The Biggest Security Breaches of 2021
According to on-chain analytics firm Chainalysis, the volume of crime-related crypto transactions will hit
Exchanges are frequently targeted due to their prevalence of open-source code libraries. Criminals choose to target cryptocurrency exchanges since a single failure can result in the stolen of thousands of users’ assets. Even though they spend some resources to protect their assets, experienced hackers can get through their protection wall surfaces. Additional security measures are required when organized crime becomes more complex. Here’s a list of the top 6 most secure exchanges have been hacked.
Assets lost: $15M
It has been reported that Crypto.com, one of the world’s largest crypto exchanges, has been hacked with a minimum of 4600 ETH (worth around $15 million). More precisely, there are over 400 accounts and stolen funds. These vulnerabilities became apparent when users began reporting their funds as missing, including those who had activated two-factor authorization. Tweet by Crypto.com has suspended withdrawals in response to user complaints.
According to Mr. Kris Marszalek (CEO), the attacker made illicit withdrawals, which were swiftly recognized and halted. Additionally, Crypto.com reimbursed all affected users. The firm is undertaking an internal inquiry and anticipates issuing a report or detailed statement within the next several days. It strengthened its security architecture.
Updated Jan/21
Pros
Cons
Assets lost: N/A
The hack happened between March and 20 May 2021. According to a letter sent by the cryptocurrency exchange to affected customers, over 6,000 accounts have been hacked, and funds have been effectively taken from them. The hackers were able to bypass two-step verification (2FA), the SMS did not reach the intended recipient but was instead rerouted to the hackers’ numbers. Coinbase also said that the hackers were able to get the data of so many customers by running a huge phishing campaign. They tricked the customers into giving them important information like their email addresses, passwords, and phone numbers to the hackers. BleepingComputer was first to report the news
The firm stated that it has immediately fixed the bug, notified the users of the issue, restored the users’ account access, and even returned the customers’ losses back to their accounts.
“We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost,” a Coinbase spokesperson said
Coinbase has stepped out to disclose the specifics of the incident and took full responsibility for what happened. The company has strengthened the two-factor authentication system for clients and is teaching them the importance of not sharing their passcode with anybody and staying vigilant for future attacks and breaches.
Updated Jan/21
Pros
Cons
Assets lost: $280M
It was announced that the cryptocurrency exchange KuCoin has been hacked on the 25th of September, 2020. Over $280 million worth of cryptocurrencies has been taken. According to KuCoin’s team, a leak of the private keys of KuCoin hot wallets is what led to this hack.
Kucoin chief executive officer Johnny Lyu revealed that the exchange recovered 84%, or $235 million. He discussed the company’s next step in a live session, attempting to salvage the situation while also providing comfort to users. However, the cyber-thieves had cashed out over $13 million in tokens that had been laundered using decentralized protocols.
Updated Jan/21
Pros
Cons
Assets lost: $40M
Binance admits that hackers stole more than $40 million from the cryptocurrency exchange. A lot of different techniques were used by the hackers to steal about 7,000 bitcoins from Binance’s hot wallet (a digital wallet used for day-to-day transactions, not to store long-term reserves). Binance temporarily blocked withdrawals and transactions while a team investigated what went wrong. The stolen bitcoins represented 2% of Binance’s total Bitcoin holdings.
In a blog post, the company’s founder CZ, expressed his reaction to the news.
“While things are crystal clear in hindsight, at that moment, we weren’t 100% sure what exactly happened. Was it an actual user action? A glitch in the system? Or maybe a hack?” he wrote.
This incident is not the first time attackers have attempted to steal funds from Binance. The lost funds will also be reimbursed by a Secure Asset Fund for Users (SAFU).
Updated Jan/21
Pros
Cons
Assets lost: $13M
Bithumb, one of South Korea’s largest crypto exchanges, stated in an online statement that it discovered a “abnormal withdrawal” of EOS on March 29. Three million EOS ($13 million) were stolen and moved to other exchanges including Huobi, Changelly and Coinswitch. The hack was reported on Twitter, thanks to a user named @DoveyWan. Her tweet stated that the exchange was being hacked “at its EOS cold storage level.”
When the incident was identified, Bithumb immediately halted all deposits and withdrawals. Bithumb stated in a statement that the “incident involved insiders” who had access to the account’s private keys. Additionally, it stated that it had notified the Korea Internet and Security Agency and the country’s Cyber Police Agency of the incident and was attempting to recover the funds.
The exchange, however, verified that all assets were stolen from a company-owned wallet and that all user assets are safe.
Updated Jan/21
Pros
Cons
Assets lost: $72M
Hong Kong-based Bitfinex announced devastating news, the exchange was stolen nearly 120,000 units of digital currency Bitcoin worth about $72 million. The incident resulted in a dramatic decrease in the price of Bitcoin at the time of crime. There has been no indication of how the security vulnerability happened. Bitfinex employs the services of BitGo, a security firm specializing in Bitcoin and blockchain technology, however BitGo claims that there is no proof of a compromise on its own servers. All transactions on the virtual exchange have been suspended while the security breach is investigated.
Each affected customer is given 1 BFX for every dollar they lost. In 8 months of the security breach, BFX tokens had been redeemed for a full 100 cents on the dollar or they could trade for the capital stock of iFinex Inc. In addition, those who purchased iFinex stock received an RRT (Recovery Right Token). Within this process, all BFX tokens have been redeemed and destroyed. RRT holders are eligible to compensation for any funds that was recovered following the attack, up to 1 US dollar per RRT. To date, Bitfinex has recovered roughly 27 BTC, the funds have already been distributed to Recovery Right Token (RRT) holders.
Updated Jan/21
Pros
Cons
Exchanges are a vital part of the growing world of cryptocurrency and a place where many people leave their coins for safekeeping. However, the safety of exchanges is questionable. Several of the biggest CEX security breaches in history are highlighted above. It’s rather remarkable to consider the scope of these assaults. Additionally, it is clear that erecting effective security barriers is insufficient to defend against experienced hackers. As a crypto investor, you should be aware of the risks associated with cryptocurrencies, as well as the fundamentals of what you can do to protect your crypto assets.
Find more information about these exchanges:
Crypto.com: https://crypto.com/
Coinbase: https://www.coinbase.com/
Kucoin: https://www.kucoin.com/
Binance: https://www.binance.com/
Bithumb: https://www.bithumb.com/
Bitfinex: https://www.bitfinex.com/
If you have any questions, comments, suggestions, or ideas about the project, please email [email protected].
DISCLAIMER: The Information on this website is provided as general market commentary, and does not constitute investment advice. We encourage you to do your own research before investing.
Marshall
Coincu Ventures