Exchange : 99 hack event(s)

• 2021-04-29

  Hacked target: Hotbit

  Description of the event: The official announcement of the cryptocurrency exchange Hotbit stated that Hotbit had suffered a serious network attack starting at 20:00 UTC on April 29, 2021, causing some basic services to be paralyzed and the exchange was no longer able to log in. At the same time, the attacker also tried to hack into Hotbit's wallet, which Hotbit claimed was identified and blocked by the risk control system. The Hotbit team decided to immediately shut down all services for inspection and recovery. The entire recovery period is expected to be no less than 7 days. Hotbit stated that all assets are safe.

  Amount of loss: 0 Attack method: Network attack

• 2021-03-20

  Hacked target: Turtle.dex

  Description of the event: According to BSC news, Turtle.dex has run away, taking away about 9,000 BNB, worth more than 2 million U.S. dollars, and the website and telegram group have been deleted. BSC news refers to this as a well-thought-out and planned running behavior. At present, part of the funds have been converted into ETH to enter the Binance Exchange, and investors are urging Binance to freeze related accounts. On March 15th, in response to the question of whether it would run away, Turtle officially stated: No, because the turtles have short hands. Note: Turtle means sea turtle.

  Amount of loss: 9000 BNB Attack method: Scam

• 2021-03-09

  Hacked target: DODO

  Description of the event: The decentralized exchange DODO announced the progress of the attack on some fund pools. The main reason for this attack was that the crowdfunding fund pool contract initialization function did not prevent repeated calls, which led to hackers reinitializing the contract and completing the attack through lightning loans. In this incident, there were three participants, a hacker and two trading robots. A total of approximately US$3.8 million worth of funds were attacked. At present, the owners of the two trading robots have returned approximately US$3.1 million in tokens. In addition, funds worth approximately US$200,000 are frozen on the centralized exchange, and the remaining value of approximately US$500,000 is borne by the DODO team, and all funds will be returned within 24 hours. At the same time, security companies Chengdu Lian'an and SlowMist Technology have been invited to conduct a new round of code audits, and it is expected that the crowdfunding pool building function will be restored within a week.

  Amount of loss: $ 500,000 Attack method: init function unlimited

• 2021-02-20

  Hacked target: Cryptopia

  Description of the event: On February 20th, the New Zealand exchange Cryptopia was hacked again. Together with the $30 million stolen in 2019, Cryptopia reported that it was the target of another theft on February 1, 2021. Hackers stole about 62,000 New Zealand dollars (45,000 US dollars) in cryptocurrency. The investigation revealed that the hacker accessed a wallet that has been dormant since the hack in January 2019. The wallet belongs to Stakenet and is controlled by Grant Thornton, the liquidator of Cryptopia. According to the survey results, the dormant wallet holds approximately USD 1.96 million worth of Xtake, which is the native token of Stakenet. Previously, in December last year, the New Zealand stolen exchange Cryptopia user claim process was officially opened.

  Amount of loss: $ 45,000 Attack method: Unknown

• 2021-01-25

  Hacked target: BuyUCoin

  Description of the event: User information of BuyUCoin, an Indian cryptocurrency exchange, was leaked, and personal data of more than 325,000 people appeared in the database of the hacker organization. According to Indian news media Inc42, a hacker group called ShinyHunters placed a database containing the names, phone numbers, email addresses, tax identification numbers and bank account information of more than 325,000 BuyUCoin users.

  Amount of loss: 0 Attack method: data leakage

• 2021-01-06

  Hacked target: ZKSwap

  Description of the event: The ZKSwap token ZKS, a decentralized exchange based on ZK Rollup, has problems due to Uniswap adding liquidity. ZKSwap officially stated that the reason for this phenomenon was that someone used scripts to brush transactions, resulting in a higher price for first adding liquidity. The project party can only sell a part of ZKS to return the price to normal levels. All the USDT obtained from selling ZKS has been injected into the liquidity pool and will not be withdrawn in the next 3 months

  Amount of loss: 0 Attack method: someone used scripts to brush transactions

• 2020-12-26

  Hacked target: Altilly

  Description of the event: The Altilly Exchange platform was attacked by legally authorized access. According to the official weighing, the attacker gained access to 30 BTC and 12,000 USDT and stole them while controlling the server.

  Amount of loss: 30 BTC + 12,000 USDT Attack method: Unauthorized access

• 2020-12-24

  Hacked target: Livecoin

  Description of the event: The Russian cryptocurrency trading platform Livecoin was attacked by hackers, and the price of tokens on the platform has been manipulated. It is understood that the team members who have the front-end authority have announced that they want users to stop trading. It is not clear whether client funds have been affected.

  Amount of loss: 0 Attack method: Unknown

• 2020-12-21

  Hacked target: EXMO

  Description of the event: A major security breach in the British cryptocurrency exchange Exmo has caused the platform to freeze all withdrawals. Since EXMO has a separate server for each cryptocurrency, the hacking only affected six cryptocurrencies, BTC, XRP, ZEC, USDT, ETC, and ETH, and the affected assets were equivalent to 6% of the company's total assets. According to The Block research analyst Igor Igamberdiev, EXMO seems to have lost $10.5 million in funds. The exchange provided a list of stolen coins and their addresses, and analysis showed that most of the funds had been sent to Poloniex. The lost coins include Bitcoin (BTC), Ethereum (ETH), XRP, Ethereum Classic (ETC), Tether (USDT) and Zcash (ZEC).It was reported on December 25 that the hackers who attacked Exmo had withdrawn $4 million of stolen funds through Poloniex.

