Nearly one million Bitcoins were stolen by hackers in attacks on crypto exchanges. Scammers steal altcoins as well, as losses of Bitcoin Cash, Litecoin, NEM, and others coins are constantly growing.

The skills and knowledge of the criminals are improving, and the methods by which the thefts are committed become ever more sophisticated. It is rather difficult to return the stolen cryptocurrencies, because there are unscrupulous specialists among the owners of the exchanges, who themselves participate in fraud on their own crypto firms. Therefore, each user should familiarize themselves with the history of the security of the companies before investing.

First Attack

In October 2013, the first fraud related to cryptocurrency and an internet website was recorded. Silk Road, located in the .onion zone of Tor's anonymous network, can be called an alternative to eBay or Amazon for selling illegal goods, such as drugs, weapons, pornography, and so on. In addition, some users stored their crypto coins on Silk Road. All payment transactions were made in Bitcoins. And in the two years of the website’s existence (2011-2013), the total volume of transactions amounted to 9.5 million BTC.

This company aroused the interest of the FBI, as in 2015, the founder of the firm Ross William Ulbricht was sentenced to life imprisonment for drug trafficking, hacker attacks, and collusion in money laundering, namely Bitcoins. This crime marked the beginning of fraud on crypto exchanges.

The Largest Exchange Hacks

A year after the closure of Silk Road, a number of attacks on MtGox took place. One of the most popular crypto exchange exchanges (in 2013, 47% of transactions in the Bitcoin network were made through this site) lost 850,000 BTC, which is currently a record amount.

The story of the theft of coins began 7 years ago when the private keys of MtGox were stolen by means of copying of the file wallet.dat. Then the hackers got access to a lot of Bitcoins and began to control the input and withdrawal of funds, as well as deposits coming to the exchange. According to the American investigation, the fraudsters devastated accounts with the help of compromised keys for several years and transferred all the coins to the wallets that belonged to Alexander Vinnik, as he is supposed to be a technical specialist of the Russian BTC-e crypto exchange. Although the representatives of the internet site used for trading in fiat and cryptos currently deny any connection to Vinnik. At the moment, an investigation is underway.

In February 2014, MtGox stopped trading when CEO Mark Capler, against whom the Japanese court opened a criminal case for articles related to fraud and money laundering, reiterated the ongoing hacker attacks and the theft of Bitcoins. But, according to a report that came out a year after the closure of the exchange, the cryptocurrency was stolen in 2011. To recover damages, the exchange sold Bitcoins and Bitcoin Cash for $406.6 million. In May 2018, the trustee of MtGox Nobuaki Kobayashi transferred 8,200 BTC from the bankruptcy address, which put pressure on the Bitcoin rate, and it fell by 6.5%.

The hacker attacks did not bypass Bitfinex, another significant currency exchange. The Hong Kong company positioned itself as the most reliable and inaccessible exchange for hackers, where each client gets wallets with polysemantic identifiers. But, in reality, everything turned out to be much worse. In August 2016, the cybercriminals stole 120,000 BTC or about $72 million at the rate for that period of time. The main loss of funds occurred through the processing service BitGo, with which Bitfinex cooperated. A month later, the exchange began to pay off debts with the help of issued BFX tokens and repaid all debts to investors by April 2017.

At the moment, Bitfinex is still actively working and is in the top 10 of the world's best crypto exchanges. Sometimes, however, it is subjected to various attacks, which makes many experts question the integrity of the company.

Another major hack took place against the leading Japanese CoinCheck crypto exchange. The hackers who were outside the country infected the internal network of the trading platform with a virus that was transmitted via mail and stole private keys. As a result, in January 2018, 523 million NEM coins were stolen worth $533 million at the exchange rate at the time of the theft. The incident was due to negligent attitude to the storage of this cryptocurrency, because the exchange did not use smart contracts with multi signatures, and all the coins were stored in one wallet.

Two months after the hacking attack, CoinCheck’s management started paying out compensations to the 260,000 affected customers to the exchange. For each stolen NEM, 88,549 Japanese yens were offered ($0.83). After the massive hacking attack, the exchange became part of the online broker Monex Inc. Now, as CEO Oki Matsumoto said, the company plans to enter the US market and win the trust of more users.

