The world of crypto is volatile and fast-moving – and for as many investment opportunities as it represents, the risks presented by cryptocurrencies can also become costly losses for the unprepared.
In crypto, much is said of the encryption technology of the blockchain and of cryptocurrencies themselves, likening themselves to the true digital equivalent of cash. Yet the problem with cash, of course, is that it can be stolen.
Crypto crimes are becoming ever more daring
Once thought impossible in the crypto space, these super secure blockchain coins are actually becoming lucrative opportunities among the criminal underworld – or even the brave and the bold who have access to areas of an organization that expose vulnerabilities in a given crypto token’s network.
Whether crimes of opportunity or meticulously planned thefts, schemed to the last detail, there’s no denying that the headlines today are ablaze with crypto crimes as much as they are opportunities.
Is this the cost of creating true digital cash? Is regulation the answer, or does that invalidate the decentralized philosophy that crypto collectors uphold so passionately?
Whatever the answer, here are the biggest crypto heists we know – backed by data from Statista.
Poly Network – $611 million in crypto stolen
The largest crypto heist ever recorded is also troublingly recent, considering when it was executed. In August 2021, the peer-to-peer token exchange Poly Network announced that over $611 million in crypto coins and tokens had been illegally removed from its platform.
The staggering sum had many raising concerns over the decentralized finance (DeFi) space and its comparative lack of regulations when compared to traditional fiat money systems.
Indeed, it may well be the more regulated fiat system that ultimately prompted the thieves to return the crypto to Poly Network. While both the organization and Twitter discourse surrounding the crypto heist labeled it a ‘white hat’ hack that exposed security vulnerabilities in Poly Network’s digital infrastructure, some experts believe that laundering such an incredible sum of crypto was almost impossible for the criminals to get away with – hence the return of the funds.
Ronin – $540 million in crypto stolen
Ronin is most widely known as the organization responsible for pioneering the NFT-based online video game Axie Infinity. However, an unfortunate crypto heist in 2022 has tarnished this reputation as an innovator in the entertainment industry with a high-profile hack, to the tune of $540 million in stolen crypto tokens.
Both Ether coins, part of the leading cryptocurrency Ethereum, as well as USDC stablecoins were stolen as part of the heist. It’s important to remember that, although the value of the stolen assets has since ballooned to $625 million as time has passed, the $540 million value as of late March 2022 still makes this a hugely significant security breach.
Many in the United States have blamed criminals in North Korea for the crime. However, what makes this crypto heist especially egregious is that it utilized specialized internal protocols and node infrastructures developed by Ronin themselves to ‘override’ the traditional checks and security measures that blockchain technology uses when moving funds from user to user. This has once again raised huge concerns over the efficacy of security in decentralized finance at large.
Coincheck – $500 million in crypto stolen
Until the dawn of the 2020s, the infamous Coincheck crypto heist was the biggest of its kind in history. Headquartered in the Japanese capital of Tokyo, Coincheck is a cryptocurrency exchange, designed to easily allow users to switch between crypto tokens and invest speculatively in assets.
This was one of the first crypto heists that put something of a stalemate in place between the criminals and the financial institutions responsible for the crypto ecosystem. For example, although the more obscure NEM crypto token was the one chosen when making off with £500 million, it has the same transparency in wallet addresses as almost all other crypto uses.
As such, said NEM addresses were able to simply be blocked by other exchanges, meaning that the criminals were unable to convert the $500 million into more tangible and effective currency. Neither could they spend the NEM tokens themselves, which were blocked whenever coming from the flagged wallet addresses.
Mt. Gox – $480 million in crypto stolen
While we’re remaining in Japan to discuss this next crypto heist, we are casting the timeframe of the crime back to 2014 – when the crypto world was far more straightforward. Unfortunately, that did not mean that hacks against crypto exchanges such as Mt. Gox were any less devastating.