  Amount of loss: $ 10,500,000 Attack method: Stolen hot wallet

• 2020-12-05

  Hacked target: Poloniex

  Description of the event: The cryptocurrency exchange Poloniex issued an announcement stating that since December 5th at 6:30 UTC (14:30 Beijing time), its service was interrupted due to a distributed denial of service (DDoS) attack. At present, Poloniex has resumed normal trading, and user funds have not suffered any loss.

  Amount of loss: 0 Attack method: DDoS attack

• 2020-12-01

  Hacked target: BTC Markets

  Description of the event: On December 1, the Australian cryptocurrency exchange BTC Markets accidentally disclosed the full names and email addresses of all its customers in marketing emails sent to customers, which may expose all customers to potential phishing attacks. These emails are sent in batches of 1,000, which means that every customer has received the names and email addresses of 999 other users. BTC Markets CEO Caroline Bowler said that the company sincerely apologized for the incident and emphasized that the executives of the exchange are currently working around the clock to minimize the impact of violations and implement “additional security features”. To prevent future information leakage. Bowler advises BTC Markets customers to ensure that two-factor authentication is enabled to protect their accounts and to change the password of their email account.

  Amount of loss: 0 Attack method: Information leakage

• 2020-11-13

  Hacked target: Liquid

  Description of the event: Mike Kayamori, CEO of cryptocurrency exchange Liquid, posted a notice on the official website that a data leakage security incident occurred on the exchange on November 13. A domain hosting provider that manages a core domain name mistakenly transferred control of the account and domain name to a malicious intruder, allowing it to change DNS records, thereby controlling a large number of internal email accounts, and being able to partially damage the exchange’s Infrastructure and gain access to stored documents. After detecting the intruder, immediate action was taken to intercept and contain the attack to prevent further intrusions and reduce the risk of customer accounts and assets, while conducting a comprehensive review of the infrastructure. It can be confirmed that the customer's funds are safe, and the cold wallet based on MPC (Multi-Party Computing Protocol) is safe and has not been damaged. The relevant regulatory agencies have been notified of the intrusion and will continue to communicate in the next few days. The attacker may have obtained the user's email, name, address, and password. At present, Liquid is investigating whether the attacker has accessed the identity documents and photos submitted to KYC for verification, and will provide updates after the investigation.Liquid announced the final findings on January 20, 2021. Liquid stated that 169,782 items of user data including email addresses, names, encryption passwords, API keys, etc. have been leaked. Among them, the personal information that may be accessed illegally is the user who went through the KYC process before October 2018, such as the user's ID card, self-portrait picture, proof of address and other identity verification documents 28,639.

  Amount of loss: 0 Attack method: data leakage

• 2020-10-11

  Hacked target: Curve

  Description of the event: Recently, a user suffered a phishing attack while visiting the Curve exchange website, and lost 20 Bitcoins. It is reported that the fraud group used the Google advertising system to purchase Google search ads, pretending to be the Curve exchange for fraudulent advertising. Due to google’s new advertising program, ads are usually displayed in the first place in search, which has caused many users to be deceived.

  Amount of loss: 20 BTC Attack method: Phishing Attack

• 2020-09-26

  Hacked target: KuCoin

  Description of the event: KuCoin exchange issued an announcement stating that KuCoin detected large withdrawals of Bitcoin and ERC-20 tokens in multiple hot wallets in the early morning of the 26th, and the deposit and withdrawal services have been suspended. KuCoin stated that the total amount involved in the KuCoin platform accounts for a relatively low proportion of the total funds held on the KuCoin platform, and the assets in the KuCoin cold wallet are not affected. At the same time, KuCoin has redeployed the hot wallet for the first time. KuCoin officially stated that if any user suffers losses in this incident, KuCoin and its insurance fund will be fully borne by KuCoin. KuCoin has now started a comprehensive internal security review. During this period, the deposit and withdrawal services will be suspended. The specific opening time will be Further notice. Kucoin said it will announce more details as soon as possible. As previously reported, starting at 2:49 am Beijing time on September 26, Etherscan marked the address of the cryptocurrency exchange KuCoin to transfer a large number of tokens, including MKR, USDT, OCEN, etc., to a new address beginning with 0xeb31973e0f. Including 11,486 Ethereum, 19,788,586 USDT, 525,405 Gladius (GLA), 77,874 Hawala (HAT), 21,660,274 Ocean Token (OCEAN), 8,893,428 Chroma (CHR), 30,452,178 Ampleforth Network (AMPL), 198,678 Ankr (ANKR) etc. Up to now, the new address has deposited ERC 20 tokens worth about 146 million U.S. dollars, and the transfer records are two, and the two transfers totaled about 50,000 USDT to the address starting with 0xc6f928cf9431.

  Amount of loss: $ 150,000,000 Attack method: Hot wallet private key leaked

• 2020-09-16

  Hacked target: Arbistar

  Description of the event: The team of crypto company Arbistar announced that it will close the trading tool Community Bot. The operator said that all funds on the platform are currently frozen and prevent users from withdrawing funds. The financial forensic company Tulip Research has repeatedly warned users that Arbistar is a multi-billion-dollar encrypted Ponzi scam. Arbistar CEO stated that it will return investors' funds from September 15th. If users resort to law, they will freeze the funds and wait for judicial settlement.

  Amount of loss: 0 Attack method: Encrypted Ponzi Scam

• 2020-09-08

  Hacked target: ETERBASE

  Description of the event: European encrypted exchange ETERBASE has been hacked, resulting in the theft of some hot wallets and the loss of more than $5 million in assets.

  Amount of loss: $ 5,000,000 Attack method: Unknown

• 2020-08-30

  Hacked target: Empire Market

  Description of the event: The well-known darknet market Empire Market has closed its operations. When it exited, the website defrauded about 2638 bitcoins from 1.3 million users, worth nearly 30 million U.S. dollars.

  Amount of loss: $ 30,000,000 Attack method: Scam

• 2020-08-28

  Hacked target: NZX

  Description of the event: In the past few weeks, a criminal group launched a DDoS attack on some of the world's largest financial service providers and demanded bitcoin ransoms. A source in the field of DDoS mitigation revealed that just this week, the organization attacked MoneyGram, YesBank Indiak, PayPal, Braintree and Venmo. The New Zealand Stock Exchange (NZX) today ceased trading for the fourth consecutive day, and it was also one of the victims of the organization.

  Amount of loss: 0 Attack method: DDoS attack

• 2020-08-25

  Hacked target: CryptoTrader.Tax

  Description of the event: According to Coindesk, a hacker has stolen more than 1,000 user data from crypto-tax service provider CryptoTrader.Tax and is currently trying to sell information on dark web forums.

  Amount of loss: 0 Attack method: Unknown

• 2020-08-25

  Hacked target: Coinbit

  Description of the event: South Korea’s third largest digital currency exchange, Coinbit, was seized and investigated by South Korean police. Its chairman and operator were suspected of internal transactions and manipulation of market prices. The police claimed that the company was suspected of using illegal means to earn at least 100 billion won in illegal profits (approximately 85 million US dollars), and Coinbit was also suspected of forging more than 99% of its transaction volume.

  Amount of loss: $ 85,000,000 Attack method: Ponzi

• 2020-08-25

  Hacked target: BTC ERA

  Description of the event: Some cybercriminals have been counterfeiting the BTC ERA trading platform in order to infect potential users with malware. The cybersecurity company discovered that the perpetrators had been sending emails allegedly from BTC ERA to induce users to invest and pay.

  Amount of loss: 0 Attack method: Fake mail

• 2020-08-19

  Hacked target: KuCoin

  Description of the event: KuCoin, a cryptocurrency exchange, warned of fraudulent websites using its brand to try to steal cryptocurrencies. The website provides false rewards to induce users to deposit digital assets.

  Amount of loss: 0 Attack method: Unknown

• 2020-08-18

  Hacked target: OKEx

  Description of the event: OKEx has confirmed that the latest 51% attack caused ETC losses of approximately $5.6 million. Out of concerns about the security of the ETC mainnet, it is considering removing ETC from the exchange. According to a report released by OKEx on Saturday, OKEx will repay all the ETC lost by users, and due to the attack, all ETC deposits and withdrawals have been suspended.

  Amount of loss: $ 5,600,000 Attack method: 51% attack

• 2020-08-15

  Hacked target: 比特币 ATM

  Description of the event: The Hong Kong police arrested three men on suspicion of defrauding nearly 230,000 Hong Kong dollars (US$30,000) from Bitcoin ATMs. This is the first such case in Hong Kong. These exchanges suspect that criminals have used the “loopholes” of ATMs to withdraw cash without official authorization.

  Amount of loss: $ 30,000 Attack method: Unknown

• 2020-07-31

  Hacked target: 2gether

  Description of the event: Spanish cryptocurrency payment application and credit card issuer 2gether announced that hackers stole $ 1.4 million last Friday (July 31) and the company could not immediately repay users affected by the attack. This trading platform will use the native token 2GT to compensate users.

  Amount of loss: $ 1,400,000 Attack method: Unknown

• 2020-07-12

  Hacked target: Cashaa

  Description of the event: Cashaa, a UK-based cryptocurrency exchange, said hackers stole 336 Bitcoins from a wallet on the exchange. The company has now stopped all transactions related to cryptocurrency.

  Amount of loss: 336 BTC Attack method: Unknown

• 2020-06-10

  Hacked target: DeversiFi

  Description of the event: The new version of DeversiFi encountered a vulnerability in less than a week after it was launched. The official said that it would be fixed as soon as possible. The cause of this vulnerability was that a trader tried to submit an order larger than the limit, and the logic of why the system designed order limit is to avoid user's misoperation. After that, the system still repeatedly submitted the order, but it was continuously rejected by the system, which affected the processing of other orders.

  Amount of loss: - Attack method: System design defect

• 2020-05-27

  Hacked target: LMEX

  Description of the event: The LMEX Stock Exchange's community issued a notice on the adjustment of exchange operations, stating that the platform was hacked and stolen and lost 150,000 USDT, which caused the platform to have a low debt. The deposit and withdrawal have been closed.

  Amount of loss: 150,000 USDT Attack method: Unknown

• 2020-05-07

  Hacked target: Loopring

  Description of the event: Loopring has appeared a serious front-end error, the private key material is set within a range of 32-bit integer, you can find all user private key pairs by brute force method, due to the user's EdDSA key pair is actually limited to a space of 32-bit integer, the hacker can find out the EdDSA key pair of all users by brute force method. Affected by this, Loopring Exchange shut down for half a day for maintenance and upgrade.

  Amount of loss: - Attack method: System design defect

• 2020-05-06

  Hacked target: Youbi

  Description of the event: According to the official news from Youbi Exchange, Youbi has encountered heavy network-traffic DDOS attacks for three consecutive days since the platform coin subscription was launched on May 06, which caused the server to be inaccessible in a short time.

  Amount of loss: - Attack method: DDOS attack

• 2020-05-01

  Hacked target: 币星

  Description of the event: -The official announcement of BitSG Exchange stated that its websites bitsg and app suffered from uninterrupted DDOS continues attacks, resulting in the inability to log in normally during certain periods.

  Amount of loss: - Attack method: DDOS attack

• 2020-04-08

  Hacked target: Bisq

  Description of the event: Hacker Exploits Flaw in Decentralized Bitcoin Exchange Bisq to Steal $250K

  Amount of loss: $250,000 Attack method: Unknown

• 2020-02-17

  Hacked target: FCoin

  Description of the event: The FCoin exchange claimed that due to funding difficulties, the fund reserves could not be redeemed for user withdrawals, and the estimated amount of funds that could not be redeemed was between 7,000-13,000 BTC.

  Amount of loss: 0 Attack method: Scam

• 2020-02-17

  Hacked target: VBITEX

  Description of the event: VBITEX platform was hacked, resulting in malicious manipulation of platform data and theft of virtual assets.

  Amount of loss: - Attack method: Unknown

• 2020-02-05

  Hacked target: Altsbit

  Description of the event: Altsbit, a small cryptocurrency exchange that lost “almost all funds” in hack on Feb. 5. Altsbit lost about $70,000 in Bitcoin and Ether

  Amount of loss: $70,000 Attack method: Unknown

• 2019-11-27

  Hacked target: Upbit

  Description of the event: Crypto Exchange UpBit Confirms Theft of 342,000 Ether — $50M

  Amount of loss: 342,000 ETH Attack method: Unknown

• 2019-11-08

  Hacked target: VinDAX

  Description of the event: The cryptocurrency exchange VinDAX was hacked and lost at least $5 million in cryptocurrency

  Amount of loss: $5,000,000 Attack method: Unknown

• 2019-11-01

  Hacked target: BitMEX

  Description of the event: BitMEX Compromises User Data in Email Gaffe.

  Amount of loss: - Attack method: Unknown

• 2019-09-14

  Hacked target: Coinhouse

  Description of the event: Coinhouse Suffers Phishing Attack, User Names and Emails Accessed.

  Amount of loss: - Attack method: phishing attack

• 2019-08-17

  Hacked target: CoinTiger

  Description of the event: Cold wallets stolen from the CoinTiger exchange, 400 million PTT's in the wallet disappeared.

  Amount of loss: 401,981,748 PTT Attack method: Unknown

• 2019-08-13

  Hacked target: Bitstamp

  Description of the event: There is a vulnerability in Bitstamp, which can be used by attackers to view a large number of sensitive information such as user IDs and bank CARDS, seriously threatening the information security of users.

  Amount of loss: - Attack method: Unknown

• 2019-07-25

  Hacked target: YouHodler

  Description of the event: The cryptocurrency lending company YouHodler was affected by a data leak that contained information about users on its platform. Some of the data that was released to the market includes bank accounts, passport numbers, card numbers and many other things.

  Amount of loss: - Attack method: Unknown

• 2019-07-24

  Hacked target: QuickBit

  Description of the event: According to QuickBit, the breach resulted in data of users such as names, emails, physical addresses and even card information was exposed. The exchange has said it has estimated about 2% user data was left unprotected. The exchange has claimed that although data was bare and accessible to anyone who had the knowledge on how to access it, none of the data has been affected or copied.

  Amount of loss: - Attack method: Unknown

• 2019-07-11

  Hacked target: BitPoint

  Description of the event: Bitpoint, a licensed cryptocurrency exchange based in Japan, has been hacked for $32 million in crypto assets.

  Amount of loss: 1,225 BTC, 1,985 BCH, 1,169 ETH, 5,108 LTC, 28,106,343 XRP Attack method: Unknown

• 2019-07-08

  Hacked target: Bitmarket

  Description of the event: On July 8, the Polish-based exchange Bitmarket abruptly shut down due to liquidity issues. The shutdown allegedly cost users a total of 2300 bitcoin (approximately $23 million) according to Polish prosecutors. The exchange’s official site was replaced with the following message: “We regret to inform you that due to the loss of liquidity, from 08/07/2019, Bitmarket.pl/net was forced to cease its operations. We will inform you about further steps.” Two weeks later, one of the exchange's co-owners was found shot dead

  Amount of loss: 2300 BTC Attack method: Unknown

• 2019-07-04

  Hacked target: Soxex

  Description of the event: Soxex exchange has been exposed to abscond with the funds. At present, the website of the exchange has been unable to open, and hundreds of millions of funds of investors have been swept away, involving BTC, ETH, HT, OKB and other mainstream currencies. Over 1 million USDT has been flowing into other exchanges.

