When have crypto exchanges been hacked?

In Guides

The astounding growth of cryptocurrency has brought forward profound technological innovations that are snapping at the heels of traditional business methods. Blockchain and cryptocurrency could reshape a variety of industries. But with rapid growth there will always be issues. There are hundreds of crypto exchanges that serve millions of users every day.

Users have to put their trust in a third party in order to use an exchange. Throughout the growth of cryptocurrency a number of these exchanges have had critical issues and lost customer funds. These kind of incidents can dramatically affect markets. More than USD1.7 Billion worth of cryptocurrencies were lost to hacks and scams from 2011 to 2018.

Liquid was designed with security at the forefront. We are well aware of the mistakes that have been made in the past, and we refuse to be a part of these failures. This is why we use 100% cold wallet storage.

For some context, we have created a timeline of the most significant cryptocurrency exchange hacks and incidents. This is what we are fighting against.

June 2011: Mt. Gox part 1

Mt. Gox was the largest Bitcoin exchange around. It processed more than 70% of BTC trading volume worldwide. During its prime there were a number of issues with the exchange, many of which were continuously flagged by community members before malicious users took advantage of them. In June 2011, it happened. The price of Bitcoin on Mt. Gox dropped rapidly and the volume shot up. All of this is thought to have been caused by a malicious attacker who took control of a a computer, owned by a Mt. Gox auditor.

The attacker used the unauthorized access to sell themselves Bitcoin. As a result of the hacker selling Bitcoin to themselves, the trading price of Bitcoin dropped from USD15 to USD0.01 for a short period of time on Mt. Gox. In total, around 2,650 BTC was sold on the market, with the hacker gaining around 2,000 BTC, while other users of Mt. Gox managed to purchase the other 650 at artificially deflated prices. The coins were never tracked down and returned to the rightful owners.

February 2014: Mt. Gox part 2

The community forgave and forgot Mt Gox. But then it happened again. In January 2014 users of Mt. Gox began to report delays while they were using the platform. On February 7th Bitcoin withdrawals were frozen while the owners of the site looked into the issues causing delays. This was followed by a statement on February 10, stating that the issue was due to transaction malleability. They blamed the issue on a bug in the Bitcoin code, which allowed transactions to be altered so it appeared transactions had not been sent. The transaction would then reoccur, as the first transaction would appear as if it had not completed.

Withdrawals remained halted for a couple of weeks before all trading stopped on the platform in February 24, and the website went offline. Information then started coming out that Bitcoins were being stolen over a number of years, completely undetected. As a result, Mt. Gox was insolvent. In total, 744,408 BTC was stolen over the years. When this was discovered, the price of Bitcoin plummeted by about 36%.

July 2014: Cryptsy

In July 2014 users of the cryptocurrency exchange Cryptsy were unable to access their funds, but were unaware that a hack had occurred. It was eventually announced by the founder of Cryptsy that the exchange had been the victim of a hack. However, announcement came out more than a year after the hack was discovered internally. The Cryptsy team tried to cover up this hack using money they were earning from the exchange.

It was discovered that the hacker was known before from a previous scandal, the creation of Lucky7Coin. This attacker inserted trojan malware into the code of Cryptsy. With this malware, they were able to send themselves over USD6m worth of coins. The main coins stolen were Bitcoin (13,000) and Litecoin (300,000).

July & December 2014: Mintpal

Mintpal exchange announced in July 2014 that its hot wallet had been hacked, and millions of vericoins stolen. This equated to around 30% of the total supply of vericoins. This hack occurred when the hacker took control of internal features of the exchange. The hacker used this control to withdraw the coins to a personal wallet. Vericoin decided to do a hard fork, which rendered the stolen coins obsolete.

The struggle for Mintpal didn’t end there. In December 2014, more than 3,700 BTC was stolen from the exchange. Shortly after the July attack, Ryan Kennedy acquired the exchange. Not long after, Kennedy’s company announced bankruptcy and that all the Bitcoin on Mintpal had been stolen in a hack. It was later discovered that Kennedy himself had stolen these Bitcoins when he was caught selling them on LocalBitcoins.

January 2015: Bitstamp

In December 2014 Bitstamp employees were targeted by phishing attempts. One of these attempts ended up succeeding when an employee downloaded a malicious file. They had believed the file was being sent from a known company representative. This gave the hacker access to both the hot wallet and the password store on the servers. In total the hacker took 18,866 BTC from Bitstamp. At the time of the hack, this was worth more than USD5 million.

February 2015: BTER

A cryptocurrency exchange based in China called BTER announced it had been hacked in February 2015. The exchange claimed that the cold wallet system had been compromised, and 7,170 BTC was taken. This was worth about USD1.75 million at the time. It is thought that the definition that BTER was using for cold storage was incorrect, and they did not have true cold storage in place. BTER was also the victim of a smaller hack before this. The exchange is now closed permanently.

June 2016: Decentralised Autonomous Organisation (DAO)

The DAO is not an exchange, but a smart contract built on the Ethereum network. It was created to act as a new venture capitalist type investment method. The DAO was a digital app that was designed so companies could propose their ideas for new digital applications. When it was created there was an initial funding period.

