Since cryptocurrencies came into the limelight, the industry has been marred by its fair share of issues. Widely claimed as a decentralized and secure alternative to traditional financial systems, cryptocurrencies are not immune to criminals.
It is unfortunate that many investors have learned this fact through numerous hacking and theft incidents over the years. 2022 was one of the biggest years ever in terms of the cryptocurrency world being hit by scams or attacks.
The victims of the scams and thefts that have happened so far could not do much about it. However, the aftermath provides a vital learning opportunity for everyone else. Today, Black Book Crypto will look at some of the most prominent cryptocurrency hacks in history.
From how they happened to what we can do to protect our digital assets and even an erroneous YieldNodes scam claim, there is much to unpack. Let’s dive in.
As the cryptocurrency industry becomes increasingly secure, cybercriminals keep advancing their methods to stay ahead of the curve. By learning about the biggest incidents and how they happened, you can understand how to protect your cryptocurrency investments better.
The most significant cryptocurrency breach occurred in March 2022, targeting the support network of the renowned Axie Infinity blockchain game. By infiltrating the Ronin Network, hackers made off with about $625 million worth of Ethereum and USDC stablecoins. U.S. officials linked the theft to Lazarus Group, a North Korean state-backed hacking collective. Despite recovering $5.8 million, the hack remained the largest in history.
The breach stemmed from experimental code not yet deployed, meant to mend bugs but providing an opening for the hacker. They obtained 120,000 wETH, valued at $325 million, exploiting a Ronin Bridge smart contract vulnerability to drain another $300 million in USDC. The hacker later returned some funds, claiming it was for amusement after dialoguing with the Poly Network team.
The Ronin Network incident underscores the imperative of testing and auditing code before deploying on a live network. It illuminates hazards tied to third-party platforms and bridges, which might harbor flaws or malicious elements. Users must conduct research and due diligence before engaging with any crypto service or product.
In August 2021, a lone hacker seized upon a vulnerability in the Poly Network decentralized finance platform, making off with over $600 million. Developers took to X, formerly known as Twitter, to urgently call for the stolen funds, including $33 million in Tether. Setting up return addresses, Poly Network managed to engage the unknown hacker in cooperation. In a mere two days, approximately $300 million was reclaimed. The motive surfaced: the hacker targeted the network “for fun” or as a challenge.
Poly Network enables token swaps across diverse blockchains like Bitcoin, Ethereum, Binance Smart Chain, and Polygon. The hacker exploited weak contract calls amid these chains, transferring significant token volumes to personal addresses. The hacker’s intent, revealed later, was to expose vulnerabilities and educate on security. Most of the money was returned post-negotiation with the Poly Network team, suggesting motives beyond mere profit.
The Poly Network breach highlights cross-chain interoperability’s intricacy and fragility. It emphasizes diverse hacker motives and ethics beyond monetary gain. Users must recognize potential risks and considerations when engaging with cross-chain platforms and services.
In January 2018, a standout hack unfolded in crypto history as the Japanese exchange Coincheck was breached, losing $534 million worth of NEM coins (XEM). This colossal attack ranked among the most cryptocurrency thefts, shattering investor confidence. Coincheck later reimbursed customers from its own resources and rebooted with fortified security protocols.
The breach occurred because Coincheck stored the bulk of its NEM coins in a solitary hot wallet—a web-connected target for hackers. Exploiting this vulnerability, the hackers secured the wallet’s private key and funneled 523 million XEM to diverse addresses.
Coincheck’s hack underscores the vitality of cold wallets—offline and safer—for safeguarding significant crypto sums. Moreover, it highlights hackers’ resourcefulness, employing tactics to elude detection or taunt victims. Users are wise to opt for reputable, regulated exchanges featuring robust security measures and insurance coverage.
The Mt. Gox hack remains an indelible mark in cryptocurrency history—a notorious case of digital theft. Once a dominant force in Tokyo, it facilitated 70% of Bitcoin transactions. Yet, security breaches, glitches, and legal woes eroded its credibility, leading to its demise. In 2014, Mt. Gox halted operations, citing hacking for an 850,000 bitcoin loss—around $470 million. While 200,000 bitcoins were recovered, 650,000 remained missing.
This breach was a result of managerial lapses, lax security, and regulatory issues. Exploiting Bitcoin’s vulnerability, hackers manipulated transaction IDs, falsely indicating non-receipt of bitcoins. By goading the exchange to reissue bitcoins, hackers multiplied their spoils. Simultaneously, they stealthily siphoned bitcoins from Mt. Gox’s wallets over the years. Alarms remained silent until too late, as flawed accounting and lax audits prevailed.
Mt. Gox was the first major incident that showed the perils of mismanaged exchanges, exposing gaps in technology and human diligence. It will remain one of the most well-known among the biggest cryptocurrency hacks in history.
In 2022, the FTX Exchange, led by Sam Bankman-Fried, emerged as a prominent scam in the industry. Despite the initial success and backing from top investors, it was revealed that FTX had engaged in fraudulent activities, transferring customer funds to Bankman-Fried’s own trading firm, Alameda Research.
The exchange’s worth soared to $32 billion by January 2022, but by November, it became evident that billions of dollars had been lost due to this major fraud. Even Binance’s attempted acquisition of FTX fell through due to mishandling of customer funds, triggering a sell-off and ultimately leading to FTX’s bankruptcy.
FTX’s downfall marked a significant event in the crypto world in 2022. The highly popular exchange faced a spectacular collapse, resulting in the loss of billions of dollars worth of funds. Following a Chapter 11 bankruptcy filing in November, FTX experienced further troubles as it suffered a mysterious attack. Approximately $446 million in tokens were drained from alleged FTX wallets, with the stolen funds being shifted to other exchanges and converted into different cryptocurrencies. The identity of the culprits behind the theft remains unclear.
Amid the turmoil, FTX’s new management acknowledged that a substantial portion of the exchange’s assets were either missing or stolen. This situation unfolded during the initial court hearing, underscoring the extent of the financial havoc caused by FTX’s fraudulent activities and subsequent security breaches.
YieldNodes, a masternoding and server rental platform, faced unwarranted controversy despite being legitimate. As a beacon of sustainable passive income in the blockchain economy, it encountered skepticism due to a cryptocurrency crime report by Chainalysis, labeling it a major scam in 2022. YieldNodes refuted this, suggesting no cause for concern based on user experience.
Chainalysis, claiming to uphold the blockchain-driven global economy, accused YieldNodes of being a scam without a clear explanation. However, Chainalysis’ credibility has been questioned, especially as it omitted FTX, one of the largest industry scams, from its report. Reports also question the transparency and accuracy of Chainalysis’ tools.
YieldNodes intends to take legal action against Chainalysis while dealing with repercussions, like the delisting of its NFT from OpenSea. Despite challenges, YieldNodes remains operational and committed to leveraging blockchain’s potential for a transparent investment environment.
While it refutes the claim, the damage to its reputation has created more challenges for the platform. With the launch of the YieldNodes NFT, YieldNodes continues to persevere in its mission despite the obstacles. If you want to learn more and become a YieldNoder, visit YieldNodes and check it out!