The history of cryptocurrency exchange hacks and attacks: losses, consequences, conclusions

How to anticipate risks and why exchanges are not an alternative for reliable trading

Almost all cryptocurrency exchanges were subjected to hacker attacks. In some cases, hackers managed to withdraw more than $500 million, in some - their wallets were blocked, and the transactions were annulled. As a result of some hacks, the exchanges ceased to exist, and some even remained behind the curtain. Exchanges are reluctant to recognize their weaknesses, and there are suspicions that they may even be behind these fraudulent actions. So maybe one should incline towards an alternative? In this review you will see examples of the most daring hacks and fraud of cryptocurrency exchanges and some conclusions. The choice is up to you!

LiteFinance: How to anticipate risks and why exchanges are not an alternative for reliable trading

History of cryptocurrency exchange hacks

There are several dozen cryptocurrency exchanges in the world. We are only talking about those that have a relatively large turnover in certain crypto currencies. Most of them are in South Korea and Japan. China, formerly among the leaders in trade turnover, lost ground after the control tightening by regulators. Trading via a wallet created on the exchange seems attractive – you have direct access to the exchange with minimal financial and time losses. But you are also very likely to lose your money.

In the whole history of the existence of crypto currencies, almost every exchange has been subjected to hacking, and repeatedly. It would seem that the exchanges could draw conclusions and ensure maximum protection of wallets. But hacks happen again and again. It comes to the point of absurdity: there are numerous examples when exchanges stopped trading under the pretext of "technical works", which gave rise to unfounded rumors about hacks. In other words, the exchanges are very reluctant to admit that they were attacked. And because of the lack of regulation and control, there is no guarantee that the hacks are not performed by the exchanges themselves. Read more about the history of hacker attacks on cryptocurrency exchanges.

Exchanges that did not survive

The first successful large-scale hacker attack was carried out in 2011 on the notorious Mt.Gox, and the hackers stole 2609 BTC. This fact was almost ignored then. Only in 2014 it became known that the exchange was hacked systematically. Out of 850 thousand BTC, only 200 BTC have been found, the fate of the rest is unknown. Hackers systematically intercepted and changed transactions unbeknownst to the exchange. As a result, about 25 000 people lost their money, the exchange ceased to exist, the BTC sank by 23%. Although now such a drawdown seems insignificant, hacking and bankruptcy of Mt.Gox became the largest one in the history of cryptocurrencies.

1. Coincheck - a good start of 2018

This exchange operating since 2014 is not particularly large, but now it certainly will go down in the history of the cryptocurrency world. It does not have so many crypto currencies, but they proved to be enough for the hackers. On January 26, 2018, Coincheck confirmed the theft of 58 billion yen ($533 million) in the NEM cryptocurrency. This amount became a record, beating the previous ‘achievement’ of Mt.Gox. And only the fact that the exchange remained afloat makes Mt.Gox the winner. It is noteworthy that both exchanges are located in Japan.

At a press conference, representatives of NEM reported that all exchanges were encouraged to use a smart contract with a multi-signature function. Coincheck neglected its use, which made it possible to hack. This meant that the fault was entirely with the exchange. Many experts fear that the system for marking stolen tokens carries risks for decentralization. In other words, hackers can get control over the blockchain.

Consequences of the hack:

  • for more than a week, all user accounts were frozen until a solution was found. After defreezing accounts on February 13, users withdrew about $372 million during the day. There is no information on how much it affected the margin of the exchange;
  • the hack affected about 260 thousand users. Representatives of the exchange said that they intended to compensate 400 million dollars from their own funds (at the rate of $0.81 per coin). The timing and mechanism of the compensation are still being agreed upon. We have no answer to how the exchange has so much money with which it can part so easily;
  • the hack of the exchange had no critical influence on the NEM rate.

LiteFinance: 1. Coincheck - a good start of 2018

The consequences of the hack are difficult to assess. It is only known that multi-signature was not used, but the exchange does not recognize its guilt. There is also no information about hackers, nor about how the compensation will occur.