The DAO token sale started at the end of April 2016 and raised more than USD150 million in 30 days, with more than 11,000 participants. While the initial funding was running there were members of the community raising concerns over the security of the smart contract storing all the funds. One individual was able to exploit one of the security flaws. They used this to take 3.6 million ETH from one DAO to another. The funds were still locked, but this caused a major price drop in ETH, from USD20 to USD13.

In order to stop the hacker accessing the stolen funds, a soft fork of the Ethereum network was proposed. The hacker fought back and offered incentives to miners. They would receive payments if they didn’t update their nodes in line with the new soft fork code. The hacker was offering more than 1 million ETH as incentive, so Ethereum therefore had to hard fork on July 20, 2016.

August 2016: BitFinex

In August 2016, BitFinex was victim of a huge theft. Almost 120,000 Bitcoin were stolen, valued at USD70 million at the time of the theft. BitFinex had recently implemented multi-signature wallets which should have significantly improved security, but it was hot wallets that were actually impacted by the attack.

December 2017: NiceHash

NiceHash is a Slovenian company that facilitates the buying and selling of hashing power to mine cryptocurrencies.

In December 2017, NiceHash closed down due to a hack. An official statement was released saying the payment system had been compromised. As a result, the Bitcoin wallet controlled by NiceHash was completely emptied of 4,450 BTC. NiceHash announced that they would be paying back everyone who was affected.

January 2018: Coincheck

Tokyo-based Coincheck was the victim of a major hack at the end of January 2018. The attacker was able to steal nearly USD500m of the cryptocurrency NEM. There has been no announcement about the details of the breach, apart from the statement from Coincheck saying that it was not an inside job. The funds were stored in hot wallets without multi-signature protection.

The stolen funds were traced, and the 11 wallets they ended up in were flagged. Coincheck announced that it would refund all users who lost money at a rate of USD0.83 per NEM lost, with the payments being made in fiat. The refund payments began in March.

February 2018: Bitgrail

At the start of 2018, RaiBlocks was a very popular currency due to its explosive growth. Bitgrail was an exchange based in Italy, which was one of the only places to buy RaiBlocks, which was rebranded to NANO. All withdraws and deposits of NANO were halted on Bitgrail in January. Bitgrail stated that they were doing this to implement new AML and identity verification measures. Consequently, the price of NANO dropped around 20%.

The founder of Bitgrail then announced that 17 million NANO had been stolen. At the time, this was worth USD195m. The Bitgrail founder released a statement asking for the NANO founders to fork the chain, a proposal rejected by the NANO developers. The NANO team fired back with a statement about how Bitgrail may have been suffering from insolvency.

Bitgrail announced a repayment plan, but didn’t specify an end date. Users were able to sign up and immediately get paid 20% of what they lost, with the remaining 80% to come some time in the future in the form of Bitgrail Share Tokens.

April 2018: CoinSecure

Indian crypto exchange Coinsecure proved less than secure in April 2018 when it was revealed that 438 BTC had been stolen, sent from a company wallet to a wallet the exchange had no control over. Coinsecure denied that their security had been breached, releasing a statement saying that the BTC was lost when they were trying to extract Bitcoin Gold. Coinsecure also announced that the users would be compensated.

June 2018: Coinrail

At the start of June 2018, South Korea-based Coinrail was hacked. with around USD40m stolen. Pundi X released a statement about how the hacker took 2,619,542,080 NPXS tokens, which were tracked to IDEX. Coinrail and Pundi X were able to reach out to IDEX and freeze all trades so the hacker could not profit.

January 2019: Cryptopia

On January 14 the New Zealand based cryptocurrency exchange, Cryptopia, went into maintenance mode.

Users were left in the dark until January 15, when Cryptopia released a statement saying that the exchange had been hacked and suffered significant loss.

It is thought about $16 million was stolen. Incredibly, 15 days after the initial breach customer wallets continued to be drained.

Cryptopia released a statement announcing a rebate for affected users. 

March 2019 - Coinbene 

Despite the claims from Coinbene that they had not been hacked, Elementus did some digging and discovered a sequence of events that would imply a hack occurred. 

Coinbene went into maintenance mode at the end of March. Many users were worried about the possibility of a hacking. Coinbene took to Twitter to inform users that no hack had occurred.

However, Elementus discovered transactions leaving the Coinbene hot wallet totally over $100 million. Eight hours later Coinbene began moving funds from the hot wallet to cold storage.

The 'stolen' assets have been seen moving to other exchanges to be sold. 


At Liquid, we do all we can to ensure we keep your funds safe and avoid the mistakes others have made in the past.


All guest authors’ opinions are their own. Liquid does not endorse or adopt any such opinions, and we cannot guarantee any claims made in content written by guest authors.

This content is not financial advice and it is not a recommendation to buy or sell any cryptocurrency or engage in any trading or other activities. You must not rely on this content for any financial decisions. Acquiring, trading, and otherwise transacting with cryptocurrency involves significant risks. We strongly advise our readers to conduct their own independent research before engaging in any such activities.

Liquid does not guarantee or imply that any cryptocurrency or activity described in this content is available or legal in any specific reader’s location. It is the reader’s responsibility to know the applicable laws in his or her own country.



Providing liquidity for the crypto economy.