Summary # In January 2018, Coincheck, one of Japan’s largest cryptocurrency exchanges, suffered a colossal security breach, resulting in the theft of approximately $530 million worth of NEM tokens. This incident shedding light on the vulnerabilities inherent in centralized exchanges and emphasizing the urgent need for robust security measures within the crypto ecosystem.
Attackers # The perpetrators behind the Coincheck NEM security breach were linked to a Canadian exchange and a Japanese exchange called Zaif, as identified by the BIG Blockchain Intelligence Group Inc.
...
Summary # BitConnect, a cryptocurrency and lending platform, operated a fraudulent high-yield investment program (HYIP) from 2016 to 2018. The platform promised unsustainable daily returns of 1% with compounding, attracting a large investor base through aggressive multi-level marketing (MLM) tactics. In January 2018, BitConnect abruptly shut down the HYIP, triggering a panic and leading to a 90%+ drop in the value of BitConnect Coin (BCC). The U.S. Securities and Exchange Commission (SEC) later concluded BitConnect operated as a Ponzi scheme, defrauding investors of an estimated $2 billion.
...
Summary # On November 19, 2017, Tether, a company behind the USDT stablecoin pegged 1:1 to the US dollar, announced a malicious action by an external attacker. The attacker maliciously removed tokens from the Tether Treasury wallet and sent them to an unauthorized Bitcoin address. As a result, approximately $31 million worth of USDT was taken. In response to the breach, Tether temporarily suspended its back-end wallet service and initiated steps to prevent the stolen coins from entering the ecosystem.
...
Summary # On November 6, 2017, a user named devops199 accidentally triggered a sequence of actions that led to the compromise of the Parity Multisig WalletLibrary contract. By mistakenly executing the initWallet function followed by the kill function, the WalletLibrary contract was removed from the blockchain. As a result, approximately 513k ETH became locked and inaccessible in the affected contracts. The funds were not stolen but remained frozen, highlighting the need for better security measures in decentralized applications and smart contracts.
...
Summary # On July 19, 2017, Parity Technologies fell victim to a wallet hack. A vulnerability was discovered and exploited in the Parity MultiSig Wallet version 1.5+, enabling the attacker to take control over the contracts and drain all their funds. The attack resulted in a loss of 153,037 ETH, equivalent to approximately $34 million from three ( one, two, and three) wallets.
Attackers # The attacker’s identity remains unknown.
...
Summary # Shift, a blockchain project focused on decentralized web hosting, was hit by a 51% attack in late August 2016. The attackers were able to take control of more than half of the network’s mining power, enabling them to reorganize the blockchain and carry out double-spending attacks.
Attackers # The identities of the attackers remain unknown.
Losses # The exact amount of losses in the Shift 51% attack is not clear.
...
Summary # Krypton, an Ethereum-based blockchain, experienced a 51% attack in August 2016. The attackers were able to control more than half of the network’s hash rate, enabling them to manipulate the blockchain and double-spend KR tokens.
Attackers # The identity of the attackers remains unknown.
Losses # It was reported that the attackers managed to steal approximately 21,465 KR tokens, which had a value of about $3,000 at the time of the attack.
...
Summary # On the 2nd of August 2016, Bitfinex, a prominent cryptocurrency exchange, experienced a security breach resulting in the theft of approximately 120,000 bitcoins (US$72 million at the time). This incident led to a 20% decline in the trading price of Bitcoin — from US$600 to US$400, reducing the value of the stolen bitcoins to nearly US$58 million. In response to the breach, Bitfinex immediately halted all Bitcoin withdrawals and trading activities.
...
Summary # On May 09, 2016, cryptocurrency exchange Gatecoin was hacked, resulting in the theft of approximately $2 million in cryptocurrencies. Hackers gained access to the exchange’s hot wallets and stole funds.
Attackers # The identity of the hackers who carried out the attack on Gatecoin is unknown.
BTC Wallet:
132ymu2ufMP3mDCo9qwKc173PV2Bbm4T2g ETH Wallets:
0x04786aada9deea2150deab7b3b8911c309f5ed90 0xc062dceed93087c9112ff7b02d53e928e49cec09 0x1342a001544b8b7ae4a5d374e33114c66d78bd5f 0xd4914762f9bd566bd0882b71af5439c0476d2ff6 Losses # Gatecoin estimated the losses from the hack to be approximately $2 million.
...
Summary # Between March 14 and April 9, 2016, the Swiss-based cryptocurrency exchange, ShapeShift, experienced three security breaches. The initial compromise was an insider threat, where an employee responsible for the platform’s security and infrastructure misappropriated funds. Subsequently, this individual provided an external threat actor with critical assets: the source code of ShapeShift’s core system, the IP address of the primary server, an SSH private key, and deployed a Remote Access Trojan (RAT) on a colleague’s workstation.
...