{"id":1258,"date":"2019-10-18T04:26:31","date_gmt":"2019-10-17T20:26:31","guid":{"rendered":"https:\/\/www.btse.com\/blog\/?p=1258"},"modified":"2023-03-07T10:46:51","modified_gmt":"2023-03-07T10:46:51","slug":"greatest-crypto-exchange-heists-of-all-time","status":"publish","type":"post","link":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/","title":{"rendered":"The Greatest Crypto Exchange Heists of All Time"},"content":{"rendered":"
Present a motivated attacker with a bounty lucrative enough, and they will find their way through even the most robust of systems. Prolific data breaches hitting everything from financial institutions like Equifax, to social media companies like Facebook, are proof of this. In the digital age, data is a powerful commodity.<\/div>\n

This is particularly true for cryptocurrencies. A private key \u2013 a single string of hexadecimal characters \u2013 can provide the holder with unrestrained access to highly liquid and highly portable digital money that can be moved around the globe in relative stealth. As such, cryptocurrency exchanges, which hold hugely valuable private keys, are often an attractive target for malicious actors.<\/p>\n

Unsurprisingly, these actors have been responsible for a number of breaches in recent years. Below, we\u2019ll explore some of the most prolific events.<\/p>\n

 <\/p>\n

Mt. Gox (2014)<\/strong><\/h2>\n

Mt. Gox is a notorious name in the Bitcoin space, and it will likely be remembered for decades to come as the victim of one of the most prolific exchange hacks of all time, if only for its impact on the wider space. At the time of its breach, Mt. Gox was responsible for over 70% of the transactions occurring on the network.<\/p>\n

Though it isn\u2019t entirely clear how the attackers gained access (it\u2019s speculated that they siphoned funds from hot wallets), it was revealed that their staggering take of ~850,000 Bitcoins had begun as early as 2011.<\/p>\n

200,000 were later recovered, but the remaining 600,000+ have yet to be accounted for.<\/p>\n

As a result of the hack, the Bitcoin price dipped by over 30%.<\/p>\n

 <\/p>\n

CoinCheck (2018)<\/strong><\/h2>\n

Cryptocurrency enthusiasts may remember the CoinCheck hack in January of last year, which \u2013 in terms of dollar value at the time \u2013 remains the biggest exchange breach to date.<\/p>\n

In this instance, those responsible targeted the exchange\u2019s NEM holdings (via malware emailed to unsuspecting employees). The critical flaw here was that CoinCheck relied on a single hot wallet to store the token <\/strong>\u2013 a major faux pas, as these are inherently more vulnerable than cold wallets.<\/p>\n

It was later revealed that the hackers had escaped with ~500 million NEM tokens, worth approximately $530m at the time. The funds were distributed into a series of wallets, which are visible to this day.<\/p>\n

 <\/p>\n

Bitstamp (2015)<\/strong><\/h2>\n

Much like the aforementioned CoinCheck incident, the breaching of Bitstamp in 2015 targeted employees as an entry point into the exchange, with a phishing campaign carried out via Skype and email.<\/p>\n

Once the payload had made its way onto the exchange\u2019s servers, the attackers gained access to the hot wallet file and were able to make off with an estimated 19,000 BTC (worth approximately $5m at the time).<\/p>\n

 <\/p>\n

Bitfinex (2016)<\/strong><\/h2>\n

With 120,000 BTC ($72m) stolen, the Bitfinex hack earns its place as one of the most gainful exchange heists. In its wake, the Bitcoin price plunged by 20%.<\/p>\n

Worth noting is that Bitfinex appeared to avoid some of the pitfalls seen in earlier entries on this list \u2013 for instance, it implemented a multi-signature scheme, which requires a handful of signatures to spend funds.<\/p>\n

It\u2019s difficult to ascertain what went wrong in the exchange\u2019s setup, however, as the details have not been made public.<\/p>\n

