In this detailed guide, we have provided you with 10 largest crypto exchange hacks you should knowin 2024.
Imagine waking up one morning to discover your entire digital bank account has vanished. No, it’s not a nightmare. In cryptocurrency, this is a very real threat. Crypto exchanges, where people buy and sell digital currencies, have become a prime target for hackers, with billions of dollars stolen over the years.
In fact, a recent study found that about $3.8 billion worth of cryptocurrency was stolen from exchanges in 2022 alone! This article dives deep into the top 10 biggest crypto exchange hacks, explaining how they happened, the impact they had, and most importantly, how you can protect yourself from becoming a victim.
Key Takeaways
- Hackers target crypto exchanges due to the high value of assets stored and potential security weaknesses. These hacks can result in significant financial losses for investors and damage the reputation of the entire crypto industry.
- Hackers employ various methods to breach crypto exchanges, including phishing attacks, exploiting software flaws, social engineering, insider threats, and vulnerabilities in third-party services.
- Crypto Exchange Hacks breaches have a cascading effect, causing financial losses, decreased investor confidence, increased regulatory scrutiny, and potential price drops for cryptocurrencies.
- Both exchanges and users can take steps to improve security. Exchanges can implement multi-signature wallets, regular security audits, and user security awareness training. Users can choose reputable exchanges, enable 2FA, be cautious of phishing scams, and monitor account activity.
What Is Crypto Exchange Hack?

A crypto exchange hack involves unauthorized access to a platform where digital assets are bought, sold, or traded. Hackers aim to steal cryptocurrencies stored within these platforms, capitalizing on security weaknesses. To understand why these breaches occur, it’s essential to know how crypto exchanges operate and why they become targets.
How Crypto Exchanges Work
Crypto exchanges function as intermediaries for trading cryptocurrencies, similar to how stock exchanges facilitate trading of stocks. Users can deposit funds, place trades, and withdraw earnings. However, unlike traditional banking systems, many exchanges store significant amounts of cryptocurrency in digital wallets, which can be hot (connected to the internet) or cold (offline storage).
Why Are Crypto Exchanges Targeted by Hackers?
- High-Value Targets: Crypto exchanges often hold large amounts of valuable cryptocurrencies, making them attractive targets for cybercriminals.
- Concentration of Assets: Unlike traditional banks where assets are spread across various physical locations and systems, a crypto exchange’s assets are digital and often stored in fewer locations, sometimes even in a single wallet.
- Varying Security Standards: Security practices can differ widely among exchanges, with some newer or less reputable platforms having vulnerabilities that are easy to exploit.
- Irreversibility of Transactions: Once a cryptocurrency transaction has been confirmed, it cannot be reversed. This feature, while one of the strengths of blockchain technology, also means that stolen funds are almost impossible to recover.
Common Vulnerabilities
Hackers exploit a variety of vulnerabilities to breach crypto exchanges, including:
- Phishing Attacks: Targeting employees or users with fake emails or websites to gain sensitive information.
- Exploiting Software Flaws: Taking advantage of outdated software or unpatched systems.
- Social Engineering: Manipulating people into breaking security procedures.
- Insider Threats: Employees with malicious intent or who have been compromised can misuse their access to sensitive systems and data.
- Third-Party Risks: Weaknesses in security among connected vendors or service providers can lead to breaches.
By understanding these foundational elements, we can better appreciate the scale and variety of the hacks discussed in the following section.
Top 10 Largest Crypto Exchange Hacks

1. Ronin Network
Date of the Hack: March 29, 2022
Amount Stolen: Approximately $625 million worth of cryptocurrency
Cryptocurrencies Stolen: Mainly Ethereum (ETH) and USD Coin (USDC)
How the Hack Occurred: The Ronin Network, which supports the popular blockchain game Axie Infinity, fell victim to one of the largest cryptocurrency thefts in history. Hackers were able to compromise the network by exploiting weaknesses in its validation processes.
Specifically, they gained control over the majority of the network’s validator nodes. Ronin Network utilizes a system where only nine validator nodes confirm transactions.
The attackers managed to breach five of these nodes—four controlled directly by Sky Mavis (the company behind Axie Infinity) and one by a third-party provider. This control allowed them to forge fake withdrawals.
Impact on the Exchange and Its Users: The hack damaged trust in decentralized platforms. Ronin Network and Sky Mavis increased validator nodes to improve security.
They collaborated with authorities to trace stolen funds and explore recovery options. Reimbursement plans were announced to compensate users, funded by new capital and a reimbursement fund.
Related: Top 5 Secure Crypto Wallets to Safeguard Your Digital Assets
2. Poly Network
Date of the Hack: August 10, 2021
Amount Stolen: Approximately $610 million worth of cryptocurrency
Cryptocurrencies Stolen: Various, including Ethereum, Binance Smart Chain, and Polygon.