In fact, the aftermath of the $480 million being stolen from the Japanese crypto exchange in question was such that the business had to file for bankruptcy. The thieves made away with the funds entirely in Bitcoin, and at the time the crypto heist sent shockwaves around the world – shockwaves so impactful that many considered it the death knell of Bitcoin altogether.
Naturally, time has proven that the crypto world has in fact only grown more vast and complex following this heist. However, even this devastating blow was the second time that Mt. Gox had been hacked – originally suffering a similar crypto heist in 2011.
Wormhole – $326 million in crypto stolen
Proving once again that 2022 has become a landmark year for history-making crypto heist activities, the crypto token bridge Wormhole suffered a hack in February 2022 that saw over $326 million dollars in wETH (wrapped Ethereum) stolen.
Wormhole functions as a way for users to transfer the value of one crypto token to another – in this instance, it was the bridge between Ethereum and Solana crypto tokens that had been targeted by cybercrime.
Interestingly, Wormhole offered to let the hacker keep $10 million in crypto as a ‘bug bounty’ if the remainder of the stolen tokens were returned – a stunning move, that some might say even incentivizes cybercriminals to attempt crypto heist activities more often for the rewards, if not the full spoils of the crime, should such a precedent be set.
KuCoin – $285 million in crypto stolen
Online thieves who exploited the weaknesses of the ‘hot wallet’ powering popular crypto exchange KuCoin were able to make off with an aggregated $285 million in 2020 – believed to be the biggest crypto heist of that year.
Priorities at KuCoin shifted immediately to ensuring that users’ funds remained covered, although interestingly, not all of the stolen funds were able to be recovered. 16% of the stolen sum had to be reinstated via insurance for KuCoin.
Naturally, the crypto heist at KuCoin motivated the organization to double down on security protocols and upgrading its infrastructure, yet as this very article demonstrates – cybercriminals seemingly can always find a way into any and all exchanges for crypto assets if they truly want to.
Furthermore, the scores they are making off with as the decade goes on only seem to be getting bigger and more daring.
BitMart – $196 million in crypto stolen
In 2021, cybercriminals were able to exploit security weaknesses in the BitMart crypto exchange and make off with a mixed bag of crypto tokens – totalling over $196 million in value at the time.
The stolen crypto, largely on the Ethereum blockchain save for $96 million in Binance Smart Chain tokens, was stolen via the utilization of private crypto keys, which had been accessed illegitimately after being compromised.
While BitMart was left to compensate users entirely out of the organization’s own capital, the criminals responsible for the crypto heist were able to cover their tracks more effectively to ensure the funds were laundered and capable of being cashed out.
To do so, they reportedly used 1inch to swap tokens for ETH, following that by then using that ETH with Tornado Cash to conceal their identities. This level of forward planning demonstrates that this was likely a coordinated and delicately planned crypto heist, rather than a crime of opportunity.
BitGrail – $170 million in crypto stolen
In 2018, the lesser known Italian crypto exchange BitGrail saw the likewise comparatively little known cryptocurrency Nano as the coin of choice for cybercriminals, who made off with the equivalent of $170 million of them in a daring heist.
The crime was significant enough to actually dent the trading price of Nano as a cryptocurrency for a short time, although it soon bounced back – crypto often proving resilient in even the most surprising market conditions.
This crypto heist was among many in 2018 that encouraged many investors to behave far more cautiously when investing on smaller and more unproven exchanges – or indeed, storing the majority of their crypto assets in ‘cold wallets’ and away from exchanges altogether.
Crypto crime continues to grow
The more complexity and regulation that gets introduced to the crypto market, the more inventive and ostentatious cybercriminals seem to be becoming. As crypto continues to boom and draw attention, the industry as a whole is experiencing as many growing pains as it is opportunities.
As the aggregate dollar figures of crypto funds being stolen increases in one shocking crime after the next, it seems security in the crypto industry is going to become ever more a talking point in the months and years ahead.