 <\/p>\n

Binance (2019)<\/strong><\/h2>\n

The Binance hack garnered a lot of discussion on social media earlier this year. Using a variety of techniques, the attackers were able to collect user data in order to withdraw 7,000 BTC in a single transaction \u2013 structured in such a way that the platform was unable to detect foul play in time.<\/p>\n

The hackers were only able to access a small amount of the exchange\u2019s total holdings, as they only kept a small portion in hot wallets.<\/p>\n

– – –<\/p>\n

It should be clear that security is not binary \u2013 it\u2019s a spectrum that takes into account a myriad of factors at the human, hardware, and software levels. Cryptocurrency exchanges have the difficult task of adhering to rigorous procedures in order to protect their funds from a rich ecosystem of creative attackers.<\/p>\n

For our part, at BTSE, we aim to adhere to the highest of standards: we keep all funds in cold storage wallets that can only be accessed with multiple keys, ensure high redundancy of our data with a multi-site setup, and offer robust two-factor authentication verifications to protect our users from malicious parties.<\/p>\n

 <\/p>\n

\n
\n<\/div>\n

Our aim is to create a platform that offers users the most enjoyable trading experience. If you have any feedback, please reach out to us at\u00a0feedback@btse.com<\/a> or on Twitter @BTSE_Official.<\/em><\/p>\n

