Bitcoin burglaries: The 5 biggest cryptocurrency heists in history

At the beginning of July 2018, blockchain security firm CipherTrace reported that $731 million has been stolen from crypto exchanges this year alone.


As the popularity of cryptocurrencies continues to soar, so does the number of hackers targeting exchanges. In 2017, crypto exchanges reported losing approximately $266 million as a result of security breaches and heists. However, the first half of 2018 alone has reported that triple this amount has been stolen from crypto exchanges already.

At the beginning of July 2018, blockchain security firm CipherTrace reported that $731 million has been stolen from crypto exchanges this year alone. Nate Whitehall of CryptoSlate says:

“With each passing crypto hack, there’s more at stake. These heists aren’t just becoming more common. They’re becoming significantly more valuable.” 

In this article, we’ll take a look at some of the most prolific crypto heists in history.

Koichiro Wada, president of Coincheck Inc., bows during a news conference in Tokyo, Japan, on Thursday, March 8, 2018. Photographer: Kiyoshi Ota/Bloomberg via Getty Images 

The Coincheck heist

In January 2018, hackers found a loophole in the Coincheck exchange that allowed them to steal over 500 million NEM. This was worth around $530 million at the time. While only the NEM was breached and other funds remained secure, NEM Foundation has stressed that the hack was nothing to do with the security of the XEM cryptocurrency.

They have insisted that the blame is entirely on Coincheck, saying that it was a result of its ‘relaxed security measures’. Because such a significant percentage of XEM was compromised, many people immediately assumed that NEM would carry out a hard fork in order to recover the funds. However, this did not occur. Coincheck now has the reputation of being the victim of the biggest crypto exchange hack in history.

Bitcoin trader Kolin Burges from Britain holds up a placard to protest against Tokyo-based bitcoin changer MtGox in front of the company's office in Tokyo on February 26, 2014. YOSHIKAZU TSUNO/AFP/Getty Images

The Mt. Gox hack

Up until the recent Coincheck hack, the Mt. Gox Hack was the biggest crypto heist in history. It still remains the biggest Bitcoin heist to have ever occurred.

Mt. Gox was a crypto exchange based in Tokyo, Japan. Between 2013 and 2014, it handled over 70% of all worldwide Bitcoin transactions. Unfortunately, by February 2014, the exchange had declared bankruptcy.

The hacker stole approximately 850,000 Bitcoins - worth around $450 million at the time. What’s more, this was approximately 6% of all Bitcoin in existence at the time. Therefore, at the time of the theft, this was a significant percentage of the total crypto market cap. In that sense, this was even bigger than the Coincheck hack. 200,000 of the stolen Bitcoins were eventually recovered. However, approximately 650,000 remain lost forever.

Founder of Ethereum Vitalik Buterin during TechCrunch Disrupt London 2015. Photo by John Phillips/Getty Images for TechCrunch.

The DAO attack that led to the creation of Ethereum Classic (ETC)

A ‘DAO’ is a Decentralized Autonomous Organization that aims to eliminate the requirement for third-parties in governing and to ultimately create a structure that has decentralized control. It does this by turning the rules and decision-making apparatus of an organization into code.

‘The DAO’ was the name of a particular DAO. It was launched on the 30th April 2016 and had a 28-day funding window. It was extremely popular - so much so that by the end of its funding period, it was the largest crowdfunded organization in history.

Throughout the crowdsale, several people expressed concerns about The DAO’s security and suggested that it could be vulnerable to attack. Despite this, it went on to raise over $150 million from 11,000 members -  far more than its creators had ever imagined.

On June 12th, 2016, Stephen Tual, one of the creators of The DAO, announced that a "recursive call" bug had been found in the code. However, at the end of his post, stressed that "this is NOT an issue that is putting any DAO funds at risk today." Unfortunately, Tual turned out to be very wrong. By the time the team had identified the bug and begun to fix it, a hacker was already exploiting it and draining The DAO of the ether it had collected from its token sales.

By the 18th of June, less than a week after the announcement had been made, the hacker had already managed to drain over 3.6 million ether (worth approximately $70 million) into a “child DAO”. This alone led the price of Ether to fall drastically from $20 to $13.

As a result of this catastrophe, an Ethereum hard-fork was proposed, with 89% of Ether holders voting in favor of it. This led to the creation of Ethereum Classic (ETC) - a new cryptocurrency which shares the data on the Ethereum blockchain up until block 1920000.

Bitfinex main page, c/o Creative Commons

The Bitfinex exchange heist

Bitfinex is currently ranked as the second largest crypto exchange in terms of daily trading volumes. However, in August 2016, the exchange suffered a hacking heist that resulted in the loss of over 120,000 Bitcoins, worth around $66 million. Within hours of the attack, the value of Bitcoin had dropped from over $600 to $540. Moreover, the users never received compensation for their lost Bitcoins. Instead, the exchange paid users in BFX tokens for their losses and promised to buy these tokens back at a later date.

The platform experienced another cyber attack in June 2018. However, this attack only affected trading operations. Thankfully, no user accounts were compromised.

c/o Pxhere

The BitFloor exchange heist

Despite being relatively unknown, the BitFloor heist remains one of the biggest Bitcoin heists in history. It resulted in the loss of over 24,000 Bitcoins. At the time it was considered relatively small. However, in today’s terms, the hack would be worth a surplus of $141 million. 

Back in 2012, BitFloor was one of the largest competitors of Mt. Gox. However, it had to shut down abruptly when hackers gained access to the private keys of users. This was made possible because the hackers were able to gain access to the users’ private keys, which were stored in an extremely insecure manner in an unencrypted state, online, for backups.

Luckily, the exchange was able to refund users for their losses. However, it was ultimately forced to shut down.

‘A rare sight’: Astronaut snaps incredible photo of 5 spaceships

The photos were taken the same day as Russian cosmonauts investigated a mysterious hole discovered in one of the craft.

Alexander Gerst
Surprising Science
  • The spacecraft belong to Russia and two private American aerospace companies.
  • Six astronauts are currently aboard the International Space Station to conduct a variety of experiments.
  • On Monday, Russian cosmonauts conducted a spacewalk to investigate the nature and cause of a mysterious 2-millimeter-wide hole in a Russian spacecraft.
Keep reading Show less

NASA releases first sounds ever captured on Mars

On Friday, NASA's InSight Mars lander captured and transmitted historic audio from the red planet.

NASA
Surprising Science
  • The audio captured by the lander is of Martian winds blowing at an estimated 10 to 15 mph.
  • It was taken by the InSight Mars lander, which is designed to help scientists learn more about the formation of rocky planets, and possibly discover liquid water on Mars.
  • Microphones are essentially an "extra sense" that scientists can use during experiments on other planets.
Keep reading Show less

Heart wrenching letter confronts tech companies' accidental cruelty

"Didn't you see me Googling 'baby not moving?'" Gillian Brockell wrote a heartbreaking open letter to big tech companies imploring them to change the ways they target ads to users.

Gillian Brockell's letter posted on Twitter (Twitter)
Politics & Current Affairs
  • Advertisers are increasingly using hyper-specific information on users, collected by big tech companies, to sell products.
  • An open letter published Tuesday outlines how this kind of ad targeting can be not only creepy, but also inadvertently cruel and distressing.
  • Also on Tuesday, the House questioned Google's CEO, partly on issues related to data privacy.
Keep reading Show less