What you should know about the top 5 most expensive crypto hacks in history

5 most expensive crypto hacks in history

As we all know, cryptocurrency is a hot commodity right now. And with great value comes great risk. Unfortunately, that means that cryptocurrencies are often the target of hackers. Today we will look at the top 5 biggest crypto hacks in the history of crypto.

Note that: This article is not to scare you away from crypto, but rather to educate you on what’s going on so that you’re informed.

Hackers and damages caused

Cryptocurrency has been around for quite some time now and with its meteoric rise in value, it’s no surprise that hackers have taken an interest in it as well. In 2021 alone, a series of hacking attacks, exploits, and arbitrage caused the loss of more than $2 billion dollars in cryptocurrency. In total, billions more have been lost to a string of hacking attacks that exploit vulnerabilities within a network’s security system over the years.

Crypto exchanges, DeFi protocols, and cross-chain bridges have a huge target on their backs since they have custody of a lot of funds. Opportunistic hackers constantly scan platforms and smart contracts for vulnerabilities. If they get lucky, they transfer users’ cryptocurrencies to their own wallets, sometimes without the platform’s knowledge, where many of these exploits only come to light after users start to report that they are unable to access their funds.

In this article, we’re going to take a look at the top 5 cryptocurrency hacks in history. We’ll answer questions about how the attacks took place, the steps taken to recover lost funds, whether customers received their money back, and how the company or project is currently doing. These are the most expensive hacks yet. Some of these hacks resulted in millions of dollars worth of losses, so buckle up and get ready for a wild ride.

1. Ronin Network – $624 million

 Ronin Network

Coming at number 1 is the Ronin Network hack. In March 2022, Ronin Network, an Ethereum-linked sidechain that powers Axie Infinity, a popular game in which players battle with pets called Axies to earn cryptocurrencies and NFTs, was hacked. The network lost a total of $624 million in the form of 25.5 million USDC and 173,600 ETH, making it the most expensive crypto hack of all time.

Reports claim that the hacker transferred $540 million worth of cryptocurrency to their wallet. However, Ronin Network only realized the missing cryptocurrency six days later when a customer reported that they couldn’t withdraw 5,000 ETH, which was $17 million at the time. After this incident, they went on to realize that over $624M worth of crypto had been stolen.

So, how did hackers execute what may be the largest hack in history – all while the company was unaware funds were being moved illegally? Well, according to the Ronin Network, the hacker forged two withdrawals using hacked private keys. Here’s how. Before the attack, the network had nine validator nodes. To make a valid transaction, you’d need five out of nine validator signatures.

According to Ronin Network’s report, the hacker discovered a backdoor via Ronin’s gas-free Remote Procedure Call (RPC) node, which they used to gain control of the five validator private keys required to make withdrawals. In response to the attack, Ronin Network increased the number of validator nodes from five to eight. They stopped all transactions on the network and disabled exchanges like Binance and Katana DEX from transacting with the network.

As a result, the hackers had few ways to move the stolen cryptocurrency from their wallet and convert it to actual cash. Ronin Network is currently working with forensic cryptographers, investors, and government agencies to find those responsible for the attack. At the moment, they claim the stolen funds to still be in the hacker’s wallet: https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96.

Ronin has also suspended all network transactions and claims that all stolen funds will be recovered and reimbursed to its customers in the future.

2. Poly Network – $611 million

Poly Network

Coming in as the second largest hack in history is last year’s August 2021 Poly Network attack valued at $611 million in stolen funds. Poly Network is a cross-chain bridge that enables transfers of assets between different blockchains. By locking and unlocking tokens on either side of the bridge, Poly Network allows users to seamlessly convert their tokens to another currency.

For example, let’s say you have some ETH on the Ethereum blockchain but you want to convert it to BTC on the Bitcoin blockchain. With Poly Network, you can lock your ETH on the Ethereum network, and unlock your BTC on the Bitcoin network. The process is simple and straightforward, and it doesn’t require you to give up custody of your assets during the transfer.

So, how did Poly Network’s hack happen?

The hacker/hackers were able to exploit a flaw in the code of the Poly Network smart contract. They found a way to unlock tokens without locking them on other blockchains. This means that they were buying tokens without selling the corresponding amount. In a surprising twist, the hacker started returning the stolen funds a day after the attack!

