The biggest attacks in crypto and what went wrong
Byline | Hannah Parker
Following the attack on the Nomad Bridge, many cryptocurrency platforms are tightening their security systems to avoid falling prey to hackers. The Nomad Bridge is the largest attack on a cryptocurrency bridge to date, but it’s not the first cryptocurrency hack the industry has seen. The largest attacks have been a result of staffing shortages, compromised security, and the use of hot wallets. The
1. Mt. Gox
Over $850k worth of Bitcoin was stolen from Mt. Gox between 2011 and 2014, a massive amount that keeps it the biggest cryptocurrency theft in the history of the industry. According to Mt. Gox, a flaw that led to the loss, was brought on by the transaction malleability problem.
Mt. Gox’s private keys were found to have been stolen in September 2011, and the company failed to utilize any auditing procedures to identify the incident. Additionally, because Mt. Gox often reused Bitcoin addresses, the stolen set of keys was utilized to steal fresh deposits, and by mid-2013, the exchange had lost approximately $630k in Bitcoin.
The web-hosting service company was popular amongst Bitcoin exchanges and Bitcoin as a platform to store their hot wallets. In June of 2011, the platform was hacked, and the hot wallets of the platform were infiltrated. This led to the loss of at least $46k in cryptocurrency, but the precise amount has not been disclosed.
In 2016, Bitfinex saw 119,756 Bitcoin stolen despite the use of multisig security measures. The crypto trading and storage firm had teamed up with BitGo in order to serve as a third-party escrow for customer withdrawals. The platform had also opted against using cold wallets to qualify for a legal exemption from the Commodities and Exchange Act.
$530 million USD worth of cryptocurrency tokens (NEM ($XEM) tokens) were stolen from Japan-based Coincheck in January 2018. Despite investigations into the attack, it is still unknown who the Japanese hackers are that penetrated the security system.
After the attack, Coincheck confirmed that there was limited personnel working at the time, allowing hackers to access their system. With a staff shortage and systems effectively compromised because funds were held mainly in hot (online) wallets, the hackers were able to gain access to the firm and customer’s funds.
In May 2012, BitFloor was attacked leading to the loss of $24k worth of Bitcoin. During the attack, the hacker was able to access an unencrypted backup of wallet keys and took cryptocurrency worth around $250,000 in total. Like Mt. Gox, the attack resulted in the exchange shutting down and suspending all services permanently.
In September of 2020, the loss of significant amounts of Ethereum (ETH), Bitcoin (BTC), Litecoin (LTC), Ripple (XRP), Stellar Lumens (XLM), Tron (TRX), and Tether (USDT) was revealed by KuCoin.
According to the exchange, the attack caused the loss of $275 million USD worth of cryptocurrency, stolen by Lazarus Outfit, a North Korean cyber group. Unlike most other attacks, the exchange was able to reclaim almost $240 million USD in payments.
7. Wormhole (bridge)
The fourth-largest attack in DeFi history
occurred when an assault on Wormhole scammed users of an estimated $328
million. According to a preliminary investigation by blockchain-auditing firm
CertiK, the attacker created 120,000 wrapped Ethereum (wETH) for themselves by
abusing a mint function on the Solana side of the Wormhole bridge to claim ETH
that was kept on the Ethereum side of the bridge.
To avoid being vulnerable to cryptocurrency attacks, make sure you are practising safe cyber security with your own trading. There are protocols and platforms such as Bit Index AI that allow you to trade easily and safely, but it’s also important to put your own security measures in place for peace of mind and safe storage while holding cryptocurrency.