It's no secret that truly astronomical money revolves on the crypto market, which is why it often becomes a victim of cyber attacks. Criminals are trying to find vulnerabilities in the system, which, in fact, is still in the process of improvement and debugging.
The Mt. Gox
Let's start with The Mt. Gox, which was originally founded as a card exchange platform for the super-popular card game Magic: The Gathering Online, and subsequently became the largest cryptocurrency exchange of its time, processing up to 70% of all BTC transactions. The problems began when Mark Karpeles became the owner of the exchange. Neglect of the development of backend mechanisms and the lack of such basic functions as version control software and a test environment made Mt. Gox is an ideal target for hacker attacks. As a result, 744,408 BTC worth about $460 million was stolen from the exchange. In 2014, she declared bankruptcy, and the stolen funds were never returned to the owners.
Next on our list is the very popular Japanese cryptocurrency exchange Coincheck, which was attacked by hackers in 2018. As a result of this attack, about 523 million NEM (XEM) tokens were illegally sent from her address for a total amount exceeding $530 million. According to the management of the exchange, the theft occurred largely due to security breaches caused by a shortage of employees. But as a result, the exchange still managed to return the stolen funds to all 260 thousand affected customers and restore its reputation.
The year 2018 was also marked by the activities of the hacker group CryptoCore, whose work was carried out for several years and was aimed not at one, but at 5 cryptocurrency exchanges at once. Phishing attacks by hackers led to exchange losses of at least $ 200 million in cryptocurrency. A study of these attacks revealed a high probability of their connection with the Lazarus hacker group based in North Korea, the damage from whose activities has not been officially confirmed, but is estimated at as much as $ 1.75 billion in cryptocurrency. Lazarus participants have not been detained yet.
I must say that the theft of cryptocurrencies is not always associated with the actions of third-party hackers. An example of this is the case of the South African bitcoin investment company Africrypt, founded by the Cage brothers in 2019. In 2021, the company stopped all operations, citing some internal violations as a result of the attack, and recommended that customers not follow the legal way of returning funds, as this could delay and complicate the receipt of invested money. However, some investors still filed a lawsuit with the police, claiming the loss of BTC totaling $ 3.6 billion and that the so-called hacking was an exit fraud. After that, the founding brothers mysteriously disappeared, and the amount of the claimed damage is still being clarified. But if it is confirmed, then this incident can be considered the most global cryptocurrency theft in history.
Well, let's finish with the largest proven crypto theft at the moment, which occurred in 2021. We are talking about the Poly Network project, whose cross-chain transactions give users the opportunity to send assets between different blockchains without converting them through an exchange. The protocol is engaged in the creation of digital self-managed safes on two different blockchains, and it is possible to withdraw funds from one of them only after confirmation from the second. The hacker or hacker group managed to release the funds stored in it from the safe box, bypassing the permission from another blockchain, as a result of which more than $ 610 million was stolen. Nevertheless, this is a story with a happy ending - Poly Network managed to contact the hacker almost immediately after the attack, and as a result, all the stolen funds were returned.