参考来源:Top Centralized Exchange Hacks: Lessons Learned from History
In recent years, centralized exchanges (CEXs) like Mt. Gox and WazirX have suffered major losses from external hacks, while others like FTX have collapsed due to internal fund misuse. Even industry giants Binance and Coinbase are facing existential threats from the world’s most powerful financial regulators.
Decentralized exchanges (DEXs) offer effective defenses against the three major threats — hacks, fraud, and overregulation — that have plagued CEXs. Of course, there are other threats besides “hacking.” For example, the downfall of FTX involved mismanagement and misuse of customer funds by its executives, which is less feasible on DEXs because their inherent structure promotes transparency and user control.
This article explores the biggest breaches in the history of top centralized exchange hacks From infamous intrusions to systemic vulnerabilities, the cryptocurrency world has experienced turmoil. Here, we review the top 10 worst centralized exchange hacks.
10. Bithumb hacker attack: repeatedly attacked
Founded in 2014, Bithumb quickly became a cornerstone of South Korea’s cryptocurrency market, with more than 8 million registered users and more than $1 trillion in trading volume. Despite its prominence, Bithumb has repeatedly come under attack.
Since 2017, Bithumb has suffered multiple attacks:
February 2017: Hackers steal $7 million.
June 2018: Employee personal data was exploited to steal nearly $32 million in cryptocurrency.
March 2019: Bithumb announced it had been hacked again and suspended deposits and withdrawals after losing around $20 million in EOS and XRP.
June 2019: Bithumb is attacked again, with hackers stealing $30 million worth of digital tokens.
Assets reported stolen from Bithumb during the June 2018 hack
The Ministry of Science and Technology (MIC) of South Korea conducted a thorough investigation into the repeated violations, and the main findings include:
Insufficient network isolation.
Poor monitoring systems that fail to differentiate between normal and suspicious activity.
Inadequate management of encryption keys and passwords.
9. WazirX Cryptocurrency Hack
More than $473 million worth of cryptocurrency was lost to hacks and fraud in 108 incidents in 2024. WazirX alone accounted for 86.4% of the total cryptocurrency lost to hacks in July.
Indian CEX WazirX announced plans to reverse all transactions after freezing withdrawals on July 18, 2024. On that day, WazirX suffered a major wallet vulnerability attack, resulting in the unauthorized transfer of more than $230 million in crypto assets. The attack targeted WazirX's multi-signature wallet on Ethereum.
Over $100 million in Shiba Inu (SHIB), 20 million MATIC tokens ($11 million), 640 billion PEPE tokens ($7.5 million), 5.7 million USDT, and 135 million GALA tokens ($3.5 million) were stolen.
Despite using advanced security measures such as hardware wallets and address whitelisting, WazirX suffered a sophisticated attack. This requires a comprehensive security audit and continuous improvement of digital asset protection measures. The risks of centralized control of private keys are obvious.
8. Binance hack: a stark reminder of cryptocurrency vulnerabilities
In 2019, Binance, the world’s leading cryptocurrency exchange, suffered a major centralized exchange hack. On May 7, malicious attackers used phishing and viruses to attack Binance’s security system and steal users’ two-factor authentication codes and API keys.
The intrusion allowed them to steal 7,074 Bitcoins from the exchange’s hot wallet in a single transaction, worth more than $40 million at the time.
Following the incident, Binance CEO Changpeng Zhao announced the creation of the Secure Asset Fund for Users (SAFU) to protect user funds in extreme cases. Despite these measures, Binance faced another major security challenge in October 2022. Hackers used the cross-chain bridge BSC Token Hub to illegally generate and steal 2 million BNB tokens, equivalent to approximately $570 million.
7. KuCoin: A Hollywood-style heist
In September 2020, KuCoin suffered a Hollywood-style heist that ranks among the most hacked centralized exchanges. The hackers first launched a cunning attack to steal Bitcoin and Ethereum into a mysterious wallet. The conspiracy became more complicated as the digital thieves gained access to the vault by stealing the private keys of KuCoin's hot wallet.
The next day, when KuCoin CEO Johnny Lyu addressed the world in a live stream, the crypto community was already on edge. The KuCoin team responded quickly, moving the remaining funds to a new hot wallet, closing the stolen wallet, and temporarily freezing all customer transactions to mitigate further risk.
Further investigation revealed that the stolen funds involved a variety of cryptocurrencies including BTC, ETH, LTC, XRP, etc., with a total amount of approximately $281 million. Despite the heavy losses, the proactive measures taken by KuCoin recovered approximately $204 million of the stolen funds within a few weeks.
Even more interesting is that KuCoin worked with international law enforcement to attribute the cyberattack to a suspected North Korean hacking group.
6. BitGrail: Inner Workings
Italian cryptocurrency exchange BitGrail is embroiled in controversy following a €120 million ($146.55 million) theft from its platform. Italian police have accused Firano, also known as “FF,” of either being involved in the hack or negligently failing to tighten security measures after the initial breach was discovered.
