180 hack event(s)
Description of the event: On December 1, the Australian cryptocurrency exchange BTC Markets accidentally disclosed the full names and email addresses of all its customers in marketing emails sent to customers, which may expose all customers to potential phishing attacks. These emails are sent in batches of 1,000, which means that every customer has received the names and email addresses of 999 other users. BTC Markets CEO Caroline Bowler said that the company sincerely apologized for the incident and emphasized that the executives of the exchange are currently working around the clock to minimize the impact of violations and implement “additional security features”. To prevent future information leakage. Bowler advises BTC Markets customers to ensure that two-factor authentication is enabled to protect their accounts and to change the password of their email account.
Amount of loss: - Attack method: Information Leakage
Description of the event: Mike Kayamori, CEO of cryptocurrency exchange Liquid, posted a notice on the official website that a data leakage security incident occurred on the exchange on November 13. A domain hosting provider that manages a core domain name mistakenly transferred control of the account and domain name to a malicious intruder, allowing it to change DNS records, thereby controlling a large number of internal email accounts, and being able to partially damage the exchange’s Infrastructure and gain access to stored documents. After detecting the intruder, immediate action was taken to intercept and contain the attack to prevent further intrusions and reduce the risk of customer accounts and assets, while conducting a comprehensive review of the infrastructure. It can be confirmed that the customer's funds are safe, and the cold wallet based on MPC (Multi-Party Computing Protocol) is safe and has not been damaged. The relevant regulatory agencies have been notified of the intrusion and will continue to communicate in the next few days. The attacker may have obtained the user's email, name, address, and password. At present, Liquid is investigating whether the attacker has accessed the identity documents and photos submitted to KYC for verification, and will provide updates after the investigation.Liquid announced the final findings on January 20, 2021. Liquid stated that 169,782 items of user data including email addresses, names, encryption passwords, API keys, etc. have been leaked. Among them, the personal information that may be accessed illegally is the user who went through the KYC process before October 2018, such as the user's ID card, self-portrait picture, proof of address and other identity verification documents 28,639.
Amount of loss: - Attack method: Information Leakage
Description of the event: Recently, a user suffered a phishing attack while visiting the Curve exchange website, and lost 20 Bitcoins. It is reported that the fraud group used the Google advertising system to purchase Google search ads, pretending to be the Curve exchange for fraudulent advertising. Due to google’s new advertising program, ads are usually displayed in the first place in search, which has caused many users to be deceived.
Amount of loss: 20 BTC Attack method: Phishing attack
Description of the event: KuCoin exchange issued an announcement stating that KuCoin detected large withdrawals of Bitcoin and ERC-20 tokens in multiple hot wallets in the early morning of the 26th, and the deposit and withdrawal services have been suspended. KuCoin stated that the total amount involved in the KuCoin platform accounts for a relatively low proportion of the total funds held on the KuCoin platform, and the assets in the KuCoin cold wallet are not affected. At the same time, KuCoin has redeployed the hot wallet for the first time. KuCoin officially stated that if any user suffers losses in this incident, KuCoin and its insurance fund will be fully borne by KuCoin. KuCoin has now started a comprehensive internal security review. During this period, the deposit and withdrawal services will be suspended. The specific opening time will be Further notice. Kucoin said it will announce more details as soon as possible. As previously reported, starting at 2:49 am Beijing time on September 26, Etherscan marked the address of the cryptocurrency exchange KuCoin to transfer a large number of tokens, including MKR, USDT, OCEN, etc., to a new address beginning with 0xeb31973e0f. Including 11,486 Ethereum, 19,788,586 USDT, 525,405 Gladius (GLA), 77,874 Hawala (HAT), 21,660,274 Ocean Token (OCEAN), 8,893,428 Chroma (CHR), 30,452,178 Ampleforth Network (AMPL), 198,678 Ankr (ANKR) etc.
Amount of loss: $ 150,000,000 Attack method: Wallet Stolen
Description of the event: European encrypted exchange ETERBASE has been hacked, resulting in the theft of some hot wallets and the loss of more than $5.4 million in assets.
Amount of loss: $ 5,400,000 Attack method: Wallet Stolen
Description of the event: South Korea’s third largest digital currency exchange, Coinbit, was seized and investigated by South Korean police. Its chairman and operator were suspected of internal transactions and manipulation of market prices. The police claimed that the company was suspected of using illegal means to earn at least 100 billion won in illegal profits (approximately 85 million US dollars), and Coinbit was also suspected of forging more than 99% of its transaction volume.
