Summary # In January 2018, Coincheck, one of Japan’s largest cryptocurrency exchanges, suffered a colossal security breach, resulting in the theft of approximately $530 million worth of NEM tokens. This incident shedding light on the vulnerabilities inherent in centralized exchanges and emphasizing the urgent need for robust security measures within the crypto ecosystem.
Attackers # The perpetrators behind the Coincheck NEM security breach were linked to a Canadian exchange and a Japanese exchange called Zaif, as identified by the BIG Blockchain Intelligence Group Inc.
...
Summary # On November 19, 2017, Tether, a company behind the USDT stablecoin pegged 1:1 to the US dollar, announced a malicious action by an external attacker. The attacker maliciously removed tokens from the Tether Treasury wallet and sent them to an unauthorized Bitcoin address. As a result, approximately $31 million worth of USDT was taken. In response to the breach, Tether temporarily suspended its back-end wallet service and initiated steps to prevent the stolen coins from entering the ecosystem.
...
Summary # On May 09, 2016, cryptocurrency exchange Gatecoin was hacked, resulting in the theft of approximately $2 million in cryptocurrencies. Hackers gained access to the exchange’s hot wallets and stole funds.
Attackers # The identity of the hackers who carried out the attack on Gatecoin is unknown.
BTC Wallet:
132ymu2ufMP3mDCo9qwKc173PV2Bbm4T2g ETH Wallets:
0x04786aada9deea2150deab7b3b8911c309f5ed90 0xc062dceed93087c9112ff7b02d53e928e49cec09 0x1342a001544b8b7ae4a5d374e33114c66d78bd5f 0xd4914762f9bd566bd0882b71af5439c0476d2ff6 Losses # Gatecoin estimated the losses from the hack to be approximately $2 million.
...
Summary # Between March 14 and April 9, 2016, the Swiss-based cryptocurrency exchange, ShapeShift, experienced three security breaches. The initial compromise was an insider threat, where an employee responsible for the platform’s security and infrastructure misappropriated funds. Subsequently, this individual provided an external threat actor with critical assets: the source code of ShapeShift’s core system, the IP address of the primary server, an SSH private key, and deployed a Remote Access Trojan (RAT) on a colleague’s workstation.
...
Summary # BTER, a China-based digital currency exchange, experienced a significant security breach on February 14, 2015, losing 7,170 bitcoins valued at approximately $1.75 million. The attack targeted the exchange’s cold wallets. The company has suspended its services and is collaborating with law enforcement to investigate the incident. BTER has also offered a 720 BTC reward, approximately $170,000, for assistance in recovering the stolen funds.
Attackers # The identity of the hackers who attacked BTER is unknown.
...
Summary # In January 2015, LocalBitcoins, a peer-to-peer Bitcoin trading platform, experienced a security breach that resulted in the theft of 17 BTC (approximately $3,850 at the time). The breach was caused by a vulnerability in the platform’s forum software, which allowed the attacker to gain access to user accounts. LocalBitcoins quickly responded to the incident by disabling the forum and reimbursing affected users.
Attackers # The identity of the attacker remains unknown.
...
Summary # During the events that unfolded between November 2014 and February 2015, an unknown attacker targeted Bitstamp employees through phishing messages and exploiting compromised accounts to steal the hot wallet file. During the attack, 18,866 BTC ($6.7 million adjusted for inflation) were stolen. Bitstamp suspended trading, notified customers, and eventually compensated them for their losses. The security failure stemmed from employees falling prey to social engineering attacks and distributing malware-laden files.
...
Summary # On October 5, 2011, Bitcoin7, a cryptocurrency exchange, suffered a security breach that resulted in the loss of approximately 5,000 BTC. The attack was facilitated by a combination of weak security practices and system vulnerabilities, which allowed the attackers to gain unauthorized access to the exchange’s hot wallet. Bitcoin7 claimed to have compensated affected customers and improved security measures following the attack, resuming normal operations within a few days.
...