Crypto Hacks and What We Can Learn From Them
Each cyberattack on a cryptocurrency exchange yields important insights that help secure the crypto ecosystem of the future.
Updated August 15, 2021 • 6 min read
Cryptocurrency exchanges allow you to buy, sell, exchange, and store cryptocurrencies, and are the primary gateway for most investors who are looking to explore emerging digital asset classes. However, as the popularity and value of many cryptocurrencies has grown, crypto exchanges have increasingly been targeted by hackers, and many have fallen victim to malicious attacks on user funds.
Crypto Hacks Are Lucrative
Cryptocurrency exchanges allow you to buy, sell, exchange, and store cryptocurrencies, and are the primary gateway for most investors looking to engage with digital assets. Reputable exchanges are a core element of the fast-growing digital asset sector and contribute greatly to the development and growth of the blockchain industry. However, as the value of cryptocurrency grows, so do the risks posed by malicious actors looking to capitalize on the industry’s development.
Because many crypto exchanges store users’ assets and public and private keys in some form, many criminals and hackers now see these businesses as lucrative targets — targets that yield a substantial windfall if compromised. Numerous exchanges have been hacked at some point in their existence. Each successful attack damages the credibility of the target, and worse — they hurt investors’ bottom line. However, these attacks have also yielded important insights that have contributed to thoughtful industry regulations and better protective measures to secure the crypto ecosystem of the future.
With that said, let’s take a look at some of the biggest crypto exchange hacks that have occurred in the past — and what these events can teach us about cybersecurity issues surrounding crypto adoption.
Early Bitcoin Exchange Hacks
In the early days of Bitcoin, many crypto exchanges were operated by an individual or small team that didn’t have the funds or the technical expertise to develop sufficient security measures. Because Bitcoin was brand-new, exchange founders had not yet fully grasped the security threats they would soon face, nor were regulators aware of the problems to come.
Bitfloor: The Bitfloor hack highlighted the risks inherent in storing unencrypted user credentials on a server. By 2012, Bitfloor was one of the largest bitcoin exchanges in the U.S. While the company encrypted the wallet keys used for conducting transactions, it also kept an unencrypted backup of these keys on its server. In September 2012, a hacker successfully compromised Bitfloor’s servers and stole 24,000 bitcoin (BTC) — worth $250 million USD at the time. As a result, the owner of the exchange halted operations and reported the theft to the FBI. The company made a valiant effort to rectify the hack and eventually managed to refund most of its users in U.S. dollars. However, this incident severely diminished the exchange’s reserves, and shortly thereafter, Bitfloor shut its doors forever.
Mt. Gox: The historic scale of the Mt. Gox hack presented a near-existential threat to Bitcoin, and consequently remains one of the most infamous crypto exchange hacks to this day. At its peak, Mt. Gox was the largest crypto exchange on the planet, and accounted for over 70% of bitcoin transactions worldwide. As it grew into the largest bitcoin exchange in the world, Mt. Gox experienced a series of concerning cybersecurity issues. In 2011, hackers used stolen credentials to transfer bitcoin. That same year, deficiencies in the website’s network protocols resulted in the loss of several thousand bitcoin after they were sent to invalid addresses. Later, hackers were able to gain access to Mt. Gox’s systems to change the price of bitcoin on the website to one cent, which resulted in an explosion of fraudulent bitcoin buying before the issue was resolved.
The final blow, however, occurred in February 2014, when hackers stole 740,000 bitcoin from Mt. Gox customers and 100,000 bitcoin from the company itself, which was valued at roughly $460 million at the time. As a result of this hack, Mt. Gox. immediately suspended operations and filed for bankruptcy protection in Japan, where the exchange was based. The Mt. Gox hack brought intense regulatory scrutiny to the industry, including from the U.S. Department of Homeland Security, which fined a Mt. Gox subsidiary $5 million for operating without a license in the U.S. The Mt. Gox fiasco resulted in a significant drop in the price of bitcoin, and the fallout made it clear that cryptocurrencies were unlike anything else in the financial world. Existing bankruptcy laws could not adequately manage the fallout, and the lost funds could not be recovered at the time. It took years for Bitcoin and the cryptocurrency industry as a whole to recover from the reputational damage resulting from this event, and led to a major shift in industry focus toward improving enterprise-level security systems.
