Crypto Under Attack: The Five Worst Hacks That Shook the Crypto World

Published at: Nov. 4, 2019

In tandem with improvements in technology and security, hackers have started getting more creative with the scams and hacks they carry out. You could be one click away from malware, causing harm to your files and crypto assets.

If you’re on a network that is used by billions of people every day, then I would like to burst the bubble and tell you that no matter what, you are prone to hacking. Hacking is the act of gaining unauthorized access to someone’s system to steal their data and files or corrupt their system. This process is done by repeatedly cracking codes and passwords, eventually giving access to the systems.

Cryptocurrencies were first introduced in 2009 with the launch of Bitcoin (BTC), and since then, many other digital currencies — or altcoins — have also surfaced. Cryptocurrency is an asset that is available on a blockchain-based network and works as a medium of exchange. With their entire presence only existing online, cryptocurrencies are prone to hacking as well, and over the years, we have seen several cryptocurrency hacks and scams take place.

Even though hacking is illegal and of course looked down upon, we can’t ignore the impressive effort, depth of knowledge, courage and level of creativity necessary to pull off such a task. Here is a list of the five greatest hacks of all time.

NiceHash hack, professional attack, $64 million stolen

Slovenian-based Bitcoin mining marketplace, NiceHash, was launched in 2014. In just three years, so-called “cloud mining” — i.e., a web platform where people buy and sell processing power needed to mine Bitcoin — was poorly wounded: A hacker stole approximately 4,700 Bitcoins, which was worth about $64 million at the time of the hack in December 2017, when the leading cryptocurrency’s price was hitting record highs around $20,000 per coin. The platform called the security breach a highly skilled and organized attack that was carried out with sophisticated social engineering.

The damage inflicted by the hacker on the platform was so significant that the exchange suspended all its operations for 24 hours to conduct the investigation. The mining exchange’s official press release statement also recommended its users change their online passwords.

In an effort to save its reputation, NiceHash started a repayment program to return digital currency to those users who had been affected by the infamous hack. Started back in February 2018, the repayment program is still ongoing, and the next, 22nd reimbursement is scheduled for Nov. 4, 2019, meaning that 81% of all stolen funds will have been returned to the platform's users.

Bitpoint exchange hacked, wallet attack, $28 million stolen

In July, cryptocurrency exchange Bitpoint revealed that about 55,000 users became the target of a $27.9 million hack. Bitpoint’s president, Genki Oda, stated that out of the crypto stolen, $19 million belonged to customers, whereas the remaining amount, $8.9 million, was the company holdings.

In the theft, the hot wallets of customers were attacked. Not only this, however, as the hacker also used Bitpoint’s software to steal an additional $2.3 million from overseas exchanges. The stolen funds have not been recovered yet, and the exchange is trying to find the person or group responsible for this theft through an investigation.

Bitpoint received a business improvement order from Japan’s Financial Services Agency in June 2018. The FSA did this to make sure that the exchange upgrade its system to secure the funds and also to match up with the FSA's Anti-Money Laundering and Know Your Customer requirements.

The exchange has a total userbase of 110,000, and theft on half of them raises questions regarding security levels of the exchange.

Bittrex delists Bitcoin Gold, series of hacks, $18 million lost

Launched in 2013, Bittrex is a United States-based cryptocurrency exchange with a team of 49 members. Recently, the exchange decided to delist Bitcoin Gold (BTG) from its platform after a hack.

A series of hacking attacks on the exchange led to the loss of over $18 million in funds from the exchange. Back in May 2018, hackers took control of more than 51% of the overall hash power of Bitcoin Gold, more than 388,000 BTG.

A method called “double-spending” was used by hackers to trick the exchange into transferring double the amount of coins than needed. The exact amount of Bitcoin Gold stolen from Bittrex was not mentioned, but Bittrex had reportedly requested more than 12,000 BTG (worth around $255,000) as a compensation from Bitcoin Gold.

These hacks have damaged the reputation of Bitcoin Gold: Earlier, BTG worth $3.3 million was stolen after hackers tricked users into downloading a fake wallet. These hacks have declined BTG's rank in the crypto market, as it is currently ranked 43rd, according to Coin360.

Apple macOS hack, corporation hack, malware attack

North Korea is known for its notorious acts, as it continues to exploit the crypto market with illegal activities and constant attempts of hacking various systems. In recent news, hackers sponsored by North Korea, disguised under the so-called Lazarus Group, tried to hack into Macs via fake cryptocurrency software.

The U.S. government and numerous other cybersecurity companies have claimed that the Lazarus Group is an organization sponsored by North Korea. The group tried to hack Apple's macOS by creating a fake company with an official website and wrote an open-source code for a cryptocurrency trading app that was uploaded on GitHub.

Within this code was a piece of malware that, when downloaded, would attack Apple computers and give the hacker access to do anything on the system. According to a United Nations report, North Korea has made about $2 billion by hacking various traditional exchanges and banks.

Apple products are known for their security and functionality, and the company even claims that Apple products cannot be hacked or manipulated.