To date, Poly Network has managed to recover all the $611 million that the hacker returned, all the crypto he had taken. Reports claim that Poly Network offered the hacker a chief security adviser position at the company plus a $500, 000 bounties to restore the remaining funds. It’s unclear whether he’ll cave and accept the bounty.

In any case, it seems Poly Network may have gained from the attack to revamp its security features. They claim to have no intention of holding the hacker legally responsible.

3. Wormhole – $326 million

Wormhole

February 2022 marked the first hack of the year where Wormhole, a communication bridge between Solana and other decentralized finance (DeFi) networks, lost 120,000 wETH, valued at $326 million. The hacker exploited a security fix uploaded to GitHub but was not deployed onto the live application itself.

Reports suggest that the hacker might have been tipped off of the security flaw (by an insider) before the patch update was deployed to the project itself. In response, Wormhole stopped all transactions pending investigations. They also offered a $10 million bounty to the hacker to return stolen funds.

The amount that was stolen largely affected Wormhole’s 1:1 ETH to wETH ratio. As a result, a 10% drop in the value of Solana and a 5% drop in Ethereum ensued in the aftermath. To make sure that the 1:1 peg was not affected, Jump, the firm that had acquired the developers of Wormhole ‘Certus One’, bailed them out by providing the $326 million that had been stolen.

4. BitMart – $196 million

BitMart

In December 2021, BitMart, a cryptocurrency exchange platform, was the victim of a $196 million hacking attack. The day after the attack, BitMart founder and CEO Sheldon Xia announced on Twitter that a large-scale security breach had been discovered in two of their Ethereum and Binance Smart Chain hot wallets. In response to the attack, the exchange stopped all withdrawals while they conducted a security review to determine the possible loophole the attackers exploited.

The company discovered a stolen private key that they claim to have only comprised two wallets. Apart from the two compromised wallets, the company reports that other assets remained safe and unharmed. BitMart further confirmed that they will reimburse customers for anything they lost during the hack. Weeks later, many users claimed that they did not receive any form of reimbursement.

Little is known about how exactly hackers stole the private key to two wallets, or whether all customers got back full reimbursements. At the moment, though, it appears that business at BitMart is on as usual.

5. Beanstalk – $181 million

Beanstalk

Concluding our list of the top crypto hacks is the Beanstalk hack. Beanstalk, an Ethereum-based stablecoin DeFi platform, lost a total of $181 million in April 2022 due to a hacking attack that exploited the network’s governance model.

According to PeckShield, the security firm hired to investigate the hack, the hacker got away with $80 million in cryptocurrency, with the platform’s losses totaling $181 million. Reports claim that the attacker used the platform’s flash loan feature, which allows users to borrow large amounts of cryptocurrency for liquidity or arbitrage opportunities.

The hacker took out $1 billion worth of crypto, which they used to gain ‘supermajority voter status’ as per the platform’s proof-of-stake protocol, allowing them to create and accept proposals and consequently, withdraw funds from Beanstalk in a single transaction.

Following the attack, Beanstalk plummeted in minutes, losing roughly 80% of its dollar peg. They offered a bounty of 10% of the stolen amount in exchange for the attacker returning the remaining 90%. But in an unexpected turn of events, the hacker donated 250,000 USDC in Ukraine.

Moving forward, the company launched the Barn Raise fundraiser on June 6, 2022, to help restore the platform’s liquidity. They plan to relaunch the platform in early July.

Bottomline

As you might expect, the road to recovering stolen funds is long and difficult. To ensure your cryptocurrency remains safe from hacking attacks, always do prior research on a platform’s security features. As a precaution, make sure to keep only what you can afford to lose in online crypto wallets.

Alternatively, you may opt to use offline hardware wallets that reduce the risk of online hacking attempts. And that wraps it up for what you should know about the top five most expensive crypto hacks in history.

Also Read:

The 5 Crypto Billionaire Kevin O’Leary is Buying During the 2022 Crash!

Is Bitcoin broken? The Controversial Bitcoin Fix

Are your crypto securities? For Solana fans, it’s unclear

The Future of Crypto, NFTs, and Web 3.0 in 2025

The Only 10 Personal Finance Tips You’ll Ever Need

Leave a Reply

Your email address will not be published.