2. BitGrail – nothing is accidental?

And again, a relatively small exchange is in the TOP-3 based on the stolen amount. One gets the impression that medium-level exchanges may specifically allow hacking, after which they announce bankruptcy, and BitGrail is no exception. Someone was simply earning on the crypto currency exchange hype. However, this may be a biased opinion.

February 10, 2018 (the year began productively in terms of hacker attacks), the Italian exchange BitGrail was forced to report that as a result of unauthorized transactions, a total of $170 million worth of Nano cryptocurrency were withdrawn, after which the exchange declared bankruptcy a year after its launch.

LiteFinance: 2. BitGrail – nothing is accidental?

I have two questions:

  • Judging by the screenshot above, BitGrail is not in the TOP for day trading. Why did the attack target this cryptocurrency?
  • Why did the theft of a medium-level cryptocurrency (check the turnover on top exchanges) result in such radical consequences?

There are no answers to them. It is only known that the other currencies were not affected, but there is no way out of the situation either. The developers of Nano offered to do a hardfork (let us remember the situation after the hack of DAO with ETH and ETC). It is noteworthy that the Nano statement says that they have "sufficient grounds to believe that Firano (the founder and owner of the exchange) has long misled the Nano team". Only the owners of wallets did not get a cent from these disputes.

3. Bitfinex - the most mysterious exchange of the world

Bitfinex is one of the largest cryptocurrency exchanges in the world, but it can soon repeat the fate of the BTC-E (see below). After the scheming with Tether, regulators started looking closely at the exchange with many claims regarding money laundering, speculation and its financial condition. But we’re not talking about that. In the summer of 2016, the stock exchange also was in the focus of regulators after a strange hack that resulted in a theft of crypto currencies in the amount of $62 million. USA. This amount made it in the TOP-5 in terms of the stolen amount in the last 2 years. The bitcoin rate then fell by a symbolic 18% from $750 to below $550.

  • Attack mechanism. The security provider of the exchange was BitGo, which is still one of the leading companies in this area. How did the hackers get the keys of users - it's hard to say, but BitGo hurried to report that the vulnerability was not on their side. The results of the investigation were not disclosed. It is only known that the attack was prepared by a group of people for several months, and almost 120 thousand BTC were broken down into small deposits on dozens of little-known exchanges.

In January 2017, there were transactions involving 800 BTC on several exchanges, including the ill-fated BTC-E. The first one to respond was Kraken, which blocked 0.4 BTC. A drop in the sea, but it means that the stolen coins (and not only on this exchange) in most cases remain in the system and wait for a convenient time for withdrawal.

4. Bithumb - smart hackers or a secretive exchange?

South Korean exchange Bithumb at the time of the attack in the summer of 2017 was in the TOP-5 in terms of Bitcoin trade and was considered the largest exchange of the country. June 29 (as the official information says at that time), wallet owners noticed that they began to lose relatively large amounts of crypto coins. The attackers tried not to attract attention, being content only with the UTS and VTS in such quantities that the loss was not quickly detected. Therefore, a full review of the hack was only made public on July 4.

  • Attack mechanism. Hackers used an unknown method to compromise the computer of one of the employees of the exchange, after which they could access about 3% of the customer base. The investigation at the time could not establish how the access to the database was obtained. It is only known that hackers copied all user data, including phone numbers and post addresses.

With user data, the attackers engaged in "telephone fishing" - under the guise of representatives of the exchange, they lured out one-time passwords and stole money. The hack of Bithumb received an unexpected continuation in December 2017. It turned out that the hackers attacked the exchange back in February, but it became known only in June. And it was announced that the stolen amount was about 7 million dollars at the rate as of February, which accordingly turned into 80 million dollars in time. The National Intelligence Agency of South Korea accused the hackers from the DPRK of the attack, but the story had no further development.

It remains unclear whether Bithumb deliberately concealed hacking in February, because it's hard not to notice the loss of $7 million. For the exchange, this means a loss of reputation, and it was much easier to compensate for the losses at the old exchange rate which later went up several times. By the way, Bitcoin was not affected by the news, and the stock exchange is still in the TOP list to this day.