The infamous Mt. Gox hack, $460 million stolen

Mt. Gox, was leading the crypto exchange market in 2013, with over 70% of the world’s Bitcoin exchanges taking place on its platform. Mt. Gox was first struck was in 2011, when 80,000 BTC was stolen from the exchange’s founder, Jeb McCaleb, who was in the process of selling the exchange to Mark Karpeles. Shortly after, a hacker was able to get into McCaleb’s account, which still had admin access,  and artificially dropped the price of Bitcoin from around $17 to just about $0.01, allowing for about 2,000 BTC to be bought and transferred out of the exchange before the attack was noticed and resolved.

The most significant attack, however, occurred over a number of years — 2011 to 2014, when it finally came to light that the exchanges cold wallets were virtually empty. During that time, 850,000 Bitcoins were stolen from the exchange, 750,000 Bitcoins of which were owned by users, while the rest were the exchange’s. The value of the stolen Bitcoins at the time was $460 million, making it the most significant amount of Bitcoins ever stolen.

Mark Karpeles, who was the head of Mt. Gox, went on trial in Japan. After such a colossal failure of Mt. Gox as a crypto exchange platform, the rules and regulations related to cryptocurrencies were changed in the country.

In 2014, Mt. Gox was forced to file for bankruptcy and was forced to shutdown.

During the investigation, 200,000 Bitcoin were discovered, but these Bitcoin have not yet been distributed among users as compensation.

There is a lot of complexity with Mt Gox, so it is hard to cover it in only 3-4 paragraphs.

Conclusion

Cryptocurrency assets are a modern form of investments by many people, as they have moved from traditional investments like real estate and gold. But with the ease of online transactions comes the risk of getting attacked by hackers and malware. It is essential to use proper software that provide two-factor authentication service, such as Google Authenticator, and other services like email verification or IP address tracking.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Heena Vinayak is the founder of KillerLaunch.com, a company that helps startups and companies find catchy, killer domain names. They offer domain broker services to corporations as well as early stage companies to hand pick catchy domain names. Heena and her company became interested in the cryptocurrency space in 2017.

Tags
Related Posts
Defending Bitcoin’s Integrity in the Great Twitter Hack
Bitcoin (BTC) has made global headlines again because of the recent Twitter hack, but this time, we need to work harder to protect Bitcoin’s integrity and the progress the industry has made. The coordinated social engineering attack compromised the Twitter accounts of high-profile figures and organizations like Microsoft co-founder Bill Gates, Tesla founder Elon Musk, Amazon owner Jeff Bezos, former United States President Barack Obama and 2020 U.S. presidential candidate Joe Biden, among many others, to ask for Bitcoin in fake “giveaway” posts. When the story broke, the New York Times, BBC and other mainstream media outlets were quick to …
Decentralization / July 22, 2020
Twitter Wouldn’t Be Hacked if It Were Backed by Blockchain Technology
Murphy’s law states: “Anything that can go wrong will go wrong.” It always happens with centralized services. A year ago, we saw how half a million Facebook accounts were leaked online, exposing personal data. We will see it many times more with other services. The recent Twitter hack underscores this once again. The accounts of Elon Musk, Bill Gates, Jeff Bezos, Kanye West, Kim Kardashian, Mike Bloomberg, Joe Biden, Barack Obama, among others, were hacked to push a fraudulent offer with Bitcoin (BTC). Writing for the BBC, cybersecurity commentator Joe Tidy opined: “The fact that so many different users have …
Decentralization / July 18, 2020
Indian prime minister Modi's hacked Twitter account attempts BTC scam
The official Twitter account of Indian Prime Minister Narendra Modi got compromised earlier today, which was then used to share misleading information about the mainstream adoption of Bitcoin (BTC) and redistribution of 500 BTC among the Indian citizens. On Dec. 10, Modi said in a virtual event virtual summit hosted by US President Joe Biden that technologies such as cryptocurrencies should be used to empower democracy and not undermine it: “By working together, democracies can meet the aspirations of our citizens and celebrate the democratic spirit of humanity.” While the long-awaited Lok Sabha Winter Session, a parliamentary meetup intended to …
Adoption / Dec. 12, 2021
‘There are over $100 billion lost in crypto,’ says KeychainX CEO
With the growing number of wallets, blockchains and users the industry sees every month, the question of security becomes a top priority for the users. We talked to Robert Rhodin, the CEO of a crypto wallet recovery service KeychainX, about an unexpected discovery that became the solution crypto wallet users had been starving for. Tell us about Keychainx. When and why did you decide to launch the company and what kind of services do you provide? It started in 2017 when a friend's Ledger stopped working and they asked me to help them recover 150 ETH. After going through different …
Blockchain / Dec. 27, 2021
Needed: A massive education project to fight hacks and scams
The common narrative around the prevailing threats to mainstream adoption of cryptocurrencies is that regulators will put the kibosh on their legality, it has to get much easier for “ordinary” people to use, and the magnitude of its volatility has to be tempered. All of these are true. But there’s something perhaps just as consequential: scams, hacks, fraudulent exchanges, dumps and the like. Why? Every attack leaves a scar. And the scars are mounting fast. According to a study by Chainalysis, scammers got away with $14 billion worth of crypto in 2021, which represents hundreds of thousands — maybe millions …
Technology / May 21, 2022