Recent years have seen the rise of cryptocurrencies, with words like “Bitcoin,” “Ethereum”, and “Dogecoin” entering common parlance and appearing as pop-culture references. But the popularity of cryptocurrencies has also seen an exponential rise in crypto exchange hacks.
What is cryptocurrency?
Built on blockchain technology, cryptocurrency is a decentralized—and unregulated—digital currency. Unlike official, regulated currencies that are issued by governments, any member of the public has the ability to create, issue, and trade crypto. Because of this, there are many different crypto “currencies.” Some of the most well-known cryptocurrencies include Bitcoin, Ethereum, Tether, Cardano, and Dogecoin.
Theoretically, it is possible to use crypto like ordinary currency. However, this type of use is still developing, and few major retailers currently accept crypto payments.
However, crypto’s decentralized nature makes it vulnerable to a range of issues. For example, the advent of crypto trading has resulted in traders treating cryptocurrency with the same speculation that investors treat stocks, trading it on the premise that its value will increase (or decrease). Perhaps more significantly, malicious actors can take advantage of this decentralization to perpetrate crypto exchange hacks or crypto trading hacks.
Types of cryptocurrency hacks
In 2022, cryptocurrency hacks stole a total of $3.8 billion across several exchanges, up from $3.3 billion in 2021. This was despite the fact that many cryptocurrencies declined during the year, largely as a result of failing confidence and the attacks.
There are several types of cryptocurrency hacks, and understanding the differences between them can help owners and traders keep their money safe. These are the three most common crypto crimes to know about.
Bridge attacks
As might be inferred from the name, a bridge attack is a type of crypto trading hack where cybercriminals target currency as it is being transferred between different blockchains. Because each crypto coin exists on its own blockchain, moving these from one blockchain to another—for example, from Ethereum to Dogecoin—involves a transfer protocol known as cross-chain bridges. Although these are crucial to maintaining the crypto landscape, they are easy for hackers to target, for example, by inserting bugs into the bridge code or using cryptographic keys.
Wallet hacks
Crypto owners use wallets to store, manage, and transfer their cryptocurrency. There are different types of wallets—cold or hot—and because hot wallets are always connected to the internet, they are vulnerable to crypto exchange hacks. It is possible for cybercriminals to exploit network vulnerabilities to break into a crypto wallet and steal whatever currency it contains.
Exchange hacks
Some crypto owners choose to manage their cryptocurrency with coin exchanges, which are, in essence, online platforms which allow users to trade or store their coins. Because exchanges usually hold huge stores of cryptocurrency, they are major targets for crypto exchange hacks. Hackers deploy different types of attacks—such as phishing and social engineering—to steal coins that are stored in the exchange’s hot wallets.
How cryptocurrency hacks happen
Hackers employ numerous means to perpetrate cryptocurrency hacks. Understanding how these work can help owners and traders keep their money safe. Here are the top three to understand.
- Phishing: One of the most common types of digital attacks, this involves malicious actors sending emails that lure crypto owners into divulging sensitive information or downloading malware which could allow the hacker to access their crypto wallet and steal their coins.
- Malicious code: Because cryptocurrencies and the software that facilitates them are all built on code, they could contain vulnerabilities that hackers can exploit. They can manipulate the code at any weak point of the crypto infrastructure to enact crypto exchange hacks to bridge attacks, for example.
- Key theft: Crypto wallets and exchanges require owners to use keys to access their coins, and if cybercriminals manage to steal these keys, they can easily execute cryptocurrency hacks.
8 crypto exchange hacks to know
As cryptocurrencies have become increasingly popular, the number of crypto exchange hacks has risen in tandem. The biggest attacks—such as the FTX hack—have resulted in millions of dollars being stolen, the shutdown of the exchanges in question, and, in some cases, even legal ramifications for the exchange owners. For some trading platforms and wallets, like Stormgain, hacks have yet to become a major issue—though perhaps, it’s only a matter of time. Here are the most infamous cryptocurrency hacks to know.
1. Ronin Network
In March 2022, the largest cryptocurrency hack so far saw a group of cybercriminals—believed to be a North Korean hacking group—break into the game-focused Ronin Network exchange and steal some $615 million in the Ethereum and USDC stablecoin cryptocurrencies. The hackers pulled off the cybercrime by using private keys stolen from owners to withdraw coins, creating a prime example of hacking effected through key thefts.
