Reference: Top Centralized Exchange Hacks: Lessons Learned from History
In recent years, centralized exchanges (CEX) like Mt. Gox and WazirX have suffered significant losses due to external hacker attacks, while other exchanges like FTX collapsed due to internal fund misuse. Even industry giants Binance and Coinbase are facing survival threats from the world's most powerful financial regulatory agencies.
Decentralized exchanges (DEX) can effectively defend against these three major threats—hacker attacks, fraud, and excessive regulation—that have plagued CEX. Of course, there are other threats besides "hacker attacks." For example, FTX's collapse involved poor executive management and misuse of customer funds, which is less feasible on DEX due to its inherent structure advocating transparency and user control.
This article explores the biggest vulnerabilities in the history of top centralized exchange hacks, from notorious intrusion incidents to systemic vulnerabilities, the cryptocurrency world has experienced turmoil. Here, we review the 10 most serious centralized exchange hack events.
10. Bithumb Hack: Repeated Attacks
Founded in 2014, Bithumb quickly became a cornerstone of the South Korean cryptocurrency market, with over 8 million registered users and a trading volume exceeding $1 trillion. Despite its illustrious reputation, Bithumb has been repeatedly attacked.
Starting from 2017, Bithumb suffered multiple intrusions:
February 2017: Hackers stole $7 million.
June 2018: Employee personal data was exploited to steal nearly $32 million worth of cryptocurrencies.
March 2019: Bithumb announced another intrusion, suspending deposits and withdrawals after losing about $20 million worth of EOS and XRP.
June 2019: Bithumb was attacked again, with hackers stealing digital tokens worth $30 million.
Assets stolen during the Bithumb hack in June 2018
In response to the repeated violations, the South Korean Ministry of Science and Technology (MIC) conducted a thorough investigation, primarily finding:
- Insufficient network isolation.
- Poor monitoring system unable to distinguish between normal and suspicious activities.
- Inadequate management of encryption keys and passwords.
9. WazirX Cryptocurrency Hack
In 2024, there were 108 incidents resulting in a loss of over $473 million worth of cryptocurrencies due to hacker attacks and fraud. WazirX alone accounted for 86.4% of the total cryptocurrency lost in July due to hacker attacks.
Indian CEX WazirX announced plans to freeze withdrawals and revoke all transactions on July 18, 2024. On that day, WazirX suffered a major wallet vulnerability attack, resulting in the unauthorized transfer of over $230 million in crypto assets. This attack targeted WazirX's multi-signature wallet on Ethereum.
Over $100 million worth of Shiba Inu (SHIB), 20 million MATIC tokens ($11 million), 640 billion PEPE tokens ($7.5 million), 5.7 million USDT, and 135 million GALA tokens ($3.5 million) were stolen.
Despite employing advanced security measures such as hardware wallets and address whitelisting, WazirX still fell victim to a sophisticated attack. This necessitates comprehensive security audits and continuous improvement of digital asset protection. The risk of centralized control of private keys is evident.
8. Binance Hack: A Stark Reminder of Cryptocurrency Vulnerabilities
In 2019, the leading global cryptocurrency exchange Binance suffered a major centralized exchange hack. On May 7, malicious actors exploited phishing and virus attacks on Binance's security systems to steal users' two-factor authentication codes and API keys.
This intrusion enabled them to steal 7,074 bitcoins from the exchange's hot wallet in a single transaction, valued at over $40 million at the time.
Following this incident, Binance CEO Changpeng Zhao announced the establishment of the Secure Asset Fund for Users (SAFU) to protect users' funds in extreme situations. Despite taking these measures, Binance faced another major security challenge in October 2022. Hackers illegally generated and stole 2 million BNB tokens, equivalent to $570 million, using the cross-chain bridge BSC Token Hub.
7. KuCoin: Hollywood-Style Theft
In September 2020, KuCoin experienced a Hollywood-style theft, ranking high in centralized exchange hack attacks. Hackers initiated a cunning attack, stealing bitcoins and ethers to a mysterious wallet. As digital thieves entered the vault by stealing KuCoin's hot wallet private keys, the plot became even more complex.
The next day, as KuCoin CEO Johnny Lyu addressed the world in a live broadcast, the crypto community was already on edge. The KuCoin team reacted swiftly, transferring the remaining funds to a new hot wallet, closing the stolen wallet, and temporarily freezing all customer transactions to mitigate further risks.
Further investigation revealed that the stolen funds involved various cryptocurrencies such as BTC, ETH, LTC, and XRP, totaling approximately $281 million. Despite the heavy losses, KuCoin's proactive measures recovered about $204 million of the stolen funds within weeks.
Of particular interest, KuCoin collaborated with international law enforcement agencies, attributing this network attack to a suspected North Korean hacker group.
6. BitGrail: Internal Work
Italian cryptocurrency exchange BitGrail became embroiled in controversy after the platform was hacked for €120 million ($146.55 million). Italian authorities accused Firano (aka "FF") of potentially being involved in the hack or failing to strengthen security measures after initially discovering the vulnerability.