  Amount of loss: - Attack method: Unknown

• 2019-06-27

  Hacked target: Bitrue

  Description of the event: At approximately 1am June 27 (GMT+8), a hacker exploited a vulnerability in Bitrue's Risk Control team's 2nd review process to access the personal funds of about 90 Bitrue users. The hacker used what they learned from this breach to then access the Bitrue hot wallet and move 9.3 million XRP and 2.5 million ADA to different exchanges.

  Amount of loss: 9,300,000 XRP; 2,500,000 ADA Attack method: Unknown

• 2019-06-27

  Hacked target: Bitsane

  Description of the event: According to Forbes on June 27, Bitsane, an Irish cryptocurrency exchange, disappeared without a trace last week, had lied to as many as 246000 users.

  Amount of loss: - Attack method: Unknown

• 2019-06-25

  Hacked target: Synthetix

  Description of the event: Synthetix, a synthetic asset issuance platform built on Ethereum, experienced an oracle attack which netted the attacker over 37 million sETH, according to Etherscan. However, the true dollar value is difficult to calculate at this time given the relative illiquidity of sETH on secondary markets.

  Amount of loss: 35,759,524 sETH Attack method: oracle attack

• 2019-06-03

  Hacked target: Coinroom

  Description of the event: Polish Coinroom exchange shuts down and disappears with customers funds

  Amount of loss: - Attack method: Unknown

• 2019-06-02

  Hacked target: Kraken

  Description of the event: On June 2, Bitcoin flash-crashed on a major Bitcoin trading platform Kraken. The near vertical drop from $11,200 CAD to $100 CAD within moments initially appeared to have resulted from a technical glitch or a fat-fingered trading error by a whale. In this case, the available evidence suggests a hacker compromised a whale’s account, stole 1200 BTC worth $10.45 million on that date, and then dumped this huge amount of BTC into a highly illiquid BTC/CAD marke.

  Amount of loss: 1200 BTC Attack method: Flash Crashes

• 2019-05-29

  Hacked target: Remitano

  Description of the event: False XRP deposit.

  Amount of loss: - Attack method: Unknown

• 2019-05-22

  Hacked target: Coinbase

  Description of the event: Hackers steal $100,000+ worth of BTC from engineering manager at Crypto Custodian BitGo. Sean Coonce, engineering manager at cryptocurrency custodian BitGo. According to the post, Coonce had over $100,000 siphoned out of his account on cryptocurrency exchange Coinbase in under 24 hours. Coone details SIM swapping, a practice that sees the attacker maliciously requesting a telecommunications carrier to redirect the traffic of a mobile phone number to a device over which they have control.

  Amount of loss: $100,000 Attack method: SIM hijacking

• 2019-05-08

  Hacked target: Binance

  Description of the event: Binance has discovered a large scale security breach today, May 7, 2019 at 17:15:24 (UTC). Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. And the hackers were able to withdraw 7000 BTC. Link: https://binance.zendesk.com/hc/en-us/articles/360028031711-Binance-Security-Breach-Update

  Amount of loss: 7074 BTC Attack method: Unknown

• 2019-05-02

  Hacked target: BitoPro

  Description of the event: Taiwan exchange BitoPro's XRP suffered an attack that caused a price crash and is thought to have lost about 7m XRPS.

  Amount of loss: 7,000,000 XRP Attack method: False top-up

• 2019-04-26

  Hacked target: Bitfinix

  Description of the event: Bitfinix transferred about $1 billion of its own and client money to Crypto Capital, which is also said to hold funds from other exchanges such as QuadrigaCX. However, starting from August last year, Crypto Capital refused to provide withdrawal service for customers and refused to return funds to Bitfinix exchange. So far, Crypto Capital has a total of $851 million of funds has not been returned to Bitfinex.

  Amount of loss: 851,000,000 USD Attack method: Unknown

• 2019-03-29

  Hacked target: Bithumb

  Description of the event: According to a report from CoinDesk Korea, the exchange was hacked for a total of 3.1 million EOS, which was withdrawn from the exchange’s “hot” (internet connected) wallet through a series of transactions. Based on the data from CoinMarketCap, EOS is currently trading at $4.22, making the total value of the coins lost around $13 million. The company said in its statement that it suspects the hack was conducted by an insider, since no evidence of external exploit has been found.

  Amount of loss: 3,132,672 EOS Attack method: Unknown

• 2019-03-29

  Hacked target: Bithumb

  Description of the event: According to a report from CoinDesk Korea, Bithumb may have also lost 20.2 million XRP in the recent breach. The XRP was moved from Bithumb’s wallet on March 29 in transactions that can be seen on XRPSCAN.

  Amount of loss: 20,172,060 XRP Attack method: Unknown

• 2019-03-26

  Hacked target: BiKi

  Description of the event: BiKi.com announced that at 0:08:23 on March 26, the BiKi.com community received a user feedback that his password has been tampered with and need to bind the new Google verification code.At around 5 in the morning, 28 users had the same problem, and the risk control system received an alarm. After investigation, it is because some users are not bound to Google verification code and third-party verification code service provider SMS is hijacked and caused. At present, the number of of accounts that have been tampered with passwords is 37, and the account involved in asset transfer is 18, and the loss amount is 12.33 million USDT, the BiKi.com will bear the full amount of the loss.