2. Poly Network
Another major crypto exchange hack, which happened in August 2021, exploited a vulnerability in the Poly Network software to make off with $611 million worth of crypto coins. However, it transpired that the hacker had carried out the attack just to see if it was possible. He eventually returned all the stolen funds.
3. FTX
Carried out in November 2022, the FTX hack is perhaps one of the most notorious. At the time, the exchange was one of the most powerful names in the crypto industry, but on the day it declared bankruptcy, the FTX exchange was hacked and over $600 million was stolen from its wallets. This was the first of two FTX exchange hacks. In January 2023, a hack on the FTX exchange stole coins worth $15 million.
4. Binance
Perhaps the most high-profile of crypto trading hacks, cybercriminals targeted the Binance exchange in October 2022, eventually taking $570 million. To effect the attack, hackers exploited the BSC Token Hub cross-chain bridge to create extra Binance coins, and then take all available coins.
5. Coincheck
Occurring in January 2018 in Tokyo, the Coincheck attack was one of the earlier crypto exchange hacks. The attackers exploited a vulnerability in the exchange’s hot wallet to steal a total of $534 million in NEM coins. Setting a high standard for companies that have suffered crypto exchange hacks, Coincheck used its capital to repay clients who had had funds stolen during the attack.
6. Mt. Gox
This particular exchange has suffered two major attacks, which partly explains why it no longer exists. The first—in 2011, when Mt. Gox handled almost 70% of all crypto transactions—saw attackers steal coins worth about $400,000. But, when the crypto exchange was hacked in 2014—when it handled only about 7% of all available bitcoins—the hackers made off with some $437 million from the platform’s hot wallets. Mt. Gox began liquidation amidst the fallout of the attack.
7. Bitmart
Over $196 million was stolen when hackers attacked the Bitmart exchange in December 2021. The cryptocurrency hack was carried out by using stolen administrator keys to access the coins on the exchange, and then funneling them out through Ethereum and Binance.
8. Nomad Bridge
A prime example of a bridge attack, the Nomad Bridge crypto trading hack saw users lose $190 million when a hacker exploited the platform’s functionality which allowed users to move coins between different blockchains. Only $36 million of the lost funds were eventually recovered.
How to prevent crypto exchange hacks
For anyone that owns or trades cryptocurrencies, it is crucial to protect your bitcoins by taking safety precautions. Although there are numerous measures that can be put into place, the following tips are among the most recommended:
- Get a cold wallet – These store your Bitcoins offline (on hardware) which makes it much harder for hackers to target.
- Use a VPN – Virtual private networks—such as the Kaspersky VPN Secure Connection—encrypts all online traffic, offering an added layer of security against attackers.
- Go on the defense – Protect your devices by using anti-virus software or firewalls and ensuring all software is always up to date.
- Enforce basic password security – Keep your passwords—and crypto wallets—secure by remembering basic tips like regularly updating passwords, creating strong passwords, or using password managers.
- Try multifactor authentication – Requiring several layers of verification to access crypto wallets helps users protect their bitcoins from potential cryptocurrency hacks.
- Be aware of phishing scams – Be wary of any potentially suspicious emails, phone calls, or texts which could be aiming to steal information or install malware, and use the information gained to carry out crypto exchange hacks. Never click any suspicious links or enter information on unsecured or potentially fraudulent sites.
- Secure seed words – Seed words are used to access the information required to cover cryptocurrencies stored on exchanges or in wallets. Losing these could mean permanently losing access to a user’s bitcoin, but if a hacker gains access to seed words, they could steal the bitcoins associated with the account.
Stay alert to cryptocurrency hacks
The FTX hack and its attendant legal drama and media circus—along with the other numerous high-profile cryptocurrency hacks—have demonstrated the need for crypto owners and trades to be aware of possible attacks. Although protecting these assets requires employing basic internet safety measures, such as using anti-virus software, VPNs, and secure passwords—one important safety tip is to use a cold wallet, which is much harder for hackers to target.
Get Kaspersky Premium + 1 YEAR FREE Kaspersky Safe Kids. Kaspersky Premium received five AV-TEST awards for best protection, best performance, fastest VPN, approved parental control for Windows and best rating for parental control Android.
Related Articles and Links:
Related Products and Services: