The Speed of Crypto Hacks is Picking Up: This Month Alone Thieves Stole $71.5M
Pundits and commentators have long worried about the security of decentralized cryptocurrencies. In fact, detractors often complain that investing in cryptocurrencies carries far too much downside for the average investor—even if the price goes up, you can still lose it all to hackers. We just saw two more crypto hacks at Bithump and Coinrail, totalling a combined $71.5M. So let’s to take a step back and analyze the history of cryptocurrency hacks.
We created our new graph by taking data from CryptoAware.org, which recently published a list of highly significant crypto hacks and scams. There’s no central record keeper for this sort of thing, so CryptoAware undoubtedly missed some. We combined a cluster graph representing the size of the hack on a timeline with the logo of the exchange or wallet provider that fell prey. This approach lets you easily see how often and to what extent the crypto-market has sustained attacks over the last several years.
A general trend is immediately obvious about our visualization: cryptocurrency hacks have generally become more common and more valuable over time. $10M+ hacks started happening with some regularity after the summer of 2016, right when the crypto-market started taking off. Prior to that time, there was exactly one hack over $10M, the infamous Mt. Gox hack in 2014. More on that in a minute. The second-most devastating hack happened very recently in a Tokyo exchange called Coincheck, for the somewhat obscure NEM coins. The only other two cryptocurrency hacks worth more than $100M were Parity’s Ether wallet hack ($160M) and BitGrail’a Nano hack from early this year ($170M). The latter is still causing lots of consternation within the cryptocurrency community. All things being equal, the average crypto-hack comes out to about $37M.
The critical thing to remember about our graph is that it represents the value of the cryptocurrency theft at the time it occurred. This creates a fair comparison because the value of cryptocurrencies changes literally every second of every day. But keep in mind what this really means: the Mt. Gox hack represented $450M in crypto-wealth as of early 2014, back when Bitcoin cost about $560. As of this writing on May 1, 2018, those same Bitcoins are worth just over $9,000, or a total of about $7,252,000,000. Think that’s incredible? Back in December of 2017, the stash would have been worth $15B+. That’s 10% of the entire Bitcoin market cap today and several times bigger than the biggest bank robberies ever.
This raises two important questions. First, what would somebody do with so much cryptocurrency? Obviously, the value of the currency would plunge as news broke of such a massive heist. Since there is no central governing authority, it is relatively easy to launder cryptocurrencies through different exchanges, which makes it possible to convert the coins into a country’s accepted currency. Second, can cryptocurrency exchanges and wallet providers come up with some sort of system to prevent hacks without government regulations? The Wild West nature of cryptocurrencies—price manipulations, flash crashes, hacks—all indicate that these platforms have to do a better job securing value. Suppose 10% of the entire Bitcoin market were to disappear tomorrow. What are the chances that central governments will outlaw exchanges then?
|Name||Reported Loss (Crypto)||Reported Loss (USD)||Occured on||Sources|
|MyEtherWallet DNS hack||215 ETH||$152,000||April 2018||Forbes|
|Coinsecure Theft||438 BTC||$3,300,000||April 2018||Coindesk|
|South Korean Bitcoin Pyramid Scheme||N/A||$20,000,000||April 2018||Coindesk|