  Amount of loss: 123,300 USDT Attack method: unknown

• 2019-03-26

  Hacked target: CoinBene

  Description of the event: Crypptocurrency expert Nick Schteringard said on Twitter yesterday, that the hacker appears to have stolen roughly $6 million in Coinbene Coin and $39 million in Maximine Coin, which it later dumped on the market.

  Amount of loss: 45,000,000 USD Attack method: Unknown

• 2019-03-24

  Hacked target: DragonEx

  Description of the event: DragonEx announced the news on its official Telegram channel on Monday, stating that, on Sunday, March 24, it had suffered a cyberattack that saw cryptocurrency funds owned by users and the exchange “transferred and stolen.” In updates on the hack today, DragonEx’s Telegram admin provided wallet addresses for 20 cryptocurrencies to which the stolen funds had apparently been transferred. The list included the top five cryptos by market capitalization: bitcoin (BTC), ether (ETH), XRP, litecoin (LTC) and EOS, as well as the tether stablecoin (USDT) for which six destination addresses were provided.

  Amount of loss: ~ 6,028,283 USD Attack method: Unknown

• 2019-03-24

  Hacked target: Etbox

  Description of the event: The Etbox platform wallet was hacked, causing the platform’s digital assets to be stolen

  Amount of loss: 132,000 USD Attack method: unknown

• 2019-03-15

  Hacked target: Mercatox

  Description of the event: The attacker launched a hard_fail attack on the exchange and profited thousands of EOS.

  Amount of loss: - Attack method: Hard_fail attack

• 2019-02-20

  Hacked target: Coinbin

  Description of the event: Coinbin, a south Korean cryptocurrency exchange, is filing for bankruptcy with losses equivalent to more than $26 million after its debts grew after employees embezzled money.

  Amount of loss: 26,000,000 USD Attack method: Employee Embezzlement

• 2019-02-04

  Hacked target: QuadrigaCX

  Description of the event: Canada's largest cryptocurrency exchange is seeking creditor protection after losing about $190 million worth of cryptocurrency after the sudden death of its founder and chief executive in December.

  Amount of loss: 195,000,000 Attack method: Founder and CEO suddenly died

• 2019-01-26

  Hacked target: LocalBitcoins

  Description of the event: LocalBitcoins has detected a security vulnerability - an unauthorised source was able to access and send transactions from a number of affected accounts.It was related to a feature powered by a third party software, and stop the attack. At the moment, we are determining the correct number of users affected - so far six cases have been confirmed.

  Amount of loss: $27,000 Attack method: Unknown

• 2019-01-04

  Hacked target: Cryptopia

  Description of the event: Cryptopia is a cryptocurrency exchange based out of New Zealand. On January 14th, 2019, they suffered a breach:14th January 2019, the Cryptopia Exchange suffered a security breach which resulted in significant losses. Once identified by staff, the exchange was put into maintenance while we assessed damages. Estimates put the losses at $2.5m-$13m USD in Ethereum and ERC20 tokens being stolen. Two law enforcement press releases were issued. Funds were seen to be exfiltrated to several exchanges for laundering, as noted in this Binance tweet.

  Amount of loss: 16,000,000 USD Attack method: Unknown

• 2018-11-07

  Hacked target: GATE.IO

  Description of the event: Hackers successfully sandwiched crypto-stealing code into the middle of a popular web traffic-measuring plugin from StatCounter, which is now used on more than two million websites, including government sites. They have determined, however, that the rather wide swath of infections may have been designed to eventually infect cryptocurrency trading sites, and that the scheme did, in fact, infect popular crypto-trading site Gate.io. By situating the code in the middle of StatCounter’s downloadable javascript web traffic analysis tool, hackers made it harder to detect.

  Amount of loss: - Attack method: Third-party JavaScript is hijacked

• 2018-10-28

  Hacked target: MapleChange

  Description of the event: MapleChange, based in Canada, announced on Twitter the exchange "sustained a hack" and was investigating the issue. The post also said the exchange had turned off users' accounts temporarily. About refunding its customers, it opened a Discord server (a platform for users to chat) so customers could post there about their missing funds, based on which it would initiate refunds. The exchange's website was down.

  Amount of loss: 913 BTC Attack method: Unknown

• 2018-10-20

  Hacked target: TRADE.IO

  Description of the event: Trade.io confirmed via their Medium blog that someone or some entity gained access to the assets, resulting in over 50 million in Trade (TIO) tokens being stolen from the firm’s cold storage wallets. The 50 million tokens are valued at $7.5 million at the current $0.15 price per TIO. The ongoing investigation has revealed that some of the TIO tokens had made their way to cryptocurrency exchanges Bancor and Kucoin. Kucoin has suspended TIO transactions, while Bancor has permanently removed TIO.

  Amount of loss: 50,000,000 TIO Attack method: Unknown

• 2018-09-14

  Hacked target: ZAIF

  Description of the event: Hackers with unauthorized access to the exchange’s hot wallets had stolen roughly $60 million in bitcoin, bitcoin cash, and MonaCoin. That being said, the exact amount of bitcoin cash stolen remains unknown.

