The purpose of this infographic is to visualize the size of large hacks that have occurred in the past as if they all happened today. The hacks included in this infographic extend beyond exchanges, as there were other large entities that experienced hacks, such as marketplaces like Silk Road 2.0. All hacks in this infographic are displayed as if the price of was the same when they occurred, in order to visualize their magnitudes in relation to one another.
The x-axis shows the price of at the time of the hack. The y-axis shows the amount lost in the hack (converted to for hacks). The size of each hack circle was determined by the value of lost using a consistent price, regardless of the actual price at the time.
It is important to note that several of the exchanges (rendered in green) were hacks that did not necessarily involve or exclusively involve .
Mt. Gox
Hack Dates: June 2011, February 2014
Amount Lost: 790,000+
In March 2014, Mt. Gox declared bankruptcy due to a series of hacks and thefts that went unreported for over three years, which were later documented by analyst Kim Nilsson. The final collapse resulted in a crash of in 2014. Below is a summary of all meaningful hacks that occured.
On March 1, 2011, 80,000 were stolen from Mt. Gox’s hot , as thieves were able to make a copy of the .dat file. In May 2011, hackers stole 300,000 temporarily stored on an off-site , which was on an unsecured, publicly accessible network drive. However, shortly after, the thief got nervous and returned the stolen funds with a 1 percent (3,000 ) “keeper’s fee.” In June 2011, a hacker was able to get into Jed McCaleb’s administrator account and manipulate prices, temporarily crashing the market. After the ordeal was over, the hacker managed to steal 2,000 .
In September 2011, a hacker was able to get read-write access to Mt. Gox’s database. The hacker created new accounts on the exchange, inflated user balances and was able to withdraw 77,500 , after which they deleted most of the logs containing evidence of such transactions. In October 2011, a bug in Mark Karpeles’ new software caused 2,609 to be sent to an unspendable null key. The largest hack occurred at some point between September and October 2011 when a hacker was able to obtain a copy of Mt. Gox’s .dat file and stole 630,000 .
Bitcoinica
Hack Date: March 1, 2012
Amount Lost: 43,000 and then another 18,457
Web hosting provider Linode’s servers were hacked, granting access to the stored on pioneering exchange Bitcoinica. The incidents ultimately led to the demise of Bitcoinica.
BitFloor
Hack Date: September 2012
Amount Lost: 24,000
BitFloor was compromised when a hacker was able to access unencrypted backups of the exchange’s wallets and transfer out the coins.
Poloniex
- Hack Date: March 4, 2014
- Amount Lost: 97 BTC
- In March 2014, Poloniex announced that it has been the victim of an attack due to a previously unknown vulnerability in its coding. As a result, the exchange told all of its that it would have their account balances reduced by 12.3 percent.
Bitstamp
Hack Date: January 2015
Amount Lost: 19,000
Hackers were able to access Bitstamp’s hot . As a result of the theft, Bitstamp began to keep 98 percent of its bitcoins in cold storage.
Cryptsy
Hack Date: July 2014
Amount Lost: 13,000
In early 2016, Cryptsy collapsed following the theft of 13,000 (and 30,000 LTC) from ’ wallets.
Bitfinex
Hack Date: August 2016
Amount Lost: 120,000
Attackers were able to exploit a vulnerability in the multisig architecture of Bitfinex and security company BitGo.
QuadrigaCX
Shutdown: January 15, 2019
Amount Lost: Approximately $190 million in , ETH and CAD (at time of publication)
The co-founder of QuadrigaCX died on December 9, 2018, allegedly as the only one with access to the exchange’s keys. Evolving courtroom proceedings have revealed fund mismanagement and potential fraud on the part of the exchange. This has led to calls for greater oversight of exchange operations.
2018’s Cluster of Mishaps in Asia
A cluster of hacks and mismanagement of funds by exchanges in 2018 occurred as the result of minimal and security precautions. Consequently, some exchanges were forced to close operations entirely while others received fines.
Coincheck ()
Hack Date: January 2018
Amount Lost: 523 million NEM
Coinrail (South Korea)
Hack Date: June 2018
Amount Lost: $40 million in various
On July 15, 2018, Coinrail resumed and offered the victims two compensation options: a gradual refund through the purchase of stolen or compensation in Coinrail’s RAIL , which could then be converted into another at an inner rate.
BitHumb (South Korea)
Hack Date: June 2018
Amount Lost: $30 million in various
The successful hack of BitHumb occurred shortly after the exchange updated its security systems following an earlier hack in 2017.
Decentralized Exchanges
Bancor
Hack Date: July 9, 2018
Amount Lost: $23 million (mostly in ETH)
Hackers were able to gain control of a Bancor exchange and transfer out funds.
BitGrail
Hack Date: February 21, 2018
Amount Lost: $170 million in XRB, now NANO
Following this hack, authorities in Florence confiscated all of the from the Italian exchange BitGrail to secure the claim of affected users, and the Nano Foundation promised to assist in the protection of interests and compensation for losses. Users accused the exchange of having lax security.
MyBitcoin
Hack Date: July 2011
Amount Lost: 78,739
Little information was released about the MyBitcoin theft, however, many argue that operator Tom Williams ran it as a scam. The theft resulted in the closure of MyBitcoin, which was once a successful company in the ’s early days.
Bitomat.pl
Hack Date: July 27 2011
Amount Lost: Approximately 17,000
During a server restart, the remote Amazon service that housed Bitomat.pl’s was wiped. No backups were kept and Mt. Gox later bailed Bitomat.pl out. Ultimately, neither exchange nor original owners suffered any loss from the incident.
Evolution Darknet Marketplace
Hack Date: March 2015
Amount Lost: Approximately 44,000
In March 2015, Evolution Marketplace administrators “Kimble” and “Verto” were suspected of unexpectedly shutting down Evolution, a darknet marketplace that appeared after the seizure of Silk Road 2.0, and vanishing from the internet with all user funds.
Silk Road 2.0
Hack Date: February 2014
Amount Lost: Approximately 4,400
Defcon, an administrator at underground marketplace Silk Road 2.0, noticed that funds held for the escrow service were stolen from a hot in February 2014. “Transaction malleability,” an issue with the protocol at the time that also affected some other services, was blamed for the theft, though many suspect it was an inside job.
Published at Fri, 24 May 2019 20:25:58 +0000