This series of events led to the loss of funds for approximately 230,000 users, and Firano faced charges including computer fraud, fraudulent bankruptcy, and money laundering, making it one of the largest financial irregularities in Italian history.
Subsequently, the Italian bankruptcy court took decisive action, declaring Firano and BitGrail bankrupt. The court also ordered Firano to return stolen assets to customers as much as possible.
Additionally, the court approved the seizure of Firano's assets, including over $1 million in personal items and millions of cryptocurrencies in BitGrail accounts. The court found that software flaws in the BitGrail platform led to multiple unjustified withdrawal requests.
In CEXs like BitGrail, control of all assets and security measures is centralized, making them attractive targets for hackers.
5. Poloniex: The Tale of Two Hack Attacks
Poloniex suffered two serious security breach attacks.
In March 2014, hackers exploited a software vulnerability to steal 97 bitcoins, accounting for 12.3% of the exchange's bitcoin holdings at the time. Despite the setback, Poloniex successfully rebounded and fully compensated the affected users.
Fast forward to November 2023, the exchange was attacked again, and this time the attack was more severe. Suspected to be linked to the Lazarus group associated with North Korea, the attackers stole private keys and approximately $126 million from Poloniex's hot wallet.
The modus operandi included using social engineering and malware to obtain critical private keys. After the hack, the attackers employed complex strategies, including sending different tokens to specific addresses and using decentralized exchanges for money laundering, making tracking and recovery difficult.
4. Bitstamp Theft Event
Criminal hackers targeted Bitstamp's system administrator Luka Kodric, who unknowingly downloaded a malicious file, compromising the exchange's security. The malware was hidden in a harmless document, activating a script that infected Bitstamp's servers, allowing hackers to access critical wallet.dat files and passwords.
After realizing this vulnerability, Bitstamp took swift action, forming an emergency response team and issuing alerts to the entire company. Despite these measures, hackers successfully stole 18,866 bitcoins from the hot wallet, resulting in a loss of approximately $5 million at the time of the intrusion.
Subsequently, Bitstamp underwent a major overhaul of its trading platform, opting for a complete rebuild instead of patching. They migrated their infrastructure to secure cloud servers in Amazon's European region, implemented multi-signature wallet access, and hired Xapo for cold wallet management.
3. Bitfinex Theft Event
In August 2016, Bitfinex experienced a cyber attack. Hackers exploited a vulnerability in the exchange's multi-signature security system supported by BitGo. They manipulated the security protocol to illegally withdraw 120,000 bitcoins from Bitfinex's hot wallet.
After the hack, Bitfinex maintained transparency regarding financial losses. The losses were distributed to user accounts, with each account losing 36%. To mitigate the losses, Bitfinex issued BFX tokens to affected users, which were redeemable for dollars or shares of iFinex Inc., facilitating gradual recovery.
2. Coincheck Theft
In late January 2018, the renowned Japanese cryptocurrency exchange Coincheck suffered one of the most severe centralized exchange hack attacks in history. Hackers breached the exchange's hot wallet, stealing 523 million NEM tokens, valued at approximately $534 million at the time.
Despite lessons from previous hack attacks, Coincheck still stored a large amount of assets in the hot wallet and lacked sufficient multi-signature protection. Following the attack, the exchange immediately halted all deposits and withdrawals to prevent the flow of stolen funds.
The cryptocurrency community quickly rallied to prevent the liquidation of stolen assets. Exchanges like ShapeShift banned the trading of stolen NEM coins and flagged related addresses to prevent further transactions. Despite these efforts, full recovery of the funds remained unfeasible.
1. Mt. Gox: Unforgettable Hack Event
The Mt. Gox hack event remains one of the most notorious and widely publicized cryptocurrency theft cases, primarily due to its scale and timing. This significant event is a classic example of top centralized exchange hack events.
In 2011, the then-largest bitcoin exchange, Mt. Gox, first encountered a major security vulnerability, resulting in the loss of 25,000 bitcoins. The situation worsened in 2014, culminating in a catastrophic theft where approximately 850,000 bitcoins were stolen.
This hack had a massive impact, affecting the price of bitcoin and the trust of the global cryptocurrency community. "I almost lost everything. It forever changed my view of digital currency security," shared a forum user, emphasizing the profound personal and financial impact of this hack.
Exchange Security Measures
Exchange security has become a focal point of the entire cryptocurrency industry in recent years, especially after major security events and internal issues led to exchange closures or fund losses. To enhance security, exchanges can take various measures.
For example, keeping the majority of assets in offline cold wallets, with only a small amount of funds stored in online hot wallets to meet daily trading needs, significantly reduces the risk of hackers successfully stealing large amounts of funds. Additionally, requiring multiple key holders to sign transactions, multi-signature can prevent losses from the compromise of a single key.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