  Amount of loss: ~ 59,000,000 USD Attack method: Unknown

• 2018-07-26

  Hacked target: KICKICO

  Description of the event: KICKICO has experienced a security breach, which resulted in the attackers gaining access to the account of the KICK smart contract — tokens of the KICKICO platform. The team learned about this incident after the complaints of several victims, who did not find tokens worth 800 thousand dollars in their wallets. During the investigation, it was found that the total amount of stolen funds is 70,000,000 KICK, which at the current exchange rate is equivalent to $ 7.7 million.

  Amount of loss: 7,000 KICK Attack method: Unknown

• 2018-06-21

  Hacked target: Bithumb

  Description of the event: The attacker stole $30 million worth of cryptocurrency from Bithumb, Korea's largest cryptocurrency exchange. According to Japanese Cointelegraph, the attackers hijacked Bithumb's popular (online) wallet.

  Amount of loss: 30,000,000 USD Attack method: Unknown

• 2018-06-12

  Hacked target: Coinrail

  Description of the event: Coinrail acknowledged the existence of “network intrusion” in its system and estimated that 40 billion won ($37.2 million) worth of coins were stolen. The police are investigating violations but have not announced further details.

  Amount of loss: 37,200,000 USD Attack method: Network intrusion

• 2018-05-21

  Hacked target: TAYLOR

  Description of the event: TAYLOR’ve been hacked and all of our funds have been stolen. Not only the balance in ETH (2,578.98 ETH), but also the TAY tokens from the Team and Bounty pools. The only tokens that were not stolen are the ones from the Founders’ and Advisors’ pools, because there’s a vesting contract making them inaccessible for now.

  Amount of loss: 2578.98 ETH Attack method: Unknown

• 2018-04-12

  Hacked target: COINSECURE

  Description of the event: A failed cold storage restoration exercise seems to have exposed private keys intended for offline storage (effectively making them online). However, the CEO has expressed an insider’s involvement. Police found private keys exposed online for more than 12 hours.

  Amount of loss: 438 BTC Attack method: Unknown

• 2018-03-07

  Hacked target: Binance

  Description of the event: Binance security incident occurred in March 2018 when a phishing campaign impacted a large number of Binance users. At the time, Binance offered a $250,000 reward for any information that would have led to the arrest of those involved in the phishing campaign.

  Amount of loss: - Attack method: Unknown

• 2018-02-12

  Hacked target: BitGrail

  Description of the event: BitGrail claims that $195 million of customers have stolen cryptocurrencies in Nano (XRB).

  Amount of loss: 195,000,000 USD Attack method: Unknown

• 2018-01-26

  Hacked target: Coincheck

  Description of the event: Unidentified assailants stole 523 million NEM coins (about $534 million) from the exchange's hot wallet. According to Coincheck, NEM coins are kept on a single-signature hot wallet instead of a more secure multi-signature wallet, and the stolen coins are confirmed to be Coincheck customers.

  Amount of loss: 534,000,000 USD Attack method: Unknown

• 2017-12-19

  Hacked target: YOUBIT

  Description of the event: In the wee hours of December 19, Youbit was dealt a death blow in the form of another hack. The exchange, which was also hit in April, is closing down in the fallout of the most recent attack. As revealed on its website, they had been forced to terminate its services after suffering another hack. The hackers ran off with 17% of Youbit’s funds, enough to drive the exchange into bankruptcy.

  Amount of loss: - Attack method: Unknown

• 2017-12-08

  Hacked target: Nicehash

  Description of the event: Nicehash appears to have shuttered their website with a notice saying “a security breach involving NiceHash website” and “our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen”.

  Amount of loss: 4736.42 BTC Attack method: Unknown

• 2017-11-21

  Hacked target: Tether

  Description of the event: Hacked, $10 million worth of bitcoin stolen.

  Amount of loss: 31,000,000 USD Attack method: Hacker break-in

• 2017-09-10

  Hacked target: Control-Finance

  Description of the event: On June 18,2019, the US Commodity Futures Trading Commission (CFTC) announced it had initiated a civil enforcement action against a now-defunct cryptocurrency trading and investment company for misappropriating $147 million worth of Bitcoin. The Complaint charges the defendants—Control-Finance Limited and its principal, Benjamin Reynolds—with exploiting public enthusiasm for crypto assets by fraudulently obtaining and misappropriating at least 22,858.822 Bitcoin from more than 1,000 customers through a classic (HYIP) Ponzi scheme called the Control-Finance Affiliate Program.

  Amount of loss: 22,858.822 BTC Attack method: Unknown

• 2017-07-26

  Hacked target: BTC-e

  Description of the event: 66,000 BTCs worth $990 million.

  Amount of loss: 990,000,000 USD Attack method: Unknown

• 2017-07-19

  Hacked target: Coindash

  Description of the event: Hacker steals $7.4 million in ethereum during CoinDash ICO launch. At the time of the ICO, in which CoinDash posted a string of characters which represented its wallet address for investors to send funds to, it appears that the hacker compromised the website and changed this text to a wallet they control. It was a matter of minutes before the platform realized the security breach had taken place and warned investors, but it was too late -- and now the stolen funds intended for CoinDash are simply sitting in a wallet awaiting collection.

  Amount of loss: 7,400,000 USD Attack method: Destroy the website, replace the address.