LiteFinance: 4. Bithumb - smart hackers or a secretive exchange?

5. Binance – how the hackers pumped VIA

This crypto exchange is relatively young – it started working in the spring of 2017. And it would seem that it should take into account the errors of previous platforms (after all, the stock exchange is in the TOP-30 in terms of the daily trading volume and in the TOP-3 in terms of trading volume of BTC), but the hackers managed to breach its defense.

On March 7, the exchange reported a potential hack, as a result of which automatic systems of traders began to quickly sell all altcoins and buy Viacoin (VIA) for the money. The rate of the crypto currency instantly increased by more than 1000%, but the representatives of the exchange managed to react in time.

  • Attack mechanism. Within 2 months, the attackers conducted a series of fishing campaigns, masking fake domains as the original Binance domain (homographic attack). This way, they were able to collect the accounts of most users. They did not touch money on compromised accounts, but only created API keys, which were used on March 7 for the purchase of VIA/BTC.

The Binance risk management system noticed an anomaly after 2 minutes and immediately blocked all transactions. The attackers planned to collect money on 31 accounts, through which they were going to withdraw it, but they did not have time to do it - the wallets were instantly frozen. A day later, the work of Binance returned to normal mode, user money was not affected, and the exchange itself announced a $250,000 reward for the help in capturing hackers. The VIA rate returned to its original level, and the dropped crypto currency market began to recover after the weekend.

Another interesting example of manipulation is an artificial failure at the right time. In the first week of February 2018, Binance stopped working for 1 day. One of the leading developers of anti-virus software, John McAfee, immediately expressed an authoritative opinion that the exchange was hacked, but hides it from its users. Later he apologized for his words, but surprisingly the technical malfunction arose at the time of a strong drawdown of BTC due to the inflow of money to the market from Mt.Gox. One can only guess who profited from this.

LiteFinance: 5. Binance – how the hackers pumped VIA

6. BTC-E - not by hacks alone

  • The story of the arrest of the platform administrator Alexander Vinnik is gaining momentum. In early March 2018, information appeared that the London front company Always Efficient LLP was behind the theft of Mt.Gox coins (half of which appeared on the competing exchange BTC-E). According to the FBI, the company took part in various kinds of money laundering transactions through BTC-E, including coins stolen on Mt.Gox. Time will tell if this is true, but the situation with the bankruptcy of the exchange is not over yet. Let me return to the chronology of events.

BTC-E is one of the oldest cryptocurrency exchanges founded in 2011. The exchange was attacked and hacked quite often, but the amounts were so insignificant that the hacks did not get any publicity. We know about the hacks dated 2012, December 2013, August 2016, etc. The major attack was due to virus software (in contrast to the current attacks, where fishing is at the top of the list).

The thing exploded on July 25, 2017. On that day, the exchange suddenly went offline due to unplanned technical maintenance. On the same day, the public learned about the arrest of the exchange administrator Alexander Vinnik who was accused of having laundered more than $4 billion in BTC through BTC-E, including the money from Mt.Gox. Later Vinnik will say that BTC-E is not an exchange, but only a platform for transferring money, therefore he cannot be responsible for the origin of coins. The scheme of money laundering was complicated. Despite the fact that all transactions are anonymous, there are already confirmations that Vinnick's wallets were involved not only in transactions with Mt.Gox, but also with coins from Bitcoinica and Bitfloor exchanges that were stolen in 2011-2012. For several days the stock exchange was in limbo, promising to return to normal work.

However, after the arrest servers located in the US by the FBI, the stock exchange practically ceased to exist. During August, there were repeated reports on the transfer of frozen accounts to the new WEX platform, which seems to have started working on September 15, but according to unconfirmed information, the issue has not been completely resolved yet. To date, WEX is not even close to the TOP exchanges.

The exchange closing did not affect the quotes, as seen in the chart below.

