The biggest heists in the crypto space to date

Cryptocurrency thefts often draw public attention. The first cause is the “huge” amount of money being stolen, because old financial institutions are seldom robbed by such large sums. Second, cryptocurrency has been the main topic of many discussions around the world lately, so every hack gets reported by the press.

crypto space to date

Additionally, the hacker discovered that stealing digital currency is easier than stealing cash or cryptocurrency from the banking system. As a result, this evil is becoming more and more common. Furthermore, since cryptocurrencies are often stored in bulk and can be instantly transferred anonymously from anywhere using only private keys or cryptography, it is easy to fall prey to hackers. .

The article takes a look at the biggest crypto thefts of all time, why exchanges keep getting hacked, the damage escalating and what we can do to protect ourselves.

The Biggest Crypto Heists in History

The biggest crypto heists to date are MT Gox, Bitgrail, Coincheck, KuCoin, PancakeBunny, Poly Network, Cream Finance, BadgerDAO, Vulcan Forged, and Bitmart.

#First. Mount Gox

MT Gox was the first large-scale exchange hack and remains the largest Bitcoin theft from an exchange. On the other hand, the raid on MT Gox was not a one-off event. Instead, the site leaked funds between 2011 and February 2014.

Hackers have stolen 100,000 BTC from exchanges and 750,000 BTC from their users over several years. These bitcoin thefts caused $470 million in damage back then, but they’re now worth around 10 times that amount. Not long after the theft, MT Gox went bankrupt, and liquidators recovered around 200,000 stolen BTC.

#2. Bitgrail

Bitgrail is a small exchange in Italy that trades obscure cryptocurrencies like Nano (XNO). The exchange was hacked in February 2018 when the price of XNO went from a few cents to $33. At least 17 million coins (about $150 million) have been withdrawn from the Nano wallet.

Many users even expressed dissatisfaction with the exchange (significantly lower withdrawal limits and trading problems) before the attack. According to the investigation, this money was stolen from the cold wallet, not the hot wallet. The case will continue to be investigated over the next three years, and Italian authorities are now accusing the Bitgrail owner of being behind the attacks.

#3. coin acceptor

Japan-based Coincheck stole $530 million worth of NEM (XEM) tokens in January 2018. The hackers took advantage of the fact that the coin is stored in a “hot” wallet, which means it is connected to a server and therefore “online” (the funds in the cold wallet are stored offline).

The stolen coins have been identified and marked by NEM developers, although there is speculation that the funds are available on darknet markets.

However, given the magnitude of the token’s price drop following the attack, many think it’s not a big deal (coins are currently down 83% at around $90 million).

#4. KuCoin

KuCoin announced in September 2020 that the hacker obtained the private key to access its hot wallet before withdrawing a significant amount of ETH, BTC, LTC, XRP, XLM, TRX and USDT. Since then, experts have stated that they have good reason to believe the hacker who stole the cryptocurrency is North Korean.

#5. pancake bunny

This flash loan attack took place in May 2021 where the hacker siphoned $200 million from the platform and was one of the biggest crypto thefts. The hacker borrowed a large amount of BNB before manipulating the price and selling it on PancakeBunny’s BUNNY/BNB marketplace to carry out the attack.

Accordingly, they get a large amount of BUNNY through a quick loan, sell the entire BUNNY on the market for a discount, and pay back the BNB with PancakeSwap.

#6. poly network

In August 2021, a hacker exploited a vulnerability in Poly Network’s infrastructure and stole over $600 million in total. However, they did not take this money and took a strange turn. Instead, the hacker approached the platform and agreed to return most of the funds, except for $33 million in USDT, which was frozen by the issuer.

But the story didn’t end there: $200 million in stolen assets were locked in an account that, according to Poly Network, required the hacker’s password. At first, the hacker refused to release the stolen cryptocurrency until Poly Network asked them to release it, a $500,000 reward for detecting a system bug, and even a job offer. Poly Network later revealed that the private key “Mr. White Hat” handed over.

#7. cream finances

Not only did hackers steal $130 million in the October 2021 incident, but it is Cream Finance’s third attack this year. Hackers took away $37 million in February 2021 and $19 million in August 2021.

In the latest attack, the hacker exploited a vulnerability in the DeFi platform’s instant lending system. On the Ethereum network, they took all of Cream Finance’s tokens and assets totaling $130 million.

#8th. BadgerDAO

A hacker successfully stole assets from multiple crypto wallets on the DeFi BadgerDAO network in December 2021. The problem is said to be on 10.11. started when a malicious script was injected into the website’s user interface.

The user transaction is blocked while the script is active. At the time, the attacker stole 896 BTC worth around $50 million.

#9. Forged volcano

In December 2021, hackers stole $135 million from blockchain games startup Vulcan Forged. They stole the private keys of 96 separate wallets before scraping 4.5 million PYR tokens from them.

#ten. Bitmart

In December 2021, a Bitmart hot wallet hack resulted in approximately $200 million in losses. At first, people thought that $100 million was stolen from the Ethereum blockchain. Additional investigations later revealed that another $96 million was stolen via the Binance Smart Chain blockchain.

More than 20 tokens are involved, including altcoins such as BSC-USD, BNB, BPay, and SAFEMOON, as well as significant amounts of MOONSHOT, FLOKI, and BABYDOGE.


One of the best ways to protect your crypto investment is to secure your wallet and do your own research on projects in the market.

Don’t believe everything that is said. Instead, scrutinize all investment claims, especially if they seem too good to be true or promise huge returns in a short period of time. Also, do not trust anyone to personally contact you, be it a government official, public worker or a stranger, asking for payment in Bitcoin or offering you an “investment opportunity”.

If possible, enable two-factor authentication for your wallet and exchange. Also, never give anyone your wallet’s private key or seed phrase and keep this information offline in cold wallets.

Check website URLs two or three times. For example, when attempting an online scam, a hacker would copy the URL of a valid website and substitute letters and numbers such as “l” for “1” or “0” for the letter “O”. Additionally, any offer that requires upfront costs should be rejected regardless of the amount, especially if the price has to be paid in cryptocurrency.

Join CoinCu Telegram to keep track of news:

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

970x90.gif (970×90)