Bitfinex: After the Mt. Gox hack, Bitfinex became the world’s largest crypto exchange, which in turn made it an enticing target for hackers. In August 2016, hackers found a vulnerability in the way Bitfinex structured its multi-signature user accounts, which led to the unauthorized transfer of 120,000 bitcoin to the hackers’ wallets. Bitfinex was widely criticized for the security vulnerabilities that enabled the hack, as well as the fact that the exchange had no countermeasures in place to flag or halt a fund transfer of that size. However, the exchange managed to pioneer a new way to reimburse users by crediting them with BFX tokens — an IOU of sorts — which were given out at a 1:1 ratio for every dollar stolen. While the tokens were traded for some time on the exchange, Bitfinex halted trading in April 2017 and began allowing holders to cash them in.
More Coins, More Hacks
As the crypto industry expanded to offer a wider spectrum of altcoins and other crypto tokens, hackers had more avenues through which to attack potential targets.
CoinCheck: The CoinCheck hack occurred in January 2018, at the onset of the Initial Coin Offering (ICO) boom. CoinCheck, the leading crypto exchange in Japan at the time, was hacked for $500 million in XEM — the native cryptocurrency of the NEM blockchain. Because these XEM tokens were stored in an internet-connected hot wallet, they were more at risk of theft, which ignited a larger conversation about custody and security. Subsequently, it became common practice for exchanges to partition user funds across compartmentalized systems, or keep the majority of funds in cold wallets, which are much more difficult to compromise than hot wallets.
QuadrigaCX: Although not technically considered a crypto exchange hack, the QuadrigaCX incident vividly highlighted the dangers of centralized crypto custodianship. In December 2018, QuadrigaCX, Canada’s largest crypto exchange, found itself in the spotlight following the sudden and mysterious death of the exchange’s founder, Gerald Cotten. Cotten was allegedly the only person with the cryptographic keys needed to unlock the exchange’s cold wallets, and there were no other fallback mechanisms to access user funds. As a result, $190 million worth of users’ crypto assets were lost forever. Law enforcement later discovered that Cotten had mismanaged user funds. This incident highlighted that cryptocurrencies, at the time, were far from decentralized or secure if the systems designed to secure them relied on a lone individual with no backups or redundancies.
KuCoin: In September 2020, more than $270 million in assorted cryptocurrencies was stolen from the crypto exchange KuCoin. In an official statement, the KuCoin team revealed that the hack resulted from a leak of private keys that granted access to KuCoin’s hot wallets. Ultimately, KuCoin was able to freeze some of the stolen funds with the help of the Tether organization and return $64 million in stolen USDT to users.
Decentralized Exchanges and Crypto Hacks
The development of decentralized exchange (DEX) platforms has presented a paradigm shift in the exchange of digital assets, particularly with regard to security. Decentralized exchanges do not take custody of user funds and operate in accordance with hard-coded rules executed via software protocols. This insulates DEXs from large-scale thefts to an extent, as hackers cannot infiltrate a single centralized wallet or server and steal multiple users’ funds in one fell swoop.
However, because DEXs run on code, hackers have been able to exploit coding flaws in several DEXs in order to steal user funds. In April 2020, $250,000 worth of bitcoin and monero was stolen from the decentralized exchange Bisq when a hacker exploited a flaw in the code running the DEX’s trading services.
The Importance of Cybersecurity
While many people focus on crypto exchanges’ role as an enabler for fast and easy crypto transactions, these exchanges must also take cybersecurity equally seriously in order to establish market confidence. Although no crypto exchange is completely safe from hackers, the most well-regarded, most reputable centralized exchanges are designed with regulatory compliance and security top of mind. However, not all hacks that affect crypto exchanges originate in the exchanges themselves. Hackers regularly deploy an array of social engineering techniques or infiltrate other online platforms to steal user identity data that can be used to access a user’s exchange account.
Although hackers will continue to target weaknesses in exchanges’ crypto custody systems, both law enforcement and crypto exchanges are rapidly developing new ways to mitigate damages and reimburse user losses. This eternal arms race between cybersecurity experts and malicious hackers is ubiquitous across all online ecosystems — and is evident in traditional banking as well as cryptocurrency. As blockchain technology continues to generate unprecedented value, it’s important to choose an exchange that treats cybersecurity as an essential priority.
Cryptopedia does not guarantee the reliability of the Site content and shall not be held liable for any errors, omissions, or inaccuracies. The opinions and views expressed in any Cryptopedia article are solely those of the author(s) and do not reflect the opinions of Gemini or its management. The information provided on the Site is for informational purposes only, and it does not constitute an endorsement of any of the products and services discussed or investment, financial, or trading advice. A qualified professional should be consulted prior to making financial decisions. Please visit our Cryptopedia Site Policy to learn more.
Is this article helpful?