The pursuit of financial freedom in the exciting yet risky world of cryptocurrencies comes with significant challenges. As digital currencies continue to gain attention and increase in value, they also become prime targets for malicious actors seeking to exploit vulnerabilities for financial gain. In this review, we take an in-depth look at some of the most severe cryptocurrency hacks, ranging from the infamous Mt. Gox incident to more recent events up to 2023.
We also explore the realm of Directed Acyclic Graph (DAG)-based cryptocurrencies, analyzing instances where these innovative networks faced unique security challenges. Prepare to journey through the highs and lows of the crypto landscape, where innovation intersects with vulnerability and risks have never been higher.
Mt. Gox: The Early Wake-Up Call
Although more recent attacks have involved larger amounts in absolute terms, the 2014 Mt. Gox hack remains one of the most impactful incidents in cryptocurrency history. At that time, the crypto ecosystem was dominated by Bitcoin (BTC), and Mt. Gox was the world’s leading Bitcoin exchange. During periods of extreme price volatility, the platform handled over 70% of all global Bitcoin transactions. However, underlying issues and hidden security breaches eventually led to a solvency crisis that came to light in February 2014.
On February 7, the exchange halted all withdrawals, citing technical difficulties. By February 23, CEO Mark Karpelès had resigned from the Bitcoin Foundation board and deleted all Mt. Gox-related social media posts. The following day, the website went offline entirely, revealing a loss of 744,408 BTC, worth approximately $473 million at the time. At today’s prices, that amount would exceed $19 billion.
Internal documents later showed that hackers had been stealing Bitcoin from Mt. Gox over several years without the company’s knowledge. The attackers successfully accessed the private keys of the exchange’s hot (online) wallets, allowing them to move funds at will. It is important to note that Bitcoin’s underlying ledger was never compromised—only the exchange’s security systems were breached.
Given the relatively small size of the crypto community at the time, the impact was devastating. Between February and December 2014, the price of Bitcoin fell by more than 43%. A meaningful recovery did not begin until late 2015. Victims of the Mt. Gox hack waited years for any form of compensation. After extensive legal proceedings, the Mt. Gox trustee began repaying affected users by October 2023.
Coincheck: A Lesson in Exchange Security
In January 2018, the Japanese cryptocurrency exchange Coincheck fell victim to one of the largest crypto hacks in history. Attackers exploited vulnerabilities in the exchange’s security infrastructure, gaining access to Coincheck’s hot wallets. They made off with approximately 523 million NEM (XEM) tokens, then valued at nearly $530 million.
Reports indicated that the breach was executed via malware-infected emails sent to Coincheck employees, enabling the hackers to gain control of internal systems. Once inside, they quickly transferred the stolen XEM tokens to multiple addresses, making it extremely difficult to trace the funds.
The incident triggered intense regulatory scrutiny, leading to improved security measures and a large-scale reimbursement effort. Coincheck compensated affected users at a rate of 88.549 yen per token, significantly below the market value at the time, using its own funds to make the payments.
The hack had a substantial impact not only on Coincheck but also on the broader cryptocurrency community. It served as a stark reminder of the security risks associated with centralized exchanges and underscored the importance of robust security protocols. In response, regulators around the world intensified oversight of cryptocurrency platforms to enhance investor protection and prevent future breaches.
BSC Token Hub: A Cross-Chain Exploit
Even the Binance ecosystem was not immune to attack. On October 7, 2022, the native cross-chain bridge between the BNB Beacon Chain and the Binance Smart Chain (BSC) was exploited. The breach forced the BSC team to temporarily halt the network to prevent further damage. **The attacker illicitly minted 2 million BNB tokens, worth approximately $566 million at the time.** While the majority were quickly frozen by the team, the hacker managed to move around $137 million to other chains.
The attacker received 100 BNB from a ChangeNOW wallet on October 5, 2022, enabling them to register as a relayer for the BSC Token Hub. This role facilitates cross-chain transactions between the BNB Beacon Chain (BEP2) and the Binance Smart Chain (BEP20). The hacker exploited a vulnerability in the proof verification mechanism, forging arbitrary messages to create and withdraw the 2 million BNB in two transactions.
Rather than immediately transferring the stolen funds to exchanges, the attacker used Venus, a popular lending protocol on the BNB Chain. They collateralized 900,000 BNB to borrow stablecoins like USDT, USDC, and BUSD, exceeding $250 million in value in five transactions. These stablecoins were then routed through bridges to multiple chains and laundered through various DeFi protocols to avoid detection.
Following the attack, BSC was halted to prevent further unauthorized movements of funds. The attacker’s cross-chain balances were closely monitored. The BNB Chain core team implemented a hard fork to patch the vulnerability and introduced a new on-chain governance mechanism to better respond to future threats.
Poly Network: The “White Hat” Incident
Poly Network, an interoperability protocol enabling transactions across different blockchains, was attacked on August 10, 2021. An anonymous hacker engineered the theft of over $610 million in cryptocurrency, including ETH, USDC, DAI, UNI, SHIB, FEI, MATIC, and several BSC tokens—all from everyday users. This remains one of the largest security incidents in the history of decentralized finance (DeFi).