LiteFinance: 6. BTC-E - not by hacks alone

7. NiceHash – crypto currency service under attack

NiceHash (Slovenia) - on December 6, 2017, the largest cryptocurrency mining market was forced to publish a press release in which it admitted to hacker attack. Despite the fact that it is not a platform, this hack deserves special attention. NiceHash allows you to let or lease capacities for cryptocurrency mining. You could store the mined coins in the local protected wallet BitGo Bitcoin (which is considered one of the best in its class, but has already experienced problems with Bitfinex hack). The stolen amount was about 62 million US dollars, which put the service in the TOP-5 of the largest losses in 2017. It is noteworthy that this did not affect the BTC rate, on the contrary, Bitcoin went up along with market capitalization. A clear example of the fact that investors react only to hacking of exchanges, ignoring attacks on local services.

LiteFinance: 7. NiceHash – crypto currency service under attack

8. Youbit – the same trap

In this article, I have already shared my thoughts on the subject of hacking and bankruptcy of this exchange. But we should mention it once again for several reasons:

  • in 2017, it was hacked twice, after which it ceased to exist. Unlike the major exchanges that learned from the first time, Youbit chose to fall into the trap a second time;
  • bitcoin dropped by 7.5%. Although the exchange is not particularly large (not to be confused with Yobit), the reaction of traders was ruthless on the eve of winter holidays;
  • it’s been more than 2 months since the bankruptcy. The exchange promised to compensate for some of the losses, but since then there is no information whether it did.

9. BitConnect - a scam of 2017

The story of this cryptocurrency exchange is a telling example of that there can be Ponzi schemes among cryptocurrency exchanges as well. Transactions were stopped in January, 2018. The exact amount of losses is still uncounted; class action lawsuits were brought against the company and legal proceedings are still ongoing. But it is obvious, investors will hardly get their money back.

The BitConnect company was founded in Great Britain in 2016 and before launching tokens it had been hardly known to anyone. The successful marketing campaign did its job. After the successful ICO launch, the project’s capitalization surged very fast, so BCC cryptocurrency was included in TOP 30. In better times, the token price exceeded 400 USD, and the market cap almost reached $30 billion. In addition to its own cryptocurrency, the company launched the same name cryptocurrency exchange BitConnect Exhange, which, though wasn’t a large one, was steadily taking its niche.

Developers used multi-level network to attract clients:

  • Investors could buy BCC on BitConnect Exchange for a period of four to ten months. The longer was the period, the more was daily return on investment (that was one of a Ponzi scheme signs, ignored by investors). Expected yield could amount to 4000 per year;
  • There was a referral scheme with an opportunity to gain 3-5% form the attracted amount (one more feature of a Ponzi scheme).

The fact that investors had no problems with money withdrawals, and the exchange itself seemed to be reliable, pushed the tokens rate up.

The bell tolled in autumn 2017. Vitalik Buterin and Charlie Lee (Litecoin developer) criticized the project, and the community had a question about who were the real project founders. And their real existence wasn’t proved. The chain of owners turned out to be confusing and obviously hiding real owners. The start-up continued its active marketing campaign that didn’t correspond to a serious project (for example, comic clowns’ performances in Thailand) and immediately received a notice from the UK government. BitConnect ignored the notice and was ordered by SEC to stop operating in January, 2018. BitConnect shut down two days later.

LiteFinance: 9. BitConnect - a scam of 2017

In this story, it is remarkable that investors ignored both the lack of detailed White Paper, and obvious features of a Ponzi scheme, and the lack of data about real project developers, pushing the token up to TOP-30. Nobody knows how many projects alike are among the top projects. And how many more exchanges are Ponzi schemes?

Can I get my money back?

This is a sensible question: can one get their money back after the hacking of exchanges? Everything depends on the defense mechanisms of the exchange itself. If the attackers have already taken hold of the wallets and withdrew the money, it is technically impossible to return the funds. The anonymity of cryptocurrencies is actually a plus for hackers too - after the stolen coins are mixed with "white" coins, it becomes difficult to track transactions.