How the Hack Occurred: The Poly Network hack exploited vulnerabilities in Poly’s smart contracts, the self-executing code that governs transactions on the platform. Hackers manipulated a function within these contracts, essentially creating a loophole that allowed them to transfer a massive amount of cryptocurrency out of the network.
Impact on the Exchange and Its Users: This audacious hack sent shockwaves through the crypto industry. However, in a surprising turn of events, the hacker returned all the stolen funds over a two-week period.
Poly Network credited the hacker’s cooperation with minimizing user losses and fostering a dialogue about security improvements. This incident highlighted the potential vulnerabilities of smart contracts and the importance of robust security audits.
3. Binance BNB Bridge
Date of the Hack: October 6, 2022
Amount Stolen: Approximately $570 million worth of cryptocurrency
Cryptocurrencies Stolen: Binance Coin (BNB)
How the Hack Occurred: The Binance BNB Bridge, which facilitates the transfer of assets between different blockchains, was hacked due to a vulnerability exploited by an attacker. The hacker managed to create additional BNB tokens by exploiting a flaw in the bridge’s smart contract, which allowed them to bypass standard security checks and inflate the supply without proper authorization.
Impact on the Exchange and Its Users: The hack severely damaged trust in Binance, leading to a significant drop in BNB’s price. Binance managed to freeze $7 million in funds after pushing an update that froze the hackers’ accounts. The Binance team introduced a new on-chain governance mechanism to combat future attacks.
4. FTX
Date of the Hack: November 11, 2022
Amount Stolen: Approximately $415 million worth of cryptocurrency
Cryptocurrencies Stolen: Various types, including Ethereum (ETH) and USD Coin (USDC)
How the Hack Occurred: FTX, a major crypto exchange, fell victim to a significant security breach. The hackers managed to compromise the system and transferred out hundreds of millions of dollars worth of crypto. The theft was uncovered shortly after the company filed for bankruptcy.
Impact on the Exchange and Its Users: The hack severely damaged trust in FTX, leading to a wave of withdrawals that crippled the exchange. In response, FTX collaborated with global regulators and law enforcement to trace the stolen funds. Despite the significant loss, FTX managed to recover about $5.5 billion in assets.
5. Coincheck
Date of the Hack: January 26, 2018
Amount Stolen: Approximately $534 million worth of cryptocurrency
Cryptocurrencies Stolen: Predominantly NEM (XEM)
How the Hack Occurred: Coincheck, a leading Japanese digital currency exchange, was targeted by unidentified hackers. They exploited vulnerabilities in the exchange’s security system, gaining unauthorized access to a majority of the network’s validator nodes. This breach allowed them to fabricate fraudulent withdrawals and transfer an estimated $534 million worth of NEM coins to their wallets.
Impact on the Exchange and Its Users: The hack had a profound impact on Coincheck, triggering a massive wave of withdrawals that destabilized the exchange. In response to the crisis, Coincheck collaborated with law enforcement agencies to trace the stolen funds. Despite the substantial loss, Coincheck was able to reimburse its 260,000 customers, using its capital. This incident led to the implementation of enhanced security measures.
Related: 10 Must-Know Crypto Investment Tips for Beginners
6. Mt. Gox
Date of the Hack: February 2014
Amount Stolen: Approximately $460 million worth of cryptocurrency (at the time of the hack)
Cryptocurrencies Stolen: Mainly Bitcoin (BTC)
How the Hack Occurred: Mt. Gox, once the largest Bitcoin exchange handling over 70% of all Bitcoin transactions worldwide, fell victim to a massive hack. The hackers managed to gain control over the majority of the network’s validator nodes, enabling them to forge fake withdrawals and transfer approximately 740,000 bitcoins (6% of all bitcoin in existence at the time) to their own accounts.
Impact on the Exchange and Its Users: The hack led to the bankruptcy of Mt. Gox. While 200,000 bitcoins were eventually recovered, the remaining 650,000 have never been recovered. The incident severely damaged trust in crypto exchanges and has been a cautionary tale for crypto investors.
7. Bitmart
Date of the Hack: December 5, 2021
Amount Stolen: Approximately $196 million worth of cryptocurrency
Cryptocurrencies Stolen: Various types, including Ethereum (ETH) and USD Coin (USDC)
How the Hack Occurred: Bitmart was compromised through a stolen private key that allowed hackers to access wallets on the platform and execute a series of unauthorized transactions. The attackers exploited this access to withdraw assets across multiple blockchains, highlighting vulnerabilities in wallet security and key management at the exchange.
Impact on the Exchange and Its Users: The hack led to significant financial losses and damaged the reputation of Bitmart as a secure trading platform. In response, Bitmart announced a full reimbursement plan for affected users and implemented stricter security measures, including enhanced authentication protocols and more rigorous monitoring of its wallet infrastructure.