Note: BTSE Blog contents are intended solely to provide varying insights and perspectives. Unless otherwise noted, they do not represent the views of BTSE and should in no way be treated as investment advice. Markets are volatile, and trading brings rewards and risks. Trade with caution.<\/span><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Present a motivated attacker with a bounty lucrative enough, and they will find their way through even the most robust of systems. Prolific data breaches hitting everything from financial institutions like Equifax, to social media companies like Facebook, are proof of this. In the digital age, data is a powerful commodity. This is particularly true […]<\/p>\n","protected":false},"author":1,"featured_media":5141,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[14],"tags":[],"class_list":["post-1258","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-bytes"],"yoast_head":"\nThe Greatest Crypto Exchange Heists of All Time — BTSE Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Greatest Crypto Exchange Heists of All Time\" \/>\n<meta property=\"og:description\" content=\"Present a motivated attacker with a bounty lucrative enough, and they will find their way through even the most robust of systems. Prolific data breaches hitting everything from financial institutions like Equifax, to social media companies like Facebook, are proof of this. In the digital age, data is a powerful commodity. This is particularly true […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/\" \/>\n<meta property=\"og:site_name\" content=\"BTSE Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-10-17T20:26:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-07T10:46:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/602931_0688413a020646e485f2b2c81c2096ef-mv2_d_3840_2160_s_2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"3840\" \/>\n\t<meta property=\"og:image:height\" content=\"2160\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"BTSE\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@BTSE_Official\" \/>\n<meta name=\"twitter:site\" content=\"@BTSE_Official\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"BTSE\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The Greatest Crypto Exchange Heists of All Time — BTSE Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/","og_locale":"en_US","og_type":"article","og_title":"The Greatest Crypto Exchange Heists of All Time","og_description":"Present a motivated attacker with a bounty lucrative enough, and they will find their way through even the most robust of systems. Prolific data breaches hitting everything from financial institutions like Equifax, to social media companies like Facebook, are proof of this. In the digital age, data is a powerful commodity. This is particularly true […]","og_url":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/","og_site_name":"BTSE Blog","article_published_time":"2019-10-17T20:26:31+00:00","article_modified_time":"2023-03-07T10:46:51+00:00","og_image":[{"width":3840,"height":2160,"url":"https:\/\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/602931_0688413a020646e485f2b2c81c2096ef-mv2_d_3840_2160_s_2.png","type":"image\/png"}],"author":"BTSE","twitter_card":"summary_large_image","twitter_creator":"@BTSE_Official","twitter_site":"@BTSE_Official","twitter_misc":{"Written by":"BTSE","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/#article","isPartOf":{"@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/"},"author":{"name":"BTSE","@id":"https:\/\/www.btse.com\/blog\/#\/schema\/person\/46ad80e1bffe6cf5d79938127822f2ca"},"headline":"The Greatest Crypto Exchange Heists of All Time","datePublished":"2019-10-17T20:26:31+00:00","dateModified":"2023-03-07T10:46:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/"},"wordCount":799,"publisher":{"@id":"https:\/\/www.btse.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/602931_0688413a020646e485f2b2c81c2096ef-mv2_d_3840_2160_s_2.png?fit=3840%2C2160&quality=75&ssl=1","articleSection":["News Bytes"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/","url":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/","name":"The Greatest Crypto Exchange Heists of All Time — BTSE Blog","isPartOf":{"@id":"https:\/\/www.btse.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/#primaryimage"},"image":{"@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/602931_0688413a020646e485f2b2c81c2096ef-mv2_d_3840_2160_s_2.png?fit=3840%2C2160&quality=75&ssl=1","datePublished":"2019-10-17T20:26:31+00:00","dateModified":"2023-03-07T10:46:51+00:00","breadcrumb":{"@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/#primaryimage","url":"https:\/\/i0.wp.com\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/602931_0688413a020646e485f2b2c81c2096ef-mv2_d_3840_2160_s_2.png?fit=3840%2C2160&quality=75&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/602931_0688413a020646e485f2b2c81c2096ef-mv2_d_3840_2160_s_2.png?fit=3840%2C2160&quality=75&ssl=1","width":3840,"height":2160,"caption":"The Greatest Crypto Exchange Heists of All Time"},{"@type":"BreadcrumbList","@id":"https:\/\/www.btse.com\/blog\/greatest-crypto-exchange-heists-of-all-time\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.btse.com\/blog\/"},{"@type":"ListItem","position":2,"name":"The Greatest Crypto Exchange Heists of All Time"}]},{"@type":"WebSite","@id":"https:\/\/www.btse.com\/blog\/#website","url":"https:\/\/www.btse.com\/blog\/","name":"BTSE Blog","description":"Navigating the Crypto Frontier - Insights, Analysis, and Strategies","publisher":{"@id":"https:\/\/www.btse.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.btse.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.btse.com\/blog\/#organization","name":"BTSE","url":"https:\/\/www.btse.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.btse.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/btse-logo.png","contentUrl":"https:\/\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/btse-logo.png","width":1007,"height":306,"caption":"BTSE"},"image":{"@id":"https:\/\/www.btse.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/BTSE_Official","https:\/\/discord.com\/invite\/btse","https:\/\/www.linkedin.com\/company\/btsecom\/","https:\/\/t.me\/btsecom"]},{"@type":"Person","@id":"https:\/\/www.btse.com\/blog\/#\/schema\/person\/46ad80e1bffe6cf5d79938127822f2ca","name":"BTSE","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/dc01110861deb9c4a6b15c6c841e4457320749d7c005164340fbf8d4eacefc5d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/dc01110861deb9c4a6b15c6c841e4457320749d7c005164340fbf8d4eacefc5d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/dc01110861deb9c4a6b15c6c841e4457320749d7c005164340fbf8d4eacefc5d?s=96&d=mm&r=g","caption":"BTSE"},"sameAs":["https:\/\/www.btse.com\/blog"],"url":"https:\/\/www.btse.com\/blog\/author\/btseadmin\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.btse.com\/blog\/wp-content\/uploads\/2023\/03\/602931_0688413a020646e485f2b2c81c2096ef-mv2_d_3840_2160_s_2.png?fit=3840%2C2160&quality=75&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/posts\/1258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/comments?post=1258"}],"version-history":[{"count":3,"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/posts\/1258\/revisions"}],"predecessor-version":[{"id":5816,"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/posts\/1258\/revisions\/5816"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/media\/5141"}],"wp:attachment":[{"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/media?parent=1258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/categories?post=1258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.btse.com\/blog\/wp-json\/wp\/v2\/tags?post=1258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}