Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
Lido Staked Ether 
USDC 
XRP 
Dogecoin 
Toncoin 
Cardano 
Avalanche 
Shiba Inu 
Wrapped Bitcoin 
TRON 
Polkadot 
Bitcoin Cash 
Chainlink 
NEAR Protocol 
Uniswap 
Polygon 
Litecoin 
Internet Computer 
Fetch.ai 
LEO Token 
Dai 
Ethereum Classic 
Pepe 
Wrapped eETH 
Render 
Hedera 
Aptos 
Immutable 
Renzo Restaked ETH 
First Digital USD 
Cosmos Hub 
Filecoin 
Cronos 
Mantle 
The Graph 
Stellar 
Optimism 
Stacks 
Arbitrum 
OKB 
Arweave 
Kaspa 
Maker 
dogwifhat 
Sui 
Bittensor 
Injective 
VeChain 
Fantom 
Ethena USDe 
Theta Network 
Monero 
THORChain 
Bonk 
Rocket Pool ETH 
FLOKI 
Lido DAO 
Celestia 
Mantle Staked Ether 
GALA 
Sei 
Jupiter 
Core 
Bitget Token 
Algorand 
Quant 
Beam 
Aave 
WhiteBIT Coin 
Flow 
Bitcoin SV 
Akash Network 
Ondo 
SingularityNET 
Ethena 
BitTorrent 
dYdX 
Tokenize Xchange 
NEO 
Flare 
Axie Infinity 
Marinade Staked SOL 
Cheelee 
MultiversX 
Chiliz 
Worldcoin 
Zebec Protocol 
Gate 
The Sandbox 
eCash 
Wormhole 
JasmyCoin 
KuCoin 
EOS 
Tezos 
Conflux 
Synthetix Network 
Ronin 
Safe 
Kelp DAO Restaked ETH 
AIOZ Network 
ether.fi Staked ETH 
Pendle 
Mina Protocol 
ORDI 
Gnosis 
Starknet 
Decentraland 
Lido Staked SOL 
BOOK OF MEME 
Ribbon Finance 
ApeCoin 
NEXO 
Helium 
Echelon Prime 
IOTA 
Kava 
Nervos Network 
Pyth Network 
Frax Ether 
USDD 
Theta Fuel 
PancakeSwap 
DeXe 
Axelar 
Bitcoin Gold 
Swell Ethereum 
Klaytn 
Coinbase Wrapped Staked ETH 
Livepeer 
Ocean Protocol 
Frax 
Oasis Network 
Blur 
Terra Luna Classic 
SATS (Ordinals) 
Fasttoken 
WOO 
MANTRA 
Illuvium 
Tether Gold 
Osmosis 
dYdX 
Staked Frax Ether 
Curve DAO 
Notcoin 
PepeCoin 
Ethereum Name Service 
Golem 
Arkham 
XDC Network 
WEMIX 
Astar 
Jito 
Aerodrome Finance 
Raydium 
SuperVerse 
TrueUSD 
IoTeX 
Memecoin 
Enjin Coin 
Dymension 
Celo 
1inch 
Radix 
0x Protocol 
APENFT 
Polymesh 
Ankr Network 
Trust Wallet 
Reserve Rights 
MX 
Stader ETHx 
GMT 
Ether.fi 
AltLayer 
Zilliqa 
Venom 
ZetaChain 
Nosana 
PAX Gold 
Brett 
Ravencoin 
cETH 
Galxe 
Arcblock 
Metis 
SKALE 
Siacoin 
Holo 
Biconomy 
Terra 
Rocket Pool 
Popcat 
Manta Network 
crypto.news 2 h
Explore the biggest crypto hacks of 2023 in our comprehensive review, including the roles of notorious hacking groups and their impact on the crypto industry.
Cryptocurrency hacks in 2023 have seen the industry lose over $1 billion, with the largest hacks occurring in the final quarters of the year. The recent bull market has marked the end of a prolonged crypto winter that started in 2022, driven by the Terra LUNA crash and the FTX collapse. However, this has also renewed hackers’ interest in the market, with more malicious threats targeting major defi protocols and crypto exchanges.