Amount of loss: $ 85,000,000 Attack method: Scam
Description of the event: Some cybercriminals have been counterfeiting the BTC ERA trading platform in order to infect potential users with malware. The cybersecurity company discovered that the perpetrators had been sending emails allegedly from BTC ERA to induce users to invest and pay.
Amount of loss: - Attack method: Phishing attack
Description of the event: KuCoin, a cryptocurrency exchange, warned of fraudulent websites using its brand to try to steal cryptocurrencies. The website provides false rewards to induce users to deposit digital assets.
Amount of loss: - Attack method: Phishing attack
Description of the event: OKEx has confirmed that the latest 51% attack caused ETC losses of approximately $5.6 million. Out of concerns about the security of the ETC mainnet, it is considering removing ETC from the exchange. According to a report released by OKEx on Saturday, OKEx will repay all the ETC lost by users.
Amount of loss: $ 5,600,000 Attack method: 51% attack
Description of the event: Spanish cryptocurrency exchange 2gether has been maliciously hacked, affecting around 5,500 users who trade on the platform. According to a statement by Spanish police dated 22 February 2022, a team from the Ministry of Cybercrime has arrested five persons suspected of hacking. A 2gether employee was reportedly found guilty of stealing $7 million from the company. He downloaded a pirated movie that contained malware. The malware hacked into the exchange’s systems, allowing hackers to steal more than $7 million in BTC and ETH. Police found attackers using computer viruses such as Remote Access Trojans (RATs) to gain access to 2gether's internal network. Although the employee gave the hackers access to the company's network, the attackers spent about six months analyzing the exchange's activity before carrying out the theft.
Amount of loss: $ 7,000,000 Attack method: Trojan horse virus
Description of the event: Cashaa, a UK-based cryptocurrency exchange, said hackers stole 336 Bitcoins from a wallet on the exchange. The company has now stopped all transactions related to cryptocurrency.
Amount of loss: 336 BTC Attack method: Malicious Software
Description of the event: The new version of DeversiFi encountered a vulnerability in less than a week after it was launched. The official said that it would be fixed as soon as possible. The cause of this vulnerability was that a trader tried to submit an order larger than the limit, and the logic of why the system designed order limit is to avoid user's misoperation. After that, the system still repeatedly submitted the order, but it was continuously rejected by the system, which affected the processing of other orders.
Amount of loss: - Attack method: System design defect
Description of the event: The LMEX Stock Exchange's community issued a notice on the adjustment of exchange operations, stating that the platform was hacked and stolen and lost 150,000 USDT, which caused the platform to have a low debt. The deposit and withdrawal have been closed.
Amount of loss: 150,000 USDT Attack method: Unknown
Description of the event: According to the official news from Youbi Exchange, Youbi has encountered heavy network-traffic DDoS attacks for three consecutive days since the platform coin subscription was launched on May 06, which caused the server to be inaccessible in a short time.
Amount of loss: - Attack method: DDoS Attack
Description of the event: -The official announcement of BitSG Exchange stated that its websites bitsg and app suffered from uninterrupted DDOS continues attacks, resulting in the inability to log in normally during certain periods.
Amount of loss: - Attack method: DDoS Attack
Description of the event: Hacker Exploits Flaw in Decentralized Bitcoin Exchange Bisq to Steal $250K.
Amount of loss: $ 250,000 Attack method: Defects in the transaction agreement
Description of the event: VBITEX platform was hacked, resulting in malicious manipulation of platform data and theft of virtual assets.
Amount of loss: - Attack method: Unknown
Description of the event: The FCoin exchange claimed that due to funding difficulties, the fund reserves could not be redeemed for user withdrawals, and the estimated amount of funds that could not be redeemed was between 7,000-13,000 BTC.
Amount of loss: - Attack method: Scam
Description of the event: The Italian cryptocurrency exchange Altsbit was hacked. As of now, the value of stolen Bitcoin and Ether is about 70,000 U.S. dollars. The website stated that it will be closed after partial refund of client funds.
Amount of loss: $ 70,000 Attack method: Wallet Stolen
Description of the event: South Korean exchange Upbit 342,000 ETH worth about $50 million was stolen. The exchange’s alleged theft occurred while assets were being transferred between hot and cold storage wallets, leading some to speculate that the incident may have been an internal job rather than an external breach. On January 14, 2025, the United States, Japan, and South Korea mentioned in a joint statement that the Upbit theft was attributed to DPRK.
Amount of loss: 342,000 ETH Attack method: Wallet Stolen