Explore the biggest crypto hacks of 2023 in our comprehensive review, including the roles of notorious hacking groups and their impact on the crypto industry.
Cryptocurrency hacks in 2023 have seen the industry lose over $1 billion, with the largest hacks occurring in the final quarters of the year. The recent bull market has marked the end of a prolonged crypto winter that started in 2022, driven by the Terra LUNA crash and the FTX collapse. However, this has also renewed hackers’ interest in the market, with more malicious threats targeting major defi protocols and crypto exchanges.
From the multi-million dollar heist at Mixin to the sophisticated phishing scams affecting individual investors, each hack provided a stark reminder of the ongoing battle between cybersecurity and cybercriminals in the digital age. So, what were the largest crypto hacks of 2023? Let’s find out.
Mixin breach ($200m): biggest crypto hack of 2023
September 2023 saw arguably the largest recent crypto hack, as the Mixin platform suffered a staggering loss of $200 million. This incident unfolded through a data breach of Mixin’s cloud service provider. The platform could not track down the attacker or recover the stolen funds. However, Mixin committed to compensating users for half of their lost holdings.
Euler Finance hack ($197m)
In March 2023, Euler Finance experienced a significant hack, losing nearly $200 million. The breach was initially identified by PeckShield, a blockchain security firm, which noticed unusual transaction activity on the platform. These transactions were later confirmed as the method through which $197 million in cryptocurrency was stolen.
However, in a rare occurrence, the stolen funds were unexpectedly returned to Euler Finance a few weeks after the hack. An apology note was included in one of the return transactions, as observed on Etherscan.
Poloniex hack (over $120m)
Popular crypto exchange Poloniex faced a security breach in November, leading to a loss exceeding $33 million, later revised to over $120 million. The unauthorized outflow of funds from its hot wallet affected multiple networks, including Ethereum (ETH) and Bitcoin (BTC). Justin Sun, the majority shareholder of Poloniex, reassured the community of the exchange’s financial stability and pledged full reimbursement for the lost assets.
To resolve the situation, Sun initially offered a $10 million bounty to the cryptocurrency hackers for returning a significant portion of the funds within a week and provided wallet addresses for potential reimbursement. However, as per the latest reports, the hackers did not respond. Poloniex continues its internal investigation and remains committed to compensating affected users.
HTX hack ($110 m)
Yet another exchange linked to Justin Sun experienced a major breach this year. HTX, formerly known as Huobi, experienced a significant security breach, leading to a net outflow of $250 million after resuming operations.
This outflow followed the November attack in which HTX lost around $110 million, according to Sun. The incident prompted a temporary suspension of withdrawals and deposits. Despite the substantial outflow, an HTX emphasized that user funds were safe.
MultiChain rug pull ($130m)
In July, MultiChain, a cross-chain protocol, reported suspicious withdrawals totaling $130 million, sparking concerns of a hack or rug pull. The series of transactions led to the Chinese authorities’ arrest of MultiChain’s CEO, Zhaojun, fueling speculation of insider involvement.
Zhaojun’s devices, including phones and hardware wallets, were confiscated. The incident led to MultiChain ceasing operations, as detailed in a post on social media. The closure of MultiChain followed these events, leaving many questions about the true nature of the incident.
Atomic Wallet hack ($100m)
In June, Atomic Wallet, a widely-used software crypto wallet, was hacked, leading to the loss of $100 million. The breach impacted over 5,000 user accounts, with some users experiencing partial thefts and others having their wallets completely emptied.
The initial suspicion pointed toward the Lazarus hacking group. The incident led to a class-action lawsuit from Russian investors against Atomic Wallet in August 2023. The latter claimed that the trace led to the Ukrainian group of hackers. However, there has been no proof of this statement since then.
The company’s response to the crypto hack and the legal repercussions are yet to be fully resolved.
CoinEx hack ($70m)
Crypto exchange CoinEx suffered a major security breach in September, resulting in the theft of $70 million. Crypto hackers accessed numerous private keys for user hot wallets, transferring substantial amounts of various cryptocurrencies, including nearly 5,000 ETH and 231 BTC.
Despite the significant loss, CoinEx’s cold wallets remained unaffected. The North Korean Lazarus group is suspected to be behind this attack.
