Top 10 Cryptocurrency Hacks Ranking and Review

Original Author: Anfei, Blocker

Original Translation: ForesightNews

The cryptocurrency prices started a sharp decline on the evening of February 21 and continued into the noon of the 22nd. This decline is largely attributed to a hack on the Bybit exchange, which suffered a hack on the night of February 21, 2025, amounting to a $14.6 billion attack, becoming one of the largest security breaches in the industry in the first quarter of 2025. The attack targeted one of the exchange's Ethereum multisig cold wallets.

Bybit Hack Reaches All-Time High in Amount

This event has also been labeled as one of the largest hacks in cryptocurrency exchange history, accounting for over 50% of the total value lost in the 2024 cryptocurrency market, which saw hacks totaling $22 billion, up from $18 billion in 2023. This incident also led to the liquidation of around $100 million on the market, further causing a sharp decline in the value of major cryptocurrencies.

Bitcoin (BTC) and Ether (ETH) saw significant drops after the news broke, with Ether plummeting nearly 4% in less than 4 hours after the hack was confirmed. Bybit CEO Ben Zhou stated that unauthorized activity was detected in their Ethereum cold wallet, which was compromised during the process of transferring funds to a hot wallet. The hacker manipulated transactions by concealing them to appear legitimate, but included malicious code altering wallet smart contract logic to siphon funds.

Blockchain analysts reported over $10 billion flowed out of Bybit, with a substantial portion of the assets being traded and sold, alarming the crypto community. The stolen funds mainly consisted of Ether and staked Ether (stETH and mETH), scattered across multiple addresses to evade tracking. The hacker has started converting the stolen funds into other Ethereum tokens on decentralized exchanges.

This security breach highlights concerns about integrating cryptocurrency with traditional financial institutions and the need for stronger regulation. It also underscores the vulnerability of even so-called secure cold wallets (not connected to the internet). The event has sparked a debate in the cryptocurrency space about centralization versus decentralization, with some arguing that a well-regulated market is crucial in preventing such large-scale losses.

Historically High Amount Hack Events

This article will now analyze in detail the largest cryptocurrency loss events in history due to hacker attacks or security vulnerabilities. The ranking below is based on the loss amount at the time of the attack, and the analysis covers the details of each event, the attack methods, the responsible parties (publicly known), recovery efforts, and the broad impact on the cryptocurrency industry. Data sources include global news platforms, blockchain analysis reports, and official announcements from the affected entities.

Detailed Event Analysis

1. Bybit Hack (February 21, 2025, $1.46 Billion)

The Bybit hack occurred on February 21, 2025, setting a historic high for losses. The hacker stole over $1.46 billion from the exchange's ETH cold wallet. The attack involved sophisticated phishing techniques, manipulating the signature interface to display a legitimate UI while altering the underlying smart contract logic to transfer funds to an unknown address. Bybit CEO Ben Zhou confirmed in an X post that only one ETH cold wallet was affected, with other wallets secure and withdrawals functioning normally. He claimed that despite the irrecoverable loss, the exchange remained solvent, with customer assets fully reserved. This event highlighted vulnerabilities in cold wallet management and the Safe (formerly Gnosis Safe) multi-signature wallet.

2. Ronin Network Hack (March 2022, $625 Million)

The Ronin Network hack occurred in March 2022, involving an attack on the Axie Infinity game's sidechain validation nodes. The hacker took control of four validation nodes, authorized two unauthorized withdrawals, and stole 173,600 ETH (approximately $595 million) and $25.5 million USDC ($25.5 million), totaling $625 million in losses. The incident was attributed to the North Korean Lazarus Group, and Sky Mavis pledged to compensate affected users and enhance security measures.

3. Poly Network Hack (August 2021, $611 Million)

The Poly Network hack occurred on August 10, 2021, where the hacker exploited a cross-chain bridge smart contract vulnerability to steal around $611 million in various assets, including cryptocurrencies, stablecoins, and other tokens, across Ethereum, Binance Smart Chain, and Polygon. Tether froze $33 million USDT to alleviate the loss, and the hacker later negotiated the return of most funds with the platform, though their identity remains unknown.

4. Binance BNB Bridge Hack (October 6, 2022, $569 Million)

The Binance BNB Bridge hack occurred on October 6, 2022, where hackers exploited a vulnerability in the BNB Smart Chain cross-chain bridge to steal 2 million BNB tokens, with a total loss of approximately $569 million. The attack involved forged proofs to extract funds. Binance promptly suspended bridge services, froze a portion of the stolen funds, ultimately capping the loss at around $100 million, with the remaining funds being recovered. Binance offered a bounty to track down the hacker.

5. Coincheck Hack (January 2018, $534 Million)

The Coincheck hack took place on January 26, 2018, where hackers exploited a hot wallet vulnerability to steal 523 million NEM coins, valued at approximately $534 million when NEM was priced around $1.02. The funds were not recovered, and Coincheck used its own resources to compensate customers. Coincheck was later acquired by Monex Group in 2018.

6. Mt. Gox Hack (2014, $473 Million)

The Mt. Gox hack occurred in 2014, where hackers stole nearly 750,000 customer bitcoins and 100,000 exchange-owned bitcoins, totaling 750,000 bitcoins valued at around $473 million at the time, accounting for 7% of the total circulating supply, leading to the exchange's bankruptcy in 2014.

7. FTX Hack (November 2022, $473 Million)

The FTX hack took place post-bankruptcy declaration on November 11, 2022, where unauthorized trades led to the emptying of wallets, resulting in a loss of around $473 million, primarily in stablecoins, swiftly converted to Ether.

8. Wormhole Hack (February 2022, $320 Million)

The Wormhole hack occurred on February 2, 2022, where hackers exploited a token bridge vulnerability between Ethereum and Solana to steal 120,000 wETH tokens, totaling $320 million. All funds were later recovered, and Wormhole offered a $10 million bounty.

9. DMM Bitcoin Hack (May 31, 2024, $308 Million)

The DMM Bitcoin hack occurred on May 31, 2024, where hackers stole 4502.9 BTC, valued at around $308 million. According to a joint statement by the FBI and the Japan National Police Agency (on December 23, 2024), North Korean TraderTraitor (a branch of the Lazarus Group) conducted a social engineering attack, posing as a LinkedIn recruiter to deceive Ginco Inc. employees in charge of managing DMM's transactions into downloading malicious code, gaining control of transaction requests, and transferring the funds to the hacker's wallet. DMM promised to compensate customers but closed in December 2024 due to financial pressure.

10. KuCoin Hack (September 2020, $285 Million)

The KuCoin hack took place on September 25, 2020, where hackers stole $285 million worth of various cryptocurrency assets. The attack exploited a hot wallet vulnerability. KuCoin collaborated with law enforcement and blockchain firms to recover about $240 million, with the remaining $45 million loss compensated to users through insurance and company funds.

Original Article Link