Cryptocurrencies are very secure, but the technology that stores and exchanges coins is a weak spot and vulnerable to attack. Hackers often target centralized exchanges and leave with millions, others find flaws in the programming that facilitates the storage of cryptos and manipulate them.

These are the worst cryptocurrency hacks so far. Their ranking from #9 – #1 is based on the amount in USD that was stolen at the time of the hack. It does not cover scams.

9. Tether Token ($30 Million) November 2017

Precisely 30,950,010 USDT was stolen from a Tether treasury market and sent to an anonymous bitcoin address. Tether marked the tokens to prevent them from being used by the hackers. In December, Tether decided to follow in similar footsteps to Ethereum and the DAO hack. They performed a hard fork to invalidate the stolen funds.

While this helped prevent the hacker from using the stolen tokens, it also communicated issues with centralized authorities exercising power over a supposedly decentralized system.  

8. Coinrail ($40 Million) June 2018

Very recently, a Korean based cryptocurrency exchanged experienced a hack that resulted in the theft of various altcoins. A majority of the stolen coins have been frozen to help the investigations, and Coinrail has moved its assets to cold storage while it attempts to figure out how the hack happened.

7. The DAO ($60 Million) June 2016

The DAO hack occurred on the Ethereum blockchain when a hacker exploited a weakness in a smart contract. A DAO is a decentralized autonomous organization. Essentially, those who invest in a DAO can pitch projects to complete using the funds invested into the DAO. DAOs stay autonomous by functioning through smart contracts on the blockchain. A hacker found a way to release the funds into his account and drained off $60 million worth of ether.

Ultimately, to the anger of several crypto purists who see the blockchain as genuinely immutable, the Ethereum community agreed to perform a hard fork to retrieve the funds. The purists who disagreed with the fork stayed with the original blockchain that is now known as Ethereum Classic.

6. NiceHash ($62 Million) December 2017

This hack was a bit different than the others because NiceHash is not an exchange, but rather a sourcing platform for computer hashing. Users pay to source hashing power from various individuals allowing them to mine without buying mining rigs. A hacker hijacked logins from an employee, broken into the system, and started draining funds from users accounts.

Following the hack, NiceHash plans on reimbursing 100 percent of the stolen funds through a payment plan. The repayment began in February 2018.

5. BitFinex ($77 Million) August 2017

While this hack is only number five on the list, keep in mind that the total value comes from bitcoin’s price at the time of the hack. Hackers stole 119,756 bitcoin during this attack. At the current value of bitcoin, that is over $730 million at the time of writing this.  

Bitfinex used multi-signatures that are intended to increase security. Somehow, the security feature was compromised resulting in a massive theft of bitcoin from the exchanges. Bitfinex decided to drain everyone’s wallets by 36 percent to even out the damage from the hacks. Bitfinex issued Tokens that could be traded or sold and have since been recollected.

4. Parity Wallets Suicides ($160 Million) November 2017

This is a strange one. A user, not really a hacker, found a weakness in the smart contracts that governed the Parity Wallets. He was able to exploit a fault in the code and make himself the owner of these wallets. He then deleted code in the smart contract that caused the wallets to self-destruct, locking the funds in them indefinitely. The total from the hack was 513,774.16 Ether. Parity has since updated the wallets to ensure that this fault can’t happen again.

3. Bitgrail Theft ($170 Million) February 2018

Recently, the Italian cryptocurrency exchange, Bitgrail, was hit by an apparent “hack” for 17 million Nano tokens. There has been suspicion around this hack in that it appears several transactions resulting in mismanaged funds were lumped into the total stolen sum.

There was also a concern when the founder, Francesco Firano, asked developers to fork the blockchain from before the hack. The developers declined to follow through with the request and brought up points of concern dealing with Firano’s possibly mismanaging the exchange. Either way, $170 million in crypto is gone.

2. Coincheck ($400 Million) Jan 2018

The Coincheck hack seems to be more an embarrassing blunder than a complicated heist. Hackers were able to steal over $400 million in NEO from the exchange because of weak security. Coincheck lacked multi-sig security and left users’ cryptocurrency stored in hot wallets instead of the safer, cold wallet.

All it took was for hackers to successfully launch a phishing attack where they collected the necessary information to breach security from emails clicked on by employees. Once the malware was installed, it was only a matter of time before the hackers had what they needed to breach the security. As of March, Coincheck was reimbursing users for the stolen tokens.

1. Mt. Gox Hack ($450 Million) February 2014

The most notorious hack of all time occurred back when bitcoin was still relatively new. In 2014, it was revealed that Mt. Gox had been subjected to hackers slowly siphoning bitcoin out of the exchange to the tune of 850,000 BTC. While that was $450 million worth of BTC in 2014, it would be worth $5 billion at today’s value.

News of the hack resulted in the bankruptcy of Mt. Gox and the eventual imprisonment of its owner, for embezzlement charges. However, in 2017, a suspected hacker was arrested and charged with crimes relating to the actual hacking of Mt. Gox.

Most of the funds have not been recovered, but currently, Mt. Gox’s bankruptcy is tied up in Japanese courts. If proceedings play out, the frozen assets could be returned to investors to help recuperate some of the losses.

Protect Your Investment

Understanding how hackers can steal from users will successfully helps you keep your investment safe. Cryptocurrencies are mostly unregulated, and their complexity makes them an easy target for those who aren’t fully aware of the dangers of not taking the necessary measures to protect their investment. Take caution when moving your crypto on and off an exchange, and make sure you use the necessary precautions to keep your coins safe.


About the Author

Rocky (aka @CryptoHustle) is a cryptocurrency analyst, strategic consultant, educator, position trader and investor. He started his journey learning about Bitcoin in 2013 and later dropped everything to focus on it full-time. He’s been a senior mentor for Skill Incubator since 2015 and has trained thousands of people in navigating the crypto space.