• 2017-06-21

  Hacked target: Bithumb

  Description of the event: Bithumb is one of the five largest bitcoin exchanges in the world. Hackers succeeded in grabbing the personal information of 31,800 Bithumb website users, including their names, mobile phone numbers and email addresses. The exchange claims that this number represents approximately three percent of customers. And the exchange further claims that the breach was made to a personal computer belonging to an employee, and not the exchange’s internal network, servers nor digital currency wallets. Attackers appear to have stolen enough credentials to begin a process of “voice phishing,” where the scammers call up victims one at a time and pose as representatives of Bithumb.

  Amount of loss: 1,000,000 USD Attack method: Phishing

• 2017-04-27

  Hacked target: Yapizon

  Description of the event: Yapizon, a South Korean Bitcoin exchange, announced last week it lost 3831 Bitcoin (over $5.5 million) after an unknown hacker breached its system and stole funds from its server.

  Amount of loss: 3,831BTC Attack method: Unknown

• 2016-08-03

  Hacked target: Bitfinex

  Description of the event: Nearly 120,000 units of digital currency bitcoin worth about $72 million was stolen from the exchange platform Bitfinex in Hong Kong. There is still unknown how did it happended.

  Amount of loss: 119,756 BTC Attack method: Unknown

• 2016-05-14

  Hacked target: Gatecoin

  Description of the event: Gatecoin experienced a cyberattack on its hot wallets that resulted in the loss of funds. A new update from the exchange team indicated that as much as $2m was lost, confirming rumors that circulated soon after the hack became apparent. Gatecoin has claimed that it lost as much as 185,000 ethers and 250 bitcoins, an amount worth roughly $2.14m at press time.

  Amount of loss: 2,000,000 USD Attack method: Server is hacked

• 2015-02-18

  Hacked target: KipCoin

  Description of the event: KipCoin announced that the attacker gained access to the server in 2014 and downloaded the wallet.dat file. A few months later, the attacker stole more than 3,000 BTC.

  Amount of loss: ~ 3000 BTC Attack method: Server is hacked

• 2015-02-17

  Hacked target: BTER

  Description of the event: BTER announced that it lost 7,170 BTC (then worth $1.75 million). The company claims that BTC was stolen from a cold wallet.

  Amount of loss: 1,750,000 USD Attack method: Cold wallet stolen

• 2015-01-09

  Hacked target: Bitstamp

  Description of the event: Bitstamp reported that multiple operating wallets were damaged, resulting in the loss of 19,000 bitcoins. The company was hacked by multiple phishing attacks in the months before the attack. An employee downloaded a malicious file that allowed an attacker to access the password of the company's hot wallet and the server including the wallet.dat file.

  Amount of loss: 19,000 BTC Attack method: Phishing

• 2014-08-15

  Hacked target: BTER

  Description of the event: Managed server was attacked.

  Amount of loss: 1,650,000 USD Attack method: Managed server was attacked

• 2014-07-14

  Hacked target: MintPal

  Description of the event: MintPal announce that the attacker stole 8 million VeriCoins ($1.8 million) from the company's hot wallet. The attacker exploited a vulnerability in its system that allowed them to bypass the security controls to withdraw funds.

  Amount of loss: 1,800,000 USD Attack method: Unknown

• 2014-03-04

  Hacked target: Poloniex

  Description of the event: Digital currency exchange Poloniex, which trades bitcoin and other popular digital currencies such as litecoin, namecoin and dogecoin, has lost 12.3% of its total bitcoin supply in an attack. The exchange took to Bitcoin Forum on 4th March to report it had been compromised by a previously unknown vulnerability in its coding.

  Amount of loss: 97 BTC Attack method: Unknown

• 2014-02-24

  Hacked target: Mt. Gox

  Description of the event: The first one happened in June 2011 when the hacker was able to get ahold of Mt.Gox’s auditor’s credentials and transferred 2609 bitcoins to an address for which Mt. Gox had no keys. This led to the suspension of Mt. Gox operations for several days; but they sustained themselves in the market, and they were able to regain the trust of users. On 24 February 2014, the exchange suspended all trading and the website went offline. That same week, a leaked corporate document claimed that hackers had raided that Mt. Gox exchange and stole 744,408 bitcoins belonging to Mt. Gox customers, as well as an additional 100,000 bitcoins belonging to the company, resulting in the exchange being declared to be insolvent.

  Amount of loss: 850,000 BTC Attack method: Unknown

• 2014-02-07

  Hacked target: MtGox

  Description of the event: MtGox was hacked. Losses totalled 850,000 BTC, worth $470m at the time.

  Amount of loss: 850,000 BTC Attack method: Unknown

• 2012-09-05

  Hacked target: Bitfloor

  Description of the event: Bitfloor, the fourth largest exchange dealing in US dollars, has just announced[1]that it has been hacked, and the service has taken a loss of 24,000 BTC, worth about $250,000 at the time of the theft.

  Amount of loss: 24,000 BTC Attack method: Unknown

• 2012-05-14

  Hacked target: Bitcoinica

  Description of the event: Bitcoinica was hacked twice in 2012. Hackers stole a total of 61,000 BTC, leading to the bankruptcy of Bitcoinica.

  Amount of loss: 61,000 BTC Attack method: Unknown