KyberSwap hack ($47m)
The KyberSwap hack in November 2023 stands out for its complexity and the significant loss incurred. The multi-chain decentralized exchange aggregator fell victim to a smart contract reentrancy attack, leading to the theft of $47 million across various networks, including Ethereum, Polygon (MATIC), Arbitrum (ARB), and Optimism (OP).
This breach resulted in a drastic 90% drop in KyberSwap’s total value locked, falling from $84.9 million to just $8.28 million, showcasing the severe impact of smart contract vulnerabilities.
The hacker behind this attack made unusual demands, seeking total control over KyberSwap’s protocol, which included its governance mechanism and company assets. These demands, attached to a transaction on Etherscan, were unprecedented and highlighted a new level of boldness in crypto hacking.
The hacker sought to overhaul KyberSwap’s operational structure, including employee salaries and executive buyouts. This incident reflects the technical vulnerabilities of defi platforms and underscores the evolving challenges in securing defi ecosystems against increasingly sophisticated attacks.
Stake hack ($41m)
September was undoubtedly one of the costliest months this year, with the number of hacks exceeding all other months in 2023. Popular crypto gambling platform Stake also suffered a breach that month, leading to a theft of $41 million.
This hack specifically targeted users’ crypto hot wallets, and the assets stolen included Ethereum and Dai, among others. All funds were initially transferred to a single wallet, believed to belong to the hacker, and then dispersed to various other wallets. This dispersion tactic made tracking the stolen assets more challenging. The FBI’s investigation later confirmed the involvement of the North Korean Lazarus hacking group in this theft, although the stolen funds remain unrecovered.
North Korea’s Lazarus group: state-affiliated threat in crypto hacks
In 2023, the Lazarus Group, a North Korea-linked hacker organization, has been a prominent actor in the crypto hacking landscape. They have been responsible for over $300 million in crypto hacking incidents, accounting for approximately 17.6% of the total losses incurred in the crypto industry during the year. This contribution to the total losses highlights the group’s significant impact on the crypto space.
Historically, the Lazarus Group has been involved in some of the largest cyberattacks, dating back to their activities against Sony Pictures in 2014. Over the years, they have shifted their focus to crypto protocols, acquiring billions of dollars from these attacks. From 2021 to 2023, approximately $1.9 billion has been stolen from various crypto projects, showcasing the group’s persistence and evolving tactics.
In 2023, the Lazarus Group executed at least five attacks, including a notable $70 million theft from the Hong Kong-based crypto exchange CoinEx. Their strategy moved towards targeting centralized finance platforms and noncustodial crypto wallets, demonstrating keen adaptability to the changing landscape of the crypto industry.
Despite a global decline in the overall amount of money stolen in digital asset hacks, the threat posed by groups like Lazarus remains significant. Law enforcement agencies have been actively combating these activities by tracing stolen funds and disrupting crypto mixers, which obscure illicit funds’ origins. The U.S. Treasury Department has addressed these challenges by sanctioning popular mixing services like Tornado Cash and proposing stricter regulations for decentralized platforms.
Crypto hacks in 2024: prospects
The surge of crypto hacks in the latter half of 2023 reflects a concerning narrative for the industry heading into 2024. The upcoming year is poised to be a crucial time for crypto, with the expectations around the Bitcoin spot ETF launch in January and the Bitcoin halving event in April.
So, the industry is preparing for a busy 2024, and so will the hackers. Building industry-wide resilience would be the key to curbing these large-scale threats; otherwise, we might be in for a costlier new year.
FAQs
Can blockchain be hacked?
While blockchain technology is generally secure due to its decentralized and encrypted nature, it is not completely immune to hacking, especially through vulnerabilities in smart contracts or centralized points like exchanges.
Is Bitcoin hackable?
Bitcoin’s core blockchain protocol is highly secure, but Bitcoin exchanges and wallets can be vulnerable to hacking.
What is the world’s largest crypto exchange hack?
The world’s largest crypto exchange hack occurred at Coincheck in 2018. The company lost $534 million worth of NEM tokens.
What is the biggest hack in Bitcoin history?
The most significant Bitcoin hack was the Mt. Gox incident in 2014, where approximately 850,000 bitcoins were stolen, greatly impacting the Bitcoin community and market.
What are the latest crypto hacks?
Recent notable crypto hacks include the attacks on Ledger, HTX, KyberSwap, and Poloniex, with losses mounting over hundreds of millions.