From the multi-million dollar heist at Mixin to the sophisticated phishing scams affecting individual investors, each hack provided a stark reminder of the ongoing battle between cybersecurity and cybercriminals in the digital age. So, what were the largest crypto hacks of 2023? Let’s find out.
Mixin breach ($200m): biggest crypto hack of 2023
September 2023 saw arguably the largest recent crypto hack, as the Mixin platform suffered a staggering loss of $200 million. This incident unfolded through a data breach of Mixin’s cloud service provider. The platform could not track down the attacker or recover the stolen funds. However, Mixin committed to compensating users for half of their lost holdings.
[Update]
After statistical analysis, the affected assets in this incident were mainly ERC20-USDT, ETH, and BTC. Other assets were not affected. The specific compensation details are still under discussion. Please stay tuned for updates on the progress of this incident. In order… https://t.co/XHlNmJFbeZ— Mixin Kernel (@MixinKernel) October 5, 2023
Euler Finance hack ($197m)
In March 2023, Euler Finance experienced a significant hack, losing nearly $200 million. The breach was initially identified by PeckShield, a blockchain security firm, which noticed unusual transaction activity on the platform. These transactions were later confirmed as the method through which $197 million in cryptocurrency was stolen.
However, in a rare occurrence, the stolen funds were unexpectedly returned to Euler Finance a few weeks after the hack. An apology note was included in one of the return transactions, as observed on Etherscan.
You might also like: Euler Finance hacker returns ethereum worth $102m
Poloniex hack (over $120m)
Popular crypto exchange Poloniex faced a security breach in November, leading to a loss exceeding $33 million, later revised to over $120 million. The unauthorized outflow of funds from its hot wallet affected multiple networks, including Ethereum (ETH) and Bitcoin (BTC). Justin Sun, the majority shareholder of Poloniex, reassured the community of the exchange’s financial stability and pledged full reimbursement for the lost assets.
To resolve the situation, Sun initially offered a $10 million bounty to the cryptocurrency hackers for returning a significant portion of the funds within a week and provided wallet addresses for potential reimbursement. However, as per the latest reports, the hackers did not respond. Poloniex continues its internal investigation and remains committed to compensating affected users.
You might also like: Justin Sun gives new ultimatum to Poloniex hackers, offers $10m bounty
HTX hack ($110 m)
Yet another exchange linked to Justin Sun experienced a major breach this year. HTX, formerly known as Huobi, experienced a significant security breach, leading to a net outflow of $250 million after resuming operations.
This outflow followed the November attack in which HTX lost around $110 million, according to Sun. The incident prompted a temporary suspension of withdrawals and deposits. Despite the substantial outflow, an HTX emphasized that user funds were safe.
You might also like: HTX marks $250m outflow post November hack
MultiChain rug pull ($130m)
In July, MultiChain, a cross-chain protocol, reported suspicious withdrawals totaling $130 million, sparking concerns of a hack or rug pull. The series of transactions led to the Chinese authorities’ arrest of MultiChain’s CEO, Zhaojun, fueling speculation of insider involvement.
Zhaojun’s devices, including phones and hardware wallets, were confiscated. The incident led to MultiChain ceasing operations, as detailed in a post on social media. The closure of MultiChain followed these events, leaving many questions about the true nature of the incident.
You might also like: Multichain halts operations following CEO arrest in China, lost access to servers
Atomic Wallet hack ($100m)
In June, Atomic Wallet, a widely-used software crypto wallet, was hacked, leading to the loss of $100 million. The breach impacted over 5,000 user accounts, with some users experiencing partial thefts and others having their wallets completely emptied.
The initial suspicion pointed toward the Lazarus hacking group. The incident led to a class-action lawsuit from Russian investors against Atomic Wallet in August 2023. The latter claimed that the trace led to the Ukrainian group of hackers. However, there has been no proof of this statement since then.
The company’s response to the crypto hack and the legal repercussions are yet to be fully resolved.
You might also like: Atomic Wallet collaborates with blockchain experts to counter security threat
CoinEx hack ($70m)
Crypto exchange CoinEx suffered a major security breach in September, resulting in the theft of $70 million. Crypto hackers accessed numerous private keys for user hot wallets, transferring substantial amounts of various cryptocurrencies, including nearly 5,000 ETH and 231 BTC.