|GainBitcoin India Ponzi Scheme||N/A||$300,000,000||April 2018||Cointelegraph|
|Dantang coin Ponzi||N/A||$13,000,000||April 2018||CryptocurrencyNews|
|iFan/Pincoin Token Scam||N/A||$650,000,000||April 2018||VNExpress|
|BTC Global Ponzi Scam||N/A||$50,000,000||Mar 2018||Coindesk|
|Coinhoarder Phishing Scams (ongoing)||N/A||$50,000,000||Feb 2018||Cisco Research|
|Seele ICO Theft||2,162 ETH||$1,800,000||Feb 2018||Cointelegraph|
|Bee Token Phishing||890 ETH||$928,000||Feb 2018||Coindesk|
|BitGrail Theft||17,000,000 NANO||$170,000,000||Feb 2018||Bitcoinist|
|BlackWallet Theft||670,000 XLM||$400,000||Jan 2018||Coindesk|
|Coincheck||500,000,000 NEM||$400,000,000||Jan 2018||Bloomberg|
|Youbit korean exchange hack||Exact amount not reported. Lost 17% of assets||?||Dec 2017||Bloomberg|
|NiceHash Hack||4,700 BTC||$62,000,000||Dec 2017||Reddit
|Parity Wallet suicides||513,774 ETH||$160,000,000||Nov 2017||Paritytech|
|Tether Token Hack||$30,950,010 USDT||$30,000,000||Nov 2017||Coindesk|
|Enigma Project Scam||1,500 ETH||$500,000||Aug 2017||Coindesk|
|Parity wallet hack||153,000 ETH||$30,000,000||July 2017||Coindesk|
|Coindash ICO hack||43,500 ETH||$10,000,000||July 2017||Coindesk|
|Yabizon (Youbit)||3,816 BTC||$5,300,000||April 2017||Bitcoin|
|Asian-European Currency Ponzi Scam||N/A||$47,000,000||Jan 2017||Cointelegraph|
|OneCoin Pyramid Scheme (ongoing)||N/A (actual scale unknown since the blockchain was never operational, actual loss could be much much more than estimated $50m)||$50,000,000||Dec 2016||Bitsonline|
|Bitcurex||2,300 BTC||$1,500,000||Oct 2016||Bitcoin|
|Bitfinex||120,000 BTC||$77,000,000||Aug 2016||Arstechnica|
|DAO hack||3,600,000 ETH||$60,000,000||June 2016||Coindesk|
|Kipcoin||3,000 BTC||$690,000||Feb 2015||NewsBTC|
|Bter||7,170 BTC||$1,750,000||Feb 2015||Coindesk|
|Bitstamp||19,000 BTC||$5,200,000||Jan 2015||Arstechnica|
|796 Exchange||1,000 BTC||$230,000||Jan 2015||Cointelegraph|
|BitPay||5,000 BTC||$1,800,000||Dec 2014||Coindesk|
|Mintpal||3,894 BTC||$1,300,000||Oct 2014||Bitcoin|
|Poloniex||97 BTC||$64,000||March 2014|
|Flexcoin Theft||896 BTC||$600,000||March 2014||Coindesk|
|Mt Gox Hack||850,000 BTC||$450,000,000||Feb 2014||The Guardian|
|Picostocks Hack||6,000 BTC||$3,000,000||Nov 2013||Bitcoinexchangeguide|
|BIPS Hack||1,295 BTC||$650,000||Nov 2013||The Guardian|
|Inputs.io Hack||4,100 BTC||$1,200,000||Oct 2013||The Guardian|
|Vircurex||1,454 BTC||$160,000||May 2013|
(related to bitcoinica hack in May 2012)
|20,000 BTC||$260,000||Dec 2012||Newsbtc|
|Bitfloor Theft||24,000 BTC||$250,000||Sept 2012||Arstechnica|
|BitFloor Hack||24,000 BTC||$250,000||Sept 2012||Coindesk|
|Bitcoin Savings & Trust||265,000 BTC||$2,800,000||Aug 2012|
|Bitcoinica 3||40,000 BTC||$305,200||July 2012||Bitcointalk|
|Bitcoinica 2||18,000 BTC||$91,000||May 2012||Bitcoin|
|Linode Hack||46,700 BTC||$228,000||March 2012||Arstechnica|
|Bitcoin7||11,000 BTC||$50,000||Oct 2011||Bitcointalk|
|MyBitCoin Theft||154,406 BTC||$2,000,000||Aug 2011||Observer|
Cryptocurrencies have had some struggles, but what does that mean for the future? We think of these hacks as growing pains: any new industry will have companies that cut corners on security and pay a price. The free market usually takes care of these organizations—they go out of business. Additionally, even though the size of these hacks is certainly eye-popping, keep in mind that the entire cryptocurrency market is worth about $423B right now. Yes, losing tens of millions to hackers is significant, but these problems won’t cause most people to panic about the security of the crypto-movement writ large.
See any hacks or scams we missed? Email us at firstname.lastname@example.org and we’ll get researching!