The Biggest Crypto Heists

Back to Blog

More and more people are using digital assets. The popularity of cryptocurrencies is growing, attracting various kinds of scammers and hackers.

Where there is a lot of money, there will always be someone who wants to steal it or get it by fraud.

Crypto scammers hunt naive holders of digital assets, taking advantage of their mistakes, trust or lack of knowledge of technology.

Bitcoin (BTC) appeared on the market after the global financial crisis of 2008-09 to prevent global financial crises in the future.

However, since their appearance, cryptocurrencies have never been a safe place to store user funds. There have always been reports of major thefts, frauds and hacking of exchanges, wallets or trading platforms.

Due to the fact that funds are placed digitally, it is easier for hackers to steal virtual currencies than physical cash.

Cryptocurrencies stored in huge amounts are open. That is, hackers know in advance how much money is on this or the wallet. They can be transferred anonymously, which leads to major robberies in the crypto industry.

And impunity provokes new crimes.

Hackers steal virtual money, which is difficult to say who belongs to. People who have lost funds often do not even know about it, and when they find out about the fact of hacking, it becomes too late. Not everyone reports thefts, as cryptocurrencies are still not regulated in many countries, which means that the fact of the crime itself is difficult to prove.

Let's consider the largest thefts. Despite the development of technology, crypto exchanges continue to be hacked, which means that it is possible that the biggest thefts are still ahead. The higher the popularity of cryptocurrencies and the greater the number of users are, the more hackers are willing to steal a large sum.

The biggest cryptocurrency thefts in history

Mt. Gox 

Mt. Gox still remains the largest cryptocurrency theft in history. In the period from 2011 to 2014, more than 850K bitcoins were stolen from the exchange. 

Mt. Gox stated that the error that caused the loss was related to the main error in bitcoin, known as transaction malleability. Transaction malleability is the process of changing the unique identifier of a transaction by changing the digital signature that was used to create it.

In September 2011, it was discovered that MtGox private keys were compromised, and the exchange did not notice the error in time.

Since MtGox regularly reused the same bitcoin addresses, the stolen keys were constantly used to steal new deposits.


Linode, a web hosting firm, has been used by bitcoin exchanges and the community of whales to store their hot wallets. Linode was hacked in June 2011, and virtual services where hot wallets were stored became a target.

Hacking of the hosting led to the theft of at least 46K BTC, the actual amount of stolen funds is still not known.


In May 2012, 24K BTC was stolen from BitFloor. The attacker gained access to an unprotected (i.e. unencrypted) backup copy of the wallet keys and stole the virtual currency. As a result, the creator of BitFloor Roman Shtylman decided to close the exchange.


The use of multisig (having multiple keys to sign a BTC transaction) caused another major robbery. In this case, the Bitfinex exchange suffered, where 119,756 BTC was stolen.

Bitfinex cooperated with BitGo to act as a third-party depository for customer withdrawals.


Bitgrail, a small Italian exchange, was hacked in February 2018. As a result of the theft, BitGrail's losses amounted to $ 146 million.

Due to the cyber attack, 230,000 people were affected. Unfortunately, small exchanges do not use basic protection, such as a cold storage wallet, putting big money at risk.


NEM (XEM) tokens worth $530 million were stolen from Coincheck, a company based in Japan, in January 2018.

Criminals were able to hack the exchange's system due to lack of staff. The funds were stored in hot wallets and insufficient security measures were taken.


In September 2020, KuCoin announced that hackers had obtained secret keys to hot wallets, resulting in $275 million in lost funds. However, later the exchange was able to return about $240 million in payments.


The flash loan attack, during which hackers were able to pump $200 million from the platform, occurred in May 2021. The hacker borrowed a large amount of Binance Coin (BNB) before manipulating its price and selling it on the BUNNY/BNB market on PancakeBunny to carry out the attack.

An urgent loan was taken before paying the entire amount at once. The hacker got a large amount of BUNNY using a flash loan. After that, the criminal threw the entire BUNNY on the market, bringing down the price, and then repaid the BNB with PancakeSwap.