Despite the significant loss, CoinEx’s cold wallets remained unaffected. The North Korean Lazarus group is suspected to be behind this attack.
You might also like: CoinEx to resume crypto services after $70m Lazarus hack
KyberSwap hack ($47m)
The KyberSwap hack in November 2023 stands out for its complexity and the significant loss incurred. The multi-chain decentralized exchange aggregator fell victim to a smart contract reentrancy attack, leading to the theft of $47 million across various networks, including Ethereum, Polygon (MATIC), Arbitrum (ARB), and Optimism (OP).
This breach resulted in a drastic 90% drop in KyberSwap’s total value locked, falling from $84.9 million to just $8.28 million, showcasing the severe impact of smart contract vulnerabilities.
KyberSwap hacker demands | Source: Etherscan
The hacker behind this attack made unusual demands, seeking total control over KyberSwap’s protocol, which included its governance mechanism and company assets. These demands, attached to a transaction on Etherscan, were unprecedented and highlighted a new level of boldness in crypto hacking.
The hacker sought to overhaul KyberSwap’s operational structure, including employee salaries and executive buyouts. This incident reflects the technical vulnerabilities of defi platforms and underscores the evolving challenges in securing defi ecosystems against increasingly sophisticated attacks.
You might also like: KyberSwap launches treasury grant program for exploit that affected users
Stake hack ($41m)
September was undoubtedly one of the costliest months this year, with the number of hacks exceeding all other months in 2023. Popular crypto gambling platform Stake also suffered a breach that month, leading to a theft of $41 million.
This hack specifically targeted users’ crypto hot wallets, and the assets stolen included Ethereum and Dai, among others. All funds were initially transferred to a single wallet, believed to belong to the hacker, and then dispersed to various other wallets. This dispersion tactic made tracking the stolen assets more challenging. The FBI’s investigation later confirmed the involvement of the North Korean Lazarus hacking group in this theft, although the stolen funds remain unrecovered.
You might also like: Drake-backed gambling startup Stake faces legal hurdles in Australia
North Korea’s Lazarus group: state-affiliated threat in crypto hacks
In 2023, the Lazarus Group, a North Korea-linked hacker organization, has been a prominent actor in the crypto hacking landscape. They have been responsible for over $300 million in crypto hacking incidents, accounting for approximately 17.6% of the total losses incurred in the crypto industry during the year. This contribution to the total losses highlights the group’s significant impact on the crypto space.
Historically, the Lazarus Group has been involved in some of the largest cyberattacks, dating back to their activities against Sony Pictures in 2014. Over the years, they have shifted their focus to crypto protocols, acquiring billions of dollars from these attacks. From 2021 to 2023, approximately $1.9 billion has been stolen from various crypto projects, showcasing the group’s persistence and evolving tactics.
You might also like: North Korea’s Lazarus behind $300m in 2023 crypto losses
In 2023, the Lazarus Group executed at least five attacks, including a notable $70 million theft from the Hong Kong-based crypto exchange CoinEx. Their strategy moved towards targeting centralized finance platforms and noncustodial crypto wallets, demonstrating keen adaptability to the changing landscape of the crypto industry.
Despite a global decline in the overall amount of money stolen in digital asset hacks, the threat posed by groups like Lazarus remains significant. Law enforcement agencies have been actively combating these activities by tracing stolen funds and disrupting crypto mixers, which obscure illicit funds’ origins. The U.S. Treasury Department has addressed these challenges by sanctioning popular mixing services like Tornado Cash and proposing stricter regulations for decentralized platforms.
You might also like: Tornado Cash case: crypto anonymity vs regulation
Crypto hacks in 2024: prospects
The surge of crypto hacks in the latter half of 2023 reflects a concerning narrative for the industry heading into 2024. The upcoming year is poised to be a crucial time for crypto, with the expectations around the Bitcoin spot ETF launch in January and the Bitcoin halving event in April.
So, the industry is preparing for a busy 2024, and so will the hackers. Building industry-wide resilience would be the key to curbing these large-scale threats; otherwise, we might be in for a costlier new year.
You might also like: Crypto 2023 in review: the most significant events that shaped the industry