Attack from the Top

In July 2014, an attacker under the nickname Lucky7Coin introduced a Trojan program into the code of Cryptsy (website defunct), an exchange, which worked with many cryptocurrencies. The hacker got access to Bitcoin keys, and 13,000 were stolen, along with 300,000 Litecoins. The administrators of the exchange were familiar with the hacker. Two months before the robbery, the attacker sent a letter where the hacker introduced himself as Jack and reported that the former owner of the nickname had died. After the attack, the owner of the company, Paul Vernon, was accused of stealing 11,000 BTC and destruction of evidence in the commission of illegal actions. The clients of Cryptcy believe that the currency could be laundered through another crypto exchange, such as Coinbase. As a result, the District Court of the Southern District of Florida ordered Vernon to pay customers $8.2 million in compensations.

The second case connected with the head of an exchange took place on the British MintPal website (website defunct). It was considered one of the best trading platforms until the autumn of 2014 when its leadership had changed. The company was sold to Moopay CEO Ryan Kennedy, known under the pseudonym Alex Green. He stole 3,894 BTC during internal works and bankrupted the exchange. It is noteworthy that a few months later, after the withdrawal of funds, Kennedy was sentenced to 11 years in prison for rape and, despite the fact that the British police investigated the fraudulent case, the verdict lacked a clause about the theft of $1.5 million in Bitcoins.

In 2018, more than $170 million was stolen from the Italian currency exchange Bitgrail. According to the owner Francesco Firano, who is known by the nickname "The Bomber,” as a result of "unauthorized transactions" 17 million XRB (Nano/RaiBlocks) were withdrawn from accounts. The representatives of Nano denied this information and said that there were no mistakes. It is worth noting that the remaining tokens stored on the exchange were not affected. After the attack, Bitgrail declared itself bankrupt.

Blame the Employees

The human factor is one of the main reasons for attacks. Bitstamp, the first licensed cryptocurrency exchange in Europe, which is regulated by the Luxembourg Financial Supervisory Commission (Commission de Surveillance du Secteur Financier, CSSF), was hacked in January 2015. The hackers sent a malicious file to the employees' internal mail. One of the system administrators neglected security rule number one of not opening files from strangers and clicked on the link on a device that had access to the Bitcoin wallet of the exchange. As a result, 19,000 BTC were stolen, or about $5,100 at the exchange rate for the period of theft.

After the attack, the exchange resumed operations by transferring 98% of assets to cold storage, and market participants again began to trust Bitstamp. Last December, Vitalik Buterin transferred 30,000 ETH to the exchange. But, despite the actions taken to improve operations, users still complain about long verification procedures.

The employees of the exchange can use their official position and steal any cryptocurrency. In April 2018, the Indian exchange Coinsecure (website defunct) lost 438 BTC or $3.5 million at the rate for April. The owners of the company assume that the head of the security department of the exchange conducted the attack when he was extracting Bitcoin Gold. The employee has already been sued. The suspect himself denies his guilt and claims that the funds "were stolen in the course of some attack.”

A few months later, the exchange announced its readiness to pay out all debts to depositors. Initially, it was assumed that users would receive compensation in Indian rupees, but then Coinsecure specialists found a way to carry out transactions to pay off debts through the company's website.

Another attack related to employees occurred in China. The small Bter exchange (ranked 40th in terms of trade volume) was hacked several times. The largest theft was organized by the employees of the exchange itself. In February 2015, 7,000 BTC were stolen from a cold wallet. After that, the whole activity of the company was suspended and the management of Bter resumed the withdrawal of funds from its assets only after a couple of years.

Consequences of Hacker Attacks

Cybercrimes against exchanges adversely affect the rates of cryptocurrencies, whose values can be restored only after a few months. Hackers carry out attacks not only for the purpose of stealing money. Many thefts are committed for the sake of the collapse of the rate of a specific cryptocurrency. After all, inexperienced players of the market forming the majority of the market, quickly start withdrawing tokens in Fiat when faced with negative news.

The likelihood of such thoughtful tactical attacks will only grow with the development of the market and fierce competition. As seen in the examples above, coins can disappear even from the largest and seemingly well protected exchanges. Therefore, the issuers of tokens should take into account all possible risks associated with volatility that hackers can affect even further.