Poly Network

In August 2021, a hacker stole about $600 million worth of digital tokens, taking advantage of a vulnerability in the Poly Network.

However, after the theft, the hacker began to negotiate with the exchange, told about the vulnerability and returned everything that was stolen a week later, with the exception of $33 million in Tether (USDT), which was frozen by issuers.

After that, the hacker received a prize of $ 500,000 for the return of all stolen funds, as well as a job offer as a senior security officer of Poly Network.

Cream Finance

Hackers stole $130 million from Cream Finance in October 2021. This was Cream Finance's third cryptocurrency heist in a year, during which hackers stole $37 million in February 2021 and $19 million in August 2021.

The funds were received with the help of an urgent loan as part of a very complex transaction with a commission worth more than 9 ETH in the form of gas and involving 68 different assets. The attacker used MakerDAO's DAI to produce a huge number of yUSD tokens, and also took advantage of oracle's calculation of the yUSD price.

As a result, it was possible to steal the assets of Cream Finance for a total of $ 130 million.


The hacker managed to steal assets from several cryptocurrency wallets on BadgerDAO, in December 2021. The theft is related to phishing, when a malicious script was embedded in the user interface of a website via Cloudflare.

The hacker used the Application Programming Interface (API) key to steal $130 million in funds. The API key was created without the knowledge or permission of Badger engineers for the regular introduction of malicious code. About $9 million was recovered because the hackers had yet to withdraw funds from Badger's vaults.


In December 2021, the hacking of the Bitmart hot wallet led to the theft of about $ 200 million. $100 million was stolen through the Ethereum blockchain and $96 million was stolen through the Binance smart chain.

More than 20 tokens were stolen, including  BSC-USD, Binance Coin (BNB), BNBBPay (BPay), and Safemoon, as well as substantial quantities of Moonshot (MOONSHOT), Floki Inu (FLOKI) and BabyDoge (BabyDoge).


The attack on Wormhole, the Ethereum and Solana bridge, resulted in a loss of $328 million. The attacker used minted tokens to claim ETH, which was stored on the Ethereum side of the bridge by exploiting a mint function on the Solana side of the Wormhole bridge to create 120,000 wrapped Ethereum (wETH) for themselves.

Ronin Network (Axie Infinity)

Ronin Network (Axie Infinity), a cryptocurrency network focused on games, reported on March 29, 2022 that it had been hacked, resulting in the loss of $620 million.


The Beanstalk protocol, an Ethereum-based stable coin platform, became the target of an attack in April 2022. 

The value stored in the Beanstalk protocol was transferred to the Ukrainian fund after the fraudulent offer was implemented, and the attacker(s) used it to repay his urgent loan. Of the $181 million that was eventually stolen, the attacker made a profit of $76 million.

Horizon Bridge (Harmony)

In June 2022, criminals hacked the Harmony protocol, which makes transactions between the Ethereum, Binance and Bitcoin blockchains. They stole $100 million worth of cryptocurrencies, including ETH, Binance Coin (BNB), USDT, USD Coin (USDC) and Dai.

Some advice

Due to the irreversible nature of the blockchain, the exchange or wallet can do little to stop the robbery after the theft of private keys. Some centralized exchanges compensate their depositors for losses, since they keep most of their funds on cold wallets without Internet access. But not all exchanges do this, and at the moment the compensation of stolen funds is the exception rather than the rule.

In decentralized exchanges, a wallet with a private key is kept by the user and he must protect himself on his own.

As for crypto investments, you need to check everything carefully, because all the risks of losing funds are borne by depositors themselves.

Two-factor authentication must be enabled in any exchange or wallet.

You cannot give anyone the private key to your crypto wallet or the seed phrase. It is better to keep money in a cold wallet offline.

You should check the URLs of websites two or three times as there are a huge number of fake or phishing sites.

Share this article

We use cookies to improve your experience. By closing this message you agree to our Cookies Policy.