Related: Best Strategies to Protect Yourself Against Crypto Scams
8. Wormhole Bridge
Date of the Hack: February 2, 2022
Amount Stolen: Approximately $320 million worth of cryptocurrency
Cryptocurrencies Stolen: Mainly Ethereum (ETH) and USD Coin (USDC)
How the Hack Occurred: The Wormhole Bridge, a popular bridge linking Ethereum and Solana blockchains, was exploited by hackers. They managed to forge transactions, enabling them to mint 120,000 so-called “wrapped” Ethereum for themselves.
Impact on the Exchange and Its Users: The hack severely damaged trust in Wormhole, leading to a significant drop in the price of cryptocurrencies. However, Wormhole indicated that “all funds have been restored,” that its services have come back online, and that it is preparing a full incident report.
9. Nomad Bridge
Date of the Hack: August 1, 2022
Amount Stolen: Over $190 million worth of cryptocurrency
Cryptocurrencies Stolen: Various tokens bridged through the platform
How the Hack Occurred: Nomad Bridge, another cross-chain bridge facilitating token transfers, fell victim to a hacking exploit. Attackers identified a flaw in the bridge’s code related to its message verification process. This allowed them to forge fraudulent transactions and steal a significant amount of cryptocurrency.
Impact on the Exchange and Its Users: The Nomad Bridge hack further emphasized the vulnerabilities in cross-chain bridge technology. The platform is currently undergoing security assessments and exploring compensation options for affected users.
10. Euler Finance
Date of the Hack: March 13, 2023
Amount Stolen: Over $195 million worth of cryptocurrency
Cryptocurrencies Stolen: Various types, including DAI, USDC, staked Ether (stETH) and wrapped Bitcoin (WBTC)
How the Hack Occurred: Euler Finance, a noncustodial lending protocol, was exploited in a flash loan attack. The attacker stole millions in DAI, USDC, staked Ether (stETH) and wrapped Bitcoin (WBTC).
Impact on the Exchange and Its Users: The attack significantly reduced user confidence in Euler Finance, which in turn caused a sharp decline in cryptocurrency prices. Over the following 23 days, the attacker did, however, refund all of the cash that was misused.
Exchange Name | Date of Hack | Amount Stolen (USD equivalent at the time) | Type of Cryptocurrency Stolen | Brief Description of Hack | Impact |
Ronin Network | March 2022 | $625 million | Ethereum (ETH) & USD Coin (USDC) | Hackers exploited private keys to steal funds. | Largest crypto hack ever; impacted Axie Infinity game. |
Poly Network | August 2021 | $611 million | Various cryptocurrencies | Hacker exploited a vulnerability in a smart contract. | Funds surprisingly returned by the hacker. |
FTX | November 2022 | $415 million (estimated) | Various cryptocurrencies | A sophisticated attack where hacker compromised the system. | Major blow to a prominent exchange; damaged investor confidence. |
Binance BNB Bridge | October 2022 | $570 million | Binance Coin (BNB) | Hackers exploited a bug in the bridge infrastructure. | Significant loss for a major exchange. |
Coincheck | January 2018 | $534 million | NEM (XEM) | Hackers stole user funds through a security flaw. | One of the biggest hacks; led to stricter regulations in Japan. |
Mt. Gox | February 2014 | $473 million (Bitcoin value at the time) | Bitcoin (BTC) | Combination of hacking and internal mismanagement. | Collapse of the largest exchange at the time; major setback for early Bitcoin. |
Wormhole Bridge | February 2022 | $325 million | Various cryptocurrencies | Hackers exploited a vulnerability in the bridge protocol. | Highlighted the risks of DeFi (decentralized finance) bridges. |
BitMart | December 2021 | $196 million | Various Tokens | Hot wallet security breach | Focus on multi-layered security and incident response |
Nomad Bridge | August 2022 | $190 million | Various Tokens | Cross-chain bridge code vulnerability | Emphasized importance of ongoing security monitoring |
Euler Finance | March 2022 | $195 million | Various Tokens | Flash loan attack exploiting smart contracts | Highlighted risks of DeFi and flash loan attacks |
Related: Misconceptions About Crypto: Crypto Is a Scam
Consequences of Hacks on the Crypto Market

The impact of these crypto exchange hacks extends far beyond the stolen millions. These security breaches send shockwaves through the entire crypto market, leaving a trail of consequences that affect investors, regulators, and the industry as a whole. Here are some of the key repercussions:
Loss of Investor Funds and Decreased Confidence
The most direct impact of these hacks is the loss of significant amounts of money, which can be devastating for individual investors and the market as a whole. Such incidents lead to a loss of trust in affected platforms and can induce wider market panic, which often results in volatile price movements.
