Please ensure Javascript is enabled for purposes of website accessibility
Free Article Join Over 1 Million Premium Members And Get More In-Depth Stock Guidance and Research

The Biggest Cryptocurrency Hacks in History

By Sean Williams - May 9, 2018 at 9:55AM

You’re reading a free article with opinions that may differ from The Motley Fool’s Premium Investing Services. Become a Motley Fool member today to get instant access to our top analyst recommendations, in-depth research, investing resources, and more. Learn More

With today's prices, one of these heists would be worth more than $8 billion.

Cryptocurrencies burst onto center stage in 2017, delivering what might very well be historic gains. For the year, the aggregate value of all digital currencies soared from a starting value of $17.7 billion to an ending value of roughly $613 billion. That works out to an increase of more than 3,300%! By comparison, the stock market has historically gained 7% a year, inclusive of dividend reinvestment and when adjusted for inflation. It would take traditional equities decades to deliver similar returns.

But that's not to say that the cryptocurrency ride hasn't been without its bumps in the road. Earlier this year, virtual currency investors got their first taste of a major correction in years. After briefly hitting an all-time market cap high of $835 billion on Jan. 7, 2018, the combined market value of cryptocurrencies slid by 70% over the next three months. Even though they've nearly doubled off their recent lows, virtual currencies' combined market cap is down by 23% year to date (through May 5, 2018).

Hands wearing black gloves typing on a keyboard with a dark background.

Image source: Getty Images.

These aren't your run-of-the-mill cyberthefts

Another issue that's reared its head from time to time is network security. Nearly all cryptocurrencies process transactions over proprietary blockchain technology. Blockchain is the digital, distributed, and decentralized ledger underpinning digital currencies that records transactions without the need for a financial intermediary (such as a bank). The fact that transaction data is protected by encryption, and that data is stored on computers all over the globe (decentralized) as opposed to one central location in order to prevent any entity, including criminals, from gaining control of a network, is believed to make blockchain safer than traditional banking networks.

However, that's not always the case. Every few months it seems as if a virtual currency hack makes the news, exposing blockchain technology as less than perfect when it comes to security.

Below you'll find a list of the largest cryptocurrency hacks in history, in ascending order, based on the value of the hack at the time it occurred.

NiceHash hack: $63 million

This past December, mining service NiceHash, which allows mining equipment owners to rent out their hash power to buyers looking to mine cryptocurrencies for a short period of time, announced that cybercriminals were able to siphon away more than 4,000 bitcoin tokens. Those bitcoin tokens were then sent to an unknown address that neither the proper owners nor NiceHash could access. At the time of the crypto heist, these tokens were valued at roughly $63 million.

Following the hack, CEO Marko Kabal resigned, and the company relaunched its platform on Dec. 22, 2017. NiceHash also recommended users change their passwords. But with this being a service-oriented mining site, it could be difficult for the company to regain the trust of its members. 

A key inside of a lock, surrounded by digital numbers.

Image source: Getty Images.

The Bitfinex hack: $72 million

In terms of bitcoin platform hacks, cryptocurrency exchange Bitfinex ranks as the second largest of all time. As announced by Bitfinex in August 2016, nearly 120,000 bitcoin were drained from users' accounts. Though this loss was worth $72 million at the time of the heist, these roughly 120,000 bitcoin would be worth close to $1.2 billion today!

Interestingly enough, the bitcoin drain wound up impacting multisignature accounts, which are often viewed as a step up in safety. With a "multisig" account, there are multiple signees that help manage funds and mitigate risk. In order for a transfer of funds to occur, you'd need access to these multiple keys, which essentially act as passwords that allow a transaction to take place. Bitfinex held two of these keys, while partner BitGo, which helped create this multisig system, held the third key. Somehow, hackers were able to gain access to these keys and withdraw users' bitcoin to an unknown address.

Following the hack, neither Bitfinex nor BitGo stepped forward and took responsibility for what happened, and no true mea culpa has been issued to this day. 

The words access denied surrounded by binary code.

Image source: Getty Images.

The Mt. Gox. debacle: $487 million

Arguably the highest-profile hack of all time was that of cryptocurrency exchange Mt. Gox. The breach was discovered in 2014. What's really notable about the Mt. Gox hack was that it wasn't a single event that occurred over a matter of hours or a few days. According to documents released in early 2014, hackers had been skimming bitcoin from the company for years. In total, they got away with an estimated 850,000 bitcoin, worth $460 million at the time, and about $27.4 million in cash held by the cryptocurrency exchange. Today, those bitcoin would be worth more than $8.3 billion.

The biggest issue appears to have been Mt. Gox's lack of coding security, at least according to Wired. Mt. Gox lacked any type of version control software, which meant that a coder could accidentally overwrite a colleague's code if they were coincidentally working on the same file.

Additionally, instances were found where untested software was put in front of customers, which is not something you'd expect to see from an exchange that was controlling 70% of bitcoin trading volume at the time.

Finally, only CEO Mark Karpeles could approve changes to the source code, even if there were major security flaws found. All of these factors set Mt. Gox up for failure, and in this instance, unlike Bitfinex, it did go bankrupt. 

A frustrated investor looking at his laptop screen.

Image source: Getty Images.

The Coincheck hack: $534 million

But the dubious honor of the largest cryptocurrency hack in history goes to Japanese cryptocurrency exchange Coincheck, which lost $534 million to cybercriminals.

As reported on Jan. 26, 2018, Coincheck stated that 523 million NEM coins (known as XEM) had been stolen from a hot wallet -- i.e., a wallet that was connected to the internet -- allowing hackers to drain the NEM coins into a separate account. Coincheck would state that it didn't believe keeping these coins in a hot wallet represented a weak security practice, but given the beefed-up security that multisig wallets provide, it baffled exchange users. Since XEM has devalued quite a bit since the hack, the value of these 523 million tokens is only $221 million now. 

For what it's worth, in March, Coincheck did announce its intent to begin compensating those affected by the NEM heist. Users who had their NEM stolen will receive $0.83 per NEM token, meaning a complete refund will cost the company about $420 million. Needless to say, Coincheck has a long and arduous road ahead of it. 

Invest Smarter with The Motley Fool

Join Over 1 Million Premium Members Receiving…

  • New Stock Picks Each Month
  • Detailed Analysis of Companies
  • Model Portfolios
  • Live Streaming During Market Hours
  • And Much More
Get Started Now

Related Articles

Motley Fool Returns

Motley Fool Stock Advisor

Market-beating stocks from our award-winning service.

Stock Advisor Returns
S&P 500 Returns

Calculated by average return of all stock recommendations since inception of the Stock Advisor service in February of 2002. Returns as of 12/08/2021.

Discounted offers are only available to new members. Stock Advisor list price is $199 per year.

Our Most Popular Articles

Premium Investing Services

Invest better with the Motley Fool. Get stock recommendations, portfolio guidance, and more from the Motley Fool's premium services.