “ask” order was created, thus generating a mass selloff.
But this came to light years later, as, in February 2014, it was discovered that 850,000 Bitcoins were siphoned over a period of three years. 750,000 BTC were taken from Mt. Gox’s wallets. The transaction details were also edited to make it appear like the transaction never existed.
In the aftermath, it was estimated that Bitcoin had a drop of 36 percent in its price.
Final words
These hacks are cautionary tales to traders that leave their cryptos in the wallets of exchanges. You
should always move your funds to a secure wallet.