The series of events resulted in the loss of funds of approximately 230,000 users, and Firano faces charges including computer fraud, fraudulent bankruptcy and money laundering, making it one of the largest financial violations in Italian history.
Afterwards, the Italian bankruptcy court took decisive action and declared Firano and BitGrail bankrupt. The court also required Firano to return as much of the stolen assets to customers as possible.
In addition, the court approved the seizure of Firano’s assets, including more than $1 million in personal items and millions of cryptocurrencies in BitGrail accounts. The court found that a software flaw in the BitGrail platform led to multiple improper withdrawal requests.
In CEXs like BitGrail, control of all assets and security measures is centralized, making them an attractive target for hackers.
5. Poloniex: A tale of two hacks
Poloniex has suffered two serious security breaches.
In March 2014, hackers exploited a software vulnerability to steal 97 bitcoins, or 12.3% of the exchange’s bitcoin holdings at the time. Despite the setback, Poloniex managed to bounce back and fully compensated affected users.
Fast forward to November 2023, and the exchange was attacked again, this time in a more serious way. The attackers, suspected to be the North Korea-linked Lazarus Group, stole private keys and stole approximately $126 million from Poloniex’s hot wallets.
The modus operandi included the use of social engineering and malware to obtain critical private keys. After the hack, a complex strategy was adopted, including sending different tokens to specific addresses and using decentralized exchanges to launder the money, which made it difficult to track and recover.
4. Bitstamp theft incident
Cybercriminals targeted Bitstamp’s system administrator, Luka Kodric, who unknowingly downloaded a malicious file that compromised the exchange’s security. The malware, hidden inside a harmless document, activated a script that infected Bitstamp’s servers, giving the hackers access to the critical wallet.dat file and passwords.
Bitstamp acted quickly upon becoming aware of the breach, establishing an emergency response team and alerting the entire company. Despite these measures, hackers were able to steal 18,866 bitcoins from hot wallets, resulting in a loss of approximately $5 million at the time of the hack.
In the aftermath, Bitstamp undertook a massive overhaul of its trading platform, choosing to rebuild it from the ground up rather than patch it up. They migrated their infrastructure to Amazon’s secure cloud servers in Europe, implemented multi-signature wallet access, and hired Xapo for cold wallet management.
3. Bitfinex theft incident
In August 2016, Bitfinex suffered a cyberattack. Hackers exploited a vulnerability in the exchange’s multi-signature security system, which was supported by BitGo. They manipulated the security protocol and illegally withdrew 120,000 Bitcoins from Bitfinex’s hot wallet.
After the hack, Bitfinex was transparent about the financial losses. The losses were distributed among user accounts, with each account losing 36%. To mitigate the losses, Bitfinex issued BFX tokens to affected users, redeemable for U.S. dollars or iFinex Inc. shares to facilitate a gradual recovery.
2. Coincheck theft
At the end of January 2018, Coincheck, a well-known Japanese cryptocurrency exchange, suffered one of the worst centralized exchange hacks in history. Hackers hacked into the exchange's hot wallet and stole 523 million NEM tokens, which were worth about $534 million at the time.
Despite previous hacks, Coincheck still stored a large amount of assets in hot wallets without adequate multi-signature protection. After the attack, the exchange immediately stopped all deposits and withdrawals to stop the flow of stolen funds.
The cryptocurrency community quickly rallied to prevent the stolen assets from being liquidated. Exchanges such as ShapeShift banned trading of the stolen NEM coins and marked related addresses to prevent further transactions. Despite these efforts, a full recovery of the funds has not been feasible.
1. Mt. Gox: An unforgettable hack
The Mt. Gox hack remains arguably the most infamous and high-profile cryptocurrency theft, primarily due to its size and timing. This major incident is a classic example of a top centralized exchange hack.
In 2011, Mt. Gox, then the world’s largest Bitcoin exchange, suffered its first major security breach, resulting in the loss of 25,000 Bitcoins. The situation worsened in 2014, culminating in a catastrophic theft of approximately 850,000 Bitcoins.
The hack had a huge impact, affecting the price of Bitcoin and the trust of the global cryptocurrency community. "I lost almost everything. It has changed my perspective on digital currency security forever," one forum user shared, highlighting the profound personal and financial impact of the hack.
Precautions for exchange security
The security of exchanges has become a focus of the entire cryptocurrency industry in recent years, especially after some major security incidents and internal problems led to the closure of exchanges or loss of funds. In order to improve security, exchanges can take a variety of measures.
For example, storing most of the assets in an offline cold wallet and storing only a small amount of funds in an online hot wallet to cope with daily transaction needs can significantly reduce the risk of hackers successfully stealing large amounts of funds. On the other hand, by requiring multiple key holders to sign transactions, multi-signature prevents the leakage of a single key from causing the loss of funds.