But it is not all that bad. Most often, exchanges have time to block suspicious transactions. And if money has not been withdrawn from the hacker's wallets, the exchange manages to block the wallet and roll back the transactions. However, I should clarify: this happens only when it is profitable for the exchange. Sometimes "technical maintenance" is done at the most inopportune moment. It's no secret that smaller stock exchanges themselves are not above making money by investing in trading on larger exchanges. And no one knows how much cryptocurrency a certain exchange has in stock.

I will give my last comment that may be of interest to investors. According to Ernst&Young (EY), as a result of hacker attacks over the past year, about 10% of all money that was attracted by the organizers at the time of the initial coin offering (ICO), was stolen. On average, of $3.7 billion, about 400 million is stolen. In some projects, hackers managed to steal up to $1.5 million per month. And the fault is solely with the developers. So should you trust new projects? You decide.

Conclusions:

  • From the analysis it is clear that almost every cryptocurrency exchange was subjected to hacking attempts. Imagine, however, how many hack and attempts we do not know about. For example, there is no information about hacking of Yobit, Huobi and Bitstamp exchanges (there is only general information about hacking of both exchanges in 2015 without any comments, Bitstamp lost 5.3 million US dollars), HitBTC, OKEX (the police was not even interested in the hacking in early October 2017 for 3 million US dollars), although according to the Coin Market Cap, they have a large turnover.
  • In 2017, the cryptocurrency community almost did not react to the hacks, unlike in 2018. Should we suspect that the January and March hacks with the drop in quotations were connected is a rhetorical question. But it seems to me that the reason is in other factors.
  • The largest hacks show stolen amounts of $50- $500 million. Losses of several million are already accepted as inevitable and are compensated by the growth of quotations.
  • This review is devoted only to the largest hacks in history, but on target forums you can find dozens of stories about local hacks of private wallets. Is it worth to risk by keeping money on exchange accounts?
  • In most cases hackers still target BTC and ETH.
  • In terms of reliability (or lack of information about serious hacks) we should note Poloniex, OKEx, and GDAX. Local hacks took place, but they are more likely the fault of users who did not use two-factor identification.
  • It is enough for exchanges to go offline for several hours to cause rumors of hacking in a day or two. They may not confirm, but after the BTC-E traders prefer to be safe.
  • The most popular way of accounts hacking is fishing and social engineering (using human weaknesses). Attackers under the guise of representatives of the exchange received access to computers of employees (this task could take months) and took over the keys. Hacking a private account is even easier by using Google Play (Poloniex hacking).

Cooperation with cryptocurrency exchanges is packed with all sorts of unpleasant surprises, ranging from a technical malfunction and a sudden trade stop to wallet hacking. Due to lack of transparency, exchanges are inferior to classical trading via broker. The brokers may offer a narrow range of crypto currencies, but they are more reliable. What will you choose?


P.S. Did you like my article? Share it in social networks: it will be the best "thank you" :)

Useful links:

  • I recommend trying to trade with a reliable broker here. The system allows you to trade by yourself or copy successful traders from all across the globe.
  • Use my promo code BLOG to get a 50% deposit bonus on the LiteFinance platform. Simply enter this code in the appropriate field when funding your trading account.
  • Telegram chat for traders: https://t.me/litefinancebrokerchat. We are sharing the signals and trading experience.
  • Telegram channel with high-quality analytics, Forex reviews, training articles, and other useful things for traders https://t.me/litefinance
Cryptocurrency exchange hacks: history, causes, and effects

The content of this article reflects the author’s opinion and does not necessarily reflect the official position of LiteFinance broker. The material published on this page is provided for informational purposes only and should not be considered as the provision of investment advice for the purposes of Directive 2014/65/EU.
According to copyright law, this article is considered intellectual property, which includes a prohibition on copying and distributing it without consent.

Rate this article:
{{value}} ( {{count}} {{title}} )
Start Trading
Follow us on social media
Live Chat
Leave feedback
Live Chat