Increased Regulatory Scrutiny and Stricter Compliance Requirements
Each major hack tends to draw attention from regulators worldwide. This scrutiny can lead to stricter regulations and compliance requirements for crypto exchanges, which might increase operational costs but also potentially enhance user protection and market stability.
Impact on the Price of Cryptocurrencies
The uncertainty and fear triggered by these hacks often lead to short-term declines in cryptocurrency prices. For example, significant hacks have historically been followed by quick, sharp drops in Bitcoin and other major cryptocurrencies as market sentiment takes a hit.
Potential Reputational Damage for the Entire Crypto Industry
Frequent and high-profile hacks can tarnish the overall reputation of the cryptocurrency industry. They reinforce the view that cryptocurrencies are insecure and risky, which can deter new adopters and investors from entering the market.
Increased Focus on Security Measures for Exchanges and Users
In the wake of these breaches, there is typically a heightened focus on improving security protocols at exchanges. This includes the adoption of more advanced security measures like multi-factor authentication, cold storage of assets, and regular security audits.
Effect on the Adoption of Cryptocurrencies
Although short-term impacts are generally negative, these events also prompt better security practices and innovations, which could long-term lead to a more robust and mature market. However, in the immediate aftermath, user adoption can slow down as potential new users might see cryptocurrencies as unsafe.
Shift to Decentralized Platforms
As trust in centralized exchanges wavers due to these hacks, there is often a noticeable shift in interest and assets towards decentralized platforms (DeFi). These platforms promote user control over personal assets and are perceived, though not always accurately, as being more secure against centralized points of failure.
How to Prevent Crypto Exchange Hacks

While the consequences of crypto exchange hacks can be devastating, the good news is that there are measures that can be taken to prevent these incidents. Here are some essential steps that both exchanges and users can take.
For Crypto Exchanges:
- Implement Multi-Signature Wallets: Utilize multi-signature wallets that require multiple private keys to authorize transactions. This adds an extra layer of security, reducing the risk of unauthorized access.
- Regular Security Audits: Conduct regular security audits by independent third-party firms to identify vulnerabilities and weaknesses in your exchange’s infrastructure. This proactive approach can help prevent potential breaches before they occur.
- Secure Cold Storage: Store the majority of funds in cold storage, which is offline and inaccessible to hackers. Only keep the minimum amount required for daily operations in hot wallets, reducing the potential loss in the event of a security breach.
- Two-Factor Authentication (2FA): Enforce two-factor authentication for all exchange accounts, requiring users to provide a second form of verification, such as a code sent to their mobile device, in addition to their password.
- Distributed Architecture: Implement a distributed architecture for your exchange infrastructure, spreading resources across multiple servers and data centers. This reduces the risk of a single point of failure and enhances resilience against DDoS attacks.
- Regular Software Updates: Keep all software and systems up-to-date with the latest security patches and updates. This helps protect against known vulnerabilities that could be exploited by hackers.
- Security Awareness Training: Provide comprehensive security awareness training to all employees to educate them about potential threats, phishing scams, and best practices for maintaining security protocols.
- Insurance Against Potential Hacks: Exchanges should consider securing insurance that covers crypto theft, which can provide a safety net for both the platform and its users in the event of a hack.
For Users:
- Choose Reputable Exchanges: Select well-established and reputable cryptocurrency exchanges with a proven track record of security and reliability. Research user reviews and ratings to assess the exchange’s reputation.
- Enable Two-Factor Authentication: Enable two-factor authentication (2FA) on your exchange account to add an extra layer of security. This helps prevent unauthorized access even if your password is compromised.
- Use Hardware Wallets: Consider using hardware wallets, which are physical devices that store your cryptocurrency offline. This provides enhanced security compared to online wallets, as they are not susceptible to hacking attacks.
- Beware of Phishing Scams: Be vigilant against phishing scams, where attackers attempt to trick you into revealing sensitive information or login credentials. Always double-check URLs, emails, and messages before clicking on any links or providing personal information.
- Monitor Account Activity: Regularly monitor your exchange account for any suspicious activity, such as unauthorized logins or transactions. Report any unusual activity to the exchange immediately and change your password.
- Use Strong, Unique Passwords: Create strong, unique passwords for your exchange account, using a combination of letters, numbers, and special characters. Avoid using the same password across multiple accounts to minimize the impact of a potential breach.
- Stay Informed: Stay informed about the latest security threats and best practices for securing your cryptocurrency assets. Follow reputable sources for cryptocurrency news and security updates to stay ahead of potential risks.
Conclusion
Trading in cryptocurrency holds immense promise, but security breaches remain a significant hurdle. By acknowledging the vulnerabilities, understanding the consequences, and implementing robust security practices, both exchanges and users can work towards a safer future.
Continuous improvement, education, and collaboration are key to building trust and resilience in the crypto ecosystem. As the industry evolves, so too must its security measures, paving the way for a more secure and prosperous future for digital assets.