Cryptocurrency gives us the freedom to take back control of our finances, essentially enabling us to be our own bank. But with many relying on third-party wallet providers, their crypto is only as safe as the protections and security measures the provider has in place.
Over the years, hackers have exploited vulnerabilities within these third parties, have targeted cryptocurrencies directly, and have utilized flash loans to their advantage. To date, this has seen them steal the equivalent of over $12 billion.
However, as we all know, some cryptos have skyrocketed in value in recent years. This means if hackers were to have kept all of the cryptos they stole and cashed it in today, they’d have amounted a fortune worth around $50 billion.
So how have crypto heists developed over the years? How much has been stolen? And how many platforms have shut down as a consequence?
Check out our interactive dashboard below to find out:
Heists are assigned to the country where the platform/website’s headquarters are located. Where a company’s location isn’t provided, the heist isn’t included in the map figures.
View our list of crypto & NFT rug pulls and scams listed separately here.
The top 10 biggest crypto heists
According to our findings, the following are the biggest crypto heists to date (based on the amount stolen in USD at the time):
- Ronin Network (Axie Infinity) – $620 million stolen: On 29 March 2022, Ronin Network (a gaming-based crypto network) announced it had been hacked and a whopping $620 million had been stolen in total. This was made up of 173,600 in ETH (worth just less than $595m USD) and $25.5m in USD, making it the biggest crypto heist to date. Ronin Network, which supports Sky Mavis’s Axie Infinity game, said its Ronin and Axie DAO validator nodes had been compromised with the funds being drained in two transactions. The US Treasury Department later attributed the theft to North Korea’s Lazarus group.
- Poly Network – $610 million stolen: In August 2021, a hacker attacked Poly Network by exploiting a vulnerability in its system and managed to steal funds worth over $600 million. However, in a strange twist, they didn’t make off with their bounty. Instead, the hacker spoke to the platform and agreed to give back most of the money, except for $33 million of tether (USDT) which had been frozen by the issuers. But that wasn’t the end of the fiasco as $200 million of the stolen funds were trapped in an account that required a password from the hacker and Poly Network. For a while, the hacker refused to hand theirs over. That was until Poly Network begged for them to release it, coughed up $500,000 as a gesture for finding the system vulnerability, and even offered them a job! Poly Network later revealed that so-called “Mr. White Hat” had given them the private key.
- Binance – $570 million stolen: In October 2022, hackers carried out a $570 million hack on Binance’s BNB chain. In the attack, hackers drained 2 billion BNB tokens from the cross-chain bridge. At the time, these were worth $570 million. However, thanks to quick-acting, a vast sum of these stolen tokens were frozen, so “only” around $110 million of the stolen tokens were unrecoverable.
- Coincheck – $547 million stolen: In January 2018, Japan-based Coincheck had its NEM (XEM) tokens stolen to the tune of more than $540 million. Hackers exploited the fact that the currency was being kept in a “hot” wallet, meaning it was connected to the server and was effectively “online” (a cold wallet sees funds stored offline). NEM developers were able to identify the stolen coins and mark them as such, but there was speculation that the funds were available on dark markets. However, as the coins lost a lot of value after the attack, it’s unlikely many would have seen this as a good deal (even today the coins would be worth 83 percent less than they were–around $90 million).
- MT Gox – $470 million stolen: This was the first large-scale hack on an exchange and is still the biggest theft of Bitcoins from an exchange. However, the MT Gox heist wasn’t down to a solitary event. Rather, the platform had been leaking funds since 2011, up until it was discovered in February 2014. Over a period of a few years, hackers stole 100,000 bitcoins from the exchange and 750,000 bitcoins from the exchange’s customers. At the time, these bitcoins were worth $470 million–but today, they’d be worth around ten times as much ($4.7 billion). MT Gox went into liquidation shortly after the hack with liquidators recovering approximately 200,000 of the stolen bitcoin.
- FTX – $415 million stolen: Following its announcement that it was filing for bankruptcy, crypto exchange FTX appeared to suffer a hack in which $415 million was stolen. This prompted the exchange to move the remaining funds into cold storage while it investigated the hack.
- Wormhole – $326 million stolen: In the first major crypto heist of 2022, Wormhole’s crypto platform was exploited to the tune of $326 million. The platform acts as a communication bridge between Solana (an ethereum rival that has recently gained traction) and other decentralized finance networks. On February 2, 2022, hackers were able to exploit a vulnerability, causing Wormhole to shut down its platform while it investigated. It later reported that 120k wrapped Ethereum (wETH) had been stolen.
- DMM Bitcoin – $305 million stolen: The cause of this hack in late May 2024 remains largely unknown but the platform was trying to raise funds to repay victims. In the attack, around 4,502.9 bitcoins were stolen, equating to $305 million.
- PlayDapp – $290 million stolen: The South Korean gaming and NFT platform halted trading in early February 2024 following an exploit after private keys were stolen. The hacker initially minted around 200 million PLA tokens (worth around $36.5m at the time). PlayDapp reached out to the hacker and offered a $1 million white hack bounty. Untempted, the hacker proceeded to mint a further 1.59 billion PLA tokens worth a whopping $253.9 million.
- KuCoin – $281 million stolen: In September 2020, KuCoin confirmed that hackers had managed to obtain private keys to their hot wallets before withdrawing large amounts of ethereum (ETH) and bitcoin (BTC), as well as Bitcoin SV (BSV), Litecoin (LTC), XRP (XRP), Stellar Lumens (XLM), Tron (TRX), and Tether (USDT). Since then, experts have suggested they have strong reason to believe that hackers in North Korea were responsible.
- WazirX – $234.9 million stolen: The centralized Indian crypto platform fell victim to a hack after a number of ‘suspicious transactions’ were noted on its Safe Multisig wallet on Ethereum.
- Gate.io – $234 million stolen: While the hack occurred in 2018, full details and confirmation of the hack didn’t occur until late 2022, meaning it was never fully disclosed to customers. According to ZachXBT, the heist happened in April 2018 and was carried out by North Korean hackers.
- Mixin Network – $200 million stolen: In September 2023, Mixin Network was hit with a $200-million exploit. The platform confirmed the attack happened via a third-party cloud service provider before offering the hacker a $20-million bug bounty.
- PancakeBunny – $200 million stolen: In this flash loan attack in May 2021 where hackers were able to drain $200 million from the platform. To carry out the attack, the hacker loaned a large amount of Binance Coin (BNB) before manipulating its price and dumping it on PancakeBunny’s BUNNY/BNB market. This enabled the hacker to get a huge amount of BUNNY through a flash loan, dump all of the bunny in the market so the price dropped, before paying back the BNB through pancakeswap.
- Euler Finance – $197 million stolen: In March 2023, Euler Finance was hit by a flash loan attack in which $197 million was stolen. At the time of writing, figures and facts are still being confirmed, so this will be updated as more information becomes available.
Methodology
To collate this list of worldwide crypto heists, we’ve searched through industry news and company announcements from across the globe. We’ve tracked attacks on third-party platforms, individual cryptocurrencies, and other DeFi systems, including hacks, thefts, flash loan exploits, and exploited vulnerabilities.
We have only focused on clear exploits by hackers, meaning rug pulls and employee theft haven’t been included. Nor have thefts from individuals.
The amounts stolen depict the funds stolen at the time of the hack–not the total after funds are recovered, frozen, or returned as part of a bug bounty deal.
When assigning a heist to a country, we have only done so if we can find the headquarters of the company.
Data researcher: George Moody, Rebecca Moody
For a full list of sources, please request access here.