190 hack event(s)
Description of the event: A former employee of the now-defunct Cryptopia exchange allegedly stole more than 250,000 New Zealand dollars (US$182,300) of cryptocurrency and customer data from Cryptopia. However, the New Zealand authorities managed to recover the stolen funds and return them to Cryptopia's liquidator Grant Thornton. The man explained in detail how he stole the funds. He said that he unauthorizedly copied the private keys belonging to Cryptopia's many wallets and saved the data on a USB storage device. Then he uploaded the data to his personal computer at home. This allows him to use thousands of wallets and more than 100 million U.S. dollars in various cryptocurrencies.
Amount of loss: - Attack method: Private Key Leakage
Description of the event: Hackers successfully sandwiched crypto-stealing code into the middle of a popular web traffic-measuring plugin from StatCounter, which is now used on more than two million websites, including government sites. They have determined, however, that the rather wide swath of infections may have been designed to eventually infect cryptocurrency trading sites, and that the scheme did, in fact, infect popular crypto-trading site Gate.io. By situating the code in the middle of StatCounter’s downloadable javascript web traffic analysis tool, hackers made it harder to detect.
Amount of loss: - Attack method: Malicious Code Injection Attack
Description of the event: MapleChange, based in Canada, announced on Twitter the exchange "sustained a hack" and was investigating the issue. The post also said the exchange had turned off users' accounts temporarily. About refunding its customers, it opened a Discord server (a platform for users to chat) so customers could post there about their missing funds, based on which it would initiate refunds. The exchange's website was down.
Amount of loss: 913 BTC Attack method: Unknown
Description of the event: Trade.io confirmed via their Medium blog that someone or some entity gained access to the assets, resulting in over 50 million in Trade (TIO) tokens being stolen from the firm’s cold storage wallets. The 50 million tokens are valued at $7.5 million at the current $0.15 price per TIO. The ongoing investigation has revealed that some of the TIO tokens had made their way to cryptocurrency exchanges Bancor and Kucoin. Kucoin has suspended TIO transactions, while Bancor has permanently removed TIO.
Amount of loss: 50,000,000 TIO Attack method: Unknown
Description of the event: Hackers with unauthorized access to the exchange’s hot wallets had stolen roughly $60 million in bitcoin, bitcoin cash, and MonaCoin. That being said, the exact amount of bitcoin cash stolen remains unknown.
Amount of loss: $ 59,000,000 Attack method: Wallet Stolen
Description of the event: KICKICO has experienced a security breach, which resulted in the attackers gaining access to the account of the KICK smart contract — tokens of the KICKICO platform. The team learned about this incident after the complaints of several victims, who did not find tokens worth 800 thousand dollars in their wallets. During the investigation, it was found that the total amount of stolen funds is 70,000,000 KICK, which at the current exchange rate is equivalent to $ 7.7 million.
Amount of loss: 7,000 KICK Attack method: Private Key Leakage
Description of the event: The attacker stole $30 million worth of cryptocurrency from Bithumb, Korea's largest cryptocurrency exchange. According to Japanese Cointelegraph, the attackers hijacked Bithumb's popular (online) wallet.
Amount of loss: 30,000,000 USD Attack method: Wallet Stolen
Description of the event: Coinrail acknowledged the existence of “network intrusion” in its system and estimated that 40 billion won ($37.2 million) worth of coins were stolen. The police are investigating violations but have not announced further details.
Amount of loss: 37,200,000 USD Attack method: Network intrusion
Description of the event: TAYLOR’ve been hacked and all of our funds have been stolen. Not only the balance in ETH (2,578.98 ETH), but also the TAY tokens from the Team and Bounty pools. The only tokens that were not stolen are the ones from the Founders’ and Advisors’ pools, because there’s a vesting contract making them inaccessible for now.
Amount of loss: 2,578.98 ETH Attack method: 1Password file stolen
Description of the event: A failed cold storage restoration exercise seems to have exposed private keys intended for offline storage (effectively making them online). However, the CEO has expressed an insider’s involvement. Police found private keys exposed online for more than 12 hours.
Amount of loss: 438 BTC Attack method: Private Key Leakage
Description of the event: Binance security incident occurred in March 2018 when a phishing campaign impacted a large number of Binance users. At the time, Binance offered a $250,000 reward for any information that would have led to the arrest of those involved in the phishing campaign.
Amount of loss: - Attack method: Unknown
Description of the event: BitGrail claims that $195 million of customers have stolen cryptocurrencies in Nano (XRB).
Amount of loss: 195,000,000 USD Attack method: Unknown
Description of the event: Unidentified assailants stole 523 million NEM coins (about $534 million) from the exchange's hot wallet. According to Coincheck, NEM coins are kept on a single-signature hot wallet instead of a more secure multi-signature wallet, and the stolen coins are confirmed to be Coincheck customers.
Amount of loss: 534,000,000 USD Attack method: Wallet Stolen
Description of the event: In the wee hours of December 19, Youbit was dealt a death blow in the form of another hack. The exchange, which was also hit in April, is closing down in the fallout of the most recent attack. As revealed on its website, they had been forced to terminate its services after suffering another hack. The hackers ran off with 17% of Youbit’s funds, enough to drive the exchange into bankruptcy.
Amount of loss: - Attack method: Unknown
Description of the event: Nicehash appears to have shuttered their website with a notice saying “a security breach involving NiceHash website” and “our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen”.
Amount of loss: 4,736.42 BTC Attack method: Unknown
Description of the event: Tether, the issuer of USDT, issued a statement stating that its system was hacked by an external attacker on the 19th of this month and stolen USDT tokens worth approximately $31 million from its Tether Treasury wallet.
Amount of loss: 31,000,000 USD Attack method: Wallet Stolen
Description of the event: According to internet rumors, 66,000 bitcoins were suspected to have been stolen from the BTC-e exchange. The user inquired on the blockchain that the block with a block height of 477472 was transferred out of 66163.40004136 bitcoins. It is suspected that the BTC-e user was stolen by hackers of a huge amount of bitcoins.
Amount of loss: 990,000,000 USD Attack method: Unknown
Description of the event: Hacker steals $7.4 million in ethereum during CoinDash ICO launch. At the time of the ICO, in which CoinDash posted a string of characters which represented its wallet address for investors to send funds to, it appears that the hacker compromised the website and changed this text to a wallet they control. It was a matter of minutes before the platform realized the security breach had taken place and warned investors, but it was too late -- and now the stolen funds intended for CoinDash are simply sitting in a wallet awaiting collection.
Amount of loss: 7,400,000 USD Attack method: Malicious Code Injection Attack
Description of the event: Bithumb is one of the five largest bitcoin exchanges in the world. Hackers succeeded in grabbing the personal information of 31,800 Bithumb website users, including their names, mobile phone numbers and email addresses. The exchange claims that this number represents approximately three percent of customers. And the exchange further claims that the breach was made to a personal computer belonging to an employee, and not the exchange’s internal network, servers nor digital currency wallets. Attackers appear to have stolen enough credentials to begin a process of “voice phishing,” where the scammers call up victims one at a time and pose as representatives of Bithumb.
Amount of loss: 1,000,000 USD Attack method: Phishing attack
Description of the event: Yapizon, a South Korean Bitcoin exchange, announced last week it lost 3831 Bitcoin (over $5.5 million) after an unknown hacker breached its system and stole funds from its server.
Amount of loss: 3,831BTC Attack method: Wallet Stolen