The stolen funds were transferred to addresses controlled by the hacker on Ethereum, Binance Smart Chain, and Polygon. In response, the Poly Network team urged exchanges and miners to monitor the flow of funds and block the hacker’s transactions. Tether proactively froze $33 million in USDT.
Surprisingly, the hacker announced on August 11, 2021, that they intended to return the tokens, claiming the theft was meant to expose vulnerabilities and improve Poly Network’s security. They used encoded messages in transactions to communicate publicly.
The protocol team initiated a recovery process, referring to the hacker as “Mr. White Hat,” and offered a $500,000 bug bounty along with the role of “Chief Security Advisor” to facilitate the return of the remaining assets. The final portion of the stolen funds was eventually returned.
The incident sparked debate over the use of the term “white hat” for such actions, with concerns that it might set a precedent for criminal hackers to legitimize their behavior. Nevertheless, Poly Network launched a bug bounty program to strengthen security, offering rewards of up to $100,000 for critical vulnerabilities.
Ronin Network: Axie Infinity’s Ordeal
This incident is widely considered the largest cryptocurrency hack ever. On March 23, 2022, Ronin Network, an Ethereum sidechain developed for the game Axie Infinity, suffered a catastrophic attack. The hacker stole 173,600 ETH and 25.5 million USDC, totaling approximately $625 million at the time, surpassing all previous cryptocurrency heists.
The exploit targeted the Ronin bridge, a critical component for moving assets between Ronin and other ecosystems. The attacker gained control of four Ronin validator keys managed by Sky Mavis, the company behind Axie Infinity. In many blockchain systems, control over a small number of validators can be enough to compromise the network. The hacker also exploited a backdoor via a gas-free RPC node to obtain signatures from the Axie DAO validator, giving them control over all keys needed to authorize fraudulent withdrawals.
Sky Mavis detected the breach six days after the attack, following user reports of withdrawal issues. Although a significant portion of the stolen funds remained with the hacker, they attempted to launder smaller amounts through centralized exchanges. Sky Mavis eventually reimbursed affected users.
The event caused Ronin’s token price to drop by more than 20% and heightened concerns within the DeFi space, which was already reeling from a series of high-profile attacks. Cryptocurrency exchanges Binance and Huobi pledged assistance in tracking the stolen funds, and Sky Mavis collaborated with government agencies in their investigation.
Could This Happen on a DAG Like Obyte?
Directed Acyclic Graph (DAG) ledgers like Obyte possess unique structural and consensus characteristics that offer certain advantages in decentralization compared to traditional blockchains. However, they are not immune to security risks or potential exploits.
The specific attack vectors may differ from those in blockchain systems, but DAG-based platforms remain vulnerable to several types of threats:
- Sybil Attacks: Malicious actors create numerous fake identities or nodes to gain disproportionate influence over the network, undermining trust and consensus mechanisms. Only some lightly designed DAGs are susceptible—a risk often mitigated through centralization (e.g., IOTA).
- Smart Contract Vulnerabilities: Flaws in smart contract code can be exploited to perform unauthorized actions, steal assets, or disrupt decentralized applications.
- Double-Spending: A user maliciously reuses the same digital tokens in multiple transactions, undermining the ledger’s integrity. This is only possible if a payee accepts a transaction without waiting for sufficient confirmation.
- Centralization Risks: Some DAGs may be overly influenced by a small number of entities (e.g., companies, miners, or validators), potentially compromising security and immutability.
- External Exchange Failures: Security breaches, hacks, or insolvency at third-party exchanges can lead to significant financial losses and disrupt user activity.
Not every DAG is vulnerable to all these issues, and many implement specific measures to prevent them. While DAGs offer distinct advantages, they are not exempt from security challenges. The fundamental principles of protecting decentralized ledgers apply equally across technologies.
This is why Obyte maintains a bug bounty program on Immunefi, where anyone can report vulnerabilities. **Rewards of up to $50,000 are offered for critical bugs.** To date, Obyte has paid out approximately $5,000 through Immunefi and an additional $10,000 for earlier bug reports. Security remains a top priority for all types of crypto platforms.
Frequently Asked Questions
What was the largest cryptocurrency hack in history?
The Ronin Network attack in March 2022 is considered the largest, with approximately $625 million in cryptocurrency stolen from the Axie Infinity sidechain.
How can users protect their crypto assets from hacks?
Use hardware wallets for cold storage, enable two-factor authentication, avoid sharing private keys, and only use reputable exchanges and DeFi protocols with strong security audits.
What is a "white hat" hacker?
A white hat hacker is an ethical security researcher who identifies and reports vulnerabilities to help improve system security, rather than exploiting them for personal gain.
Are decentralized systems immune to hacks?
No. While decentralization can reduce certain risks, smart contract bugs, governance flaws, and protocol-level vulnerabilities can still be exploited in both blockchain and DAG systems.
What should I do if my assets are stolen in a hack?
Immediately report the incident to the relevant platform and law enforcement agencies. Monitor blockchain explorers for fund movement and share information with investigators.
How do bug bounty programs improve security?
They incentivize security researchers to responsibly disclose vulnerabilities, allowing developers to patch issues before malicious actors can exploit them. 👉 Explore more security strategies