The distributed and decentralized ledgers known as Blockchains have been hailed as impenetrably secure by many in the cryptocurrency community. However, some of these systems are not as impregnable as originally thought.
As public awareness of cryptocurrencies has grown and token valuations have skyrocketed in recent years, hackers and scammers may have had additional incentive to find a way to steal digital currencies, given the potential of even higher payments one day.
In fact, stealing cryptocurrency—again, when tokens are hugely popular in part because they’ve been marketed as highly secure ways to transact and store value—has become big business.
In 2022, a record $3.8 billion worth of crypto tokens was stolen globally. A vast majority of stolen tokens (around 80% last year) were taken from decentralized finance (DeFi) protocols, and two-thirds of DeFi thefts involved cross-chain bridging protocols. These bridges allow users to trade assets across different Blockchains and typically hold large reserves of different tokens, potentially opening them up to increased attention from thieves and reducing security within a single Blockchain ecosystem.
Nonetheless, Blockchain and crypto hacks seem to be bolder than ever. Below is a closer look at the most brazen Blockchain and cryptocurrency hacks in history.
Binance Suffers BNB-Related Hack
In late 2022, Binance suffered losses of around $570 million, when hackers were able to exploit a smart contract bug that left the Blockchain vulnerable. The crooks used the BSC Token Hub cross-chain bridge to create additional Binance Coins (BNB) and withdraw around 2 million of these tokens, which are native to Binance.
FTX Implodes and Thieves Take Advantage
One of the boldest crypto heists is also one of the most recent. In November 2022, cryptocurrency exchange and hedge fund FTX dominated the news when it filed for Chapter 11 bankruptcy, eventually collapsing entirely. On the same day, the thieves stole more than $600 million from the company’s cryptocurrency wallets. The brazen attack may have capitalized on internal turmoil, prompting the company to later announce to users that their own apps were hacked and they should remove them. Unfortunately, the theft left many FTX account holders without a token.
The Biggest Hack in History: A Blockchain Gaming Platform
To date, the largest crypto hack occurred when $625 million worth of Ethereum and USDC stablecoin were stolen from the Ronin Network, an ecosystem affiliated with Blockchain gaming platform Axie Infinity. US officials blamed the attack on the Lazarus Group, a North Korean state-backed hacking collective. The hackers were reportedly able to access private keys and falsify transactions on the Blockchain.
Great DeFi Attack on the Poly Network
One of the largest DeFi-related attacks took place in the summer of 2021. A single hacker exploited a vulnerability in the Poly Network’s DeFi platform to steal $611 million in a variety of tokens. The Poly Network developers pleaded with the anonymous hacker to return the funds. Interestingly, two days after the attack, the hacker returned roughly half of the stolen tokens, acknowledging that they had targeted Poly “for fun.”
Changes In Sight
Despite these hacks from the past, a change is in sight in the cryptocurrency theft landscape. In 2023, not only are thefts down by roughly two-thirds compared to Q1 2022, but an increasing number of hackers are returning stolen tokens to claim a “white hat” bounty—in effect, a ransom that companies are willing to pay for the safe return of their lost goods.
By Audy Castaneda
