Top 5 Biggest Crypto Heist in History
Over $2 Billion in cryptocurrency has been hacked to date. Here are the biggest crypto heist in history:
Ronin Network, meticulously crafted by Sky Mavis for the epic play-to-earn game Axie Infinity, is where players can score the coveted in-game currency, Smooth Love Potion (SLP).
Now, in a breathtaking twist in late March 2022, audacious attackers managed to snatch a staggering $540 million worth of cryptocurrency (173,600 ether and 25.5 million USDC) from Ronin. This daring heist involved spyware and a touch of social engineering wizardry.
The target? None other than the brilliant minds at Sky Mavis. One of their employees, likely enticed through LinkedIn, took the bait. After passing a mysterious "selection process," a senior engineer received a seemingly promising "job offer" in the guise of an innocent PDF file. However, hidden within that file lay spyware.
This covert spyware granted the attackers control over four of the network's private validator keys. But, the plot thickens. To access the company's treasures, they needed at least five out of nine validators. The fifth key? It was inadvertently granted by the company itself. They had initially authorized Axie DAO (a decentralized autonomous organization) to approve transactions, but forgot to revoke this permission.
Now, fast forward to the grand finale: Sky Mavis, our resilient hero, quickly rebounded. By June 2022, they dusted off the setbacks, relaunched their blockchain platform, and began compensating the affected players. It's a tale of intrigue, resilience, and redemption in the ever-evolving world of crypto adventures.
In 2018, cybercriminals pulled off a heist at Coincheck, one of Japan's largest crypto exchanges. They swiped more than 500 million NEM tokens, equivalent to a staggering sum in dollars.
Coincheck initially claimed their security was top-notch but remained tight-lipped about the details of the attack. Experts suspected that the thieves gained access to Coincheck's hot wallets by deploying malware on a company computer.
The attackers didn't stop there. They created a fake website offering NEM tokens at a 15% discount, causing the NEM exchange rate to plummet. Coincheck suffered losses of approximately $500 million, but remarkably, they didn't shut down.
The culprits managed to evade capture, leaving the exchange to temporarily suspend its operations. Coincheck, showing resilience, promised to compensate its clients with its own funds.
The tale of Mt.Gox dates back to 2007 when it was all about trading Magic: The Gathering cards. Fast forward to 2010, and with cryptocurrencies on the rise, US programmer Jed McCaleb decided to pivot it into a crypto exchange. But in 2011, he passed the baton to French developer Mark Karpelès.
The exchange skyrocketed, handling a staggering 70% of the world's bitcoin in just two years. But then, disaster struck. On February 7, 2014, Mt.Gox abruptly halted all bitcoin withdrawals, citing technical woes. Angry customers rallied outside its Tokyo headquarters, demanding their lost funds, but their cries fell on deaf ears.
What makes this story truly jaw-dropping is that the Mt.Gox heist started back in 2011. Crafty hackers seized private keys to a hot wallet and began stealthily draining bitcoin from it. By 2013, they had siphoned off a whopping 630,000 BTC.
Mt.Gox's tumultuous journey concluded on February 28, 2014, when Karpelès declared it bankrupt, apologizing for the "system's weaknesses." A total of around 750,000 BTC from customers and 100,000 BTC of its own had vanished into thin air. The estimated loss is about $480 million, but it's a hazy figure due to the Bitcoin price rollercoaster. If you take it from the closing date on February 6, the loss could be closer to $660 million. Yet, these numbers are elusive since the heist stretched over three years with Bitcoin's value fluctuating wildly.
Now, the burning question: How did this happen? Former employees revealed that the management had been rather careless. Financial reporting was a mess, security audits were absent, and even basic version control was neglected.
Prosecutors came after Karpelès, accusing him of embezzling about $3 million in clients' funds. However, he slipped away with a two-year, six-month suspended sentence for data manipulation and was acquitted of other charges. The Mt.Gox saga, a rollercoaster of highs and lows, remains an enigmatic chapter in the world of cryptocurrency.
Wormhole, a nifty tool that mediates for cryptocurrency transactions between Ethereum and Solana networks was hacked for $334 Million Dollars. Wormhole works by freezing tokens in one chain, and in the other, "wrapped tokens" of equivalent value appear.
Now, Wormhole, being open-source, had its code out there on GitHub. Just before the heist, developers posted a fix for a pesky vulnerability in the protocol. But, in a twist, the attackers pounced right before the fix took hold.
This glitch acted like a secret backdoor, letting them waltz past Solana's transaction checks and create 120,000 "wrapped ETH" (a cool $334 million) without locking up the equivalent on the Ethereum side. They shuffled two-thirds of the loot into an Ethereum wallet and splurged the rest on various tokens.
Wormhole even tried some reverse psychology, publicly asking the culprits to return the funds and spill the beans for a tempting $10 million reward. But the cybercriminals gave that offer a hard pass.
The day after the heist, Wormhole tweeted the magic words. All funds were back in their rightful place, and the bridge was back in action. The hole in their pocket was neatly stitched up, all thanks to Jump Trading, the company that had acquired Wormhole's developer six months before this high-stakes caper. As for the thieves, well, they remain the elusive enigmas of the crypto realm.
In the shadows of the night, during the September of 2020, security agents over at Singapore's KuCoin were jolted awake. Their screens lit up with abnormal transactions sprouting from the once-secure hot wallets. Swift as lightning, they executed a daring maneuver - whisking all remaining assets away from the compromised hot wallets, locking them safely in cold storage. The entire high-stakes operation played out in a mere two-hour window.
But here's where it gets riveting: in that brief span, wily attackers managed to make off with a staggering $285 million, spread across various cryptocurrencies.
Specifically, the stolen funds included:
- 1,008 BTC ($10,758,404.86)
- 11,543 ETH ($4,030,957.90)
- 19,834,042 USDT-ETH ($19,834,042.14)
- 18,495,798 XRP ($4,254,547.54)
- 26,733 LTC ($1,238,539.89)
- 999,160 USDT ($999,160)
- $147M worth of ERC-20 tokens
- $87M of Stellar tokens
The post-incident investigation unearthed a startling revelation. The cybercriminals had infiltrated the hot wallets, successfully swiping the private keys.
Leading the list of culprits is the notorious Lazarus Group, a North Korean APT cybergang. The proof was in their crafty modus operandi, involving a multi-stage algorithm to cleanse their ill-gotten gains. It mirrored schemes seen in previous Lazarus Group hacks. First, they ran the crypto through a tumbler, a clever tool for mixing funds to obscure their tracks. Then, they funneled the cryptocurrency through decentralized platforms.
In the unpredictable world of crypto, even a caper of this magnitude didn't bring KuCoin to its knees. Just one day after the theft, KuCoin's tenacious CEO, Johnny Lyu, took to the digital stage. In a live-streamed promise, he pledged to make amends and return the stolen funds. Lyu held true to his word, and by November 2020, he proudly tweeted that 84% of the assets had been reclaimed by their rightful owners. As for the remaining 16%, they found sanctuary in KuCoin's trusty insurance fund. A true testament to resilience in the face of crypto adversity.
There are generally best practices to protect your cryptocurrency as a user, and here are the top tips
- Move your cryptocurrency away from exchanges. Exchanges custody your wallet similar to a bank. This means that effectively you do not own your cryptocurrency.
- Use a Cold Wallet similar to Xellar Card, where you can move your private key away from the phone and into a place away from hackers
- Use apps like Failsafe that help use smart contracts to move your funds prior to being stolen