19 May, 2022 posted by Laudee

Bitcoin has as one of its greatest characteristics, security. Among its fundamental aspects is protecting the privacy of users, avoiding asset theft and avoiding harmful practices such as double-spending. That Bitcoin implements important security measures does not mean that it is inviolable or, in other words, that cases of theft of Bitcoin or other cryptocurrencies cannot occur.

For decades, banks have been expanding and improving security mechanisms to prevent theft and even so, they continue to happen. Bitcoin is not even ten years old and there is still a lot of work to do to make the system much more secure.

There are numerous things that a third party can do with our money. The most common are behind Ponzi-type pyramid schemes and fraudulent pages that ask for our private key. Although these actions are highly important and deserve to be watched, attacks on exchanges that allow users to steal money and exploit security holes in wallets are even more serious.

We will see some of the biggest thefts of Bitcoin and also of other cryptocurrencies, because all cryptocurrencies in the market have value and all are susceptible to being stolen.

In this post we will deal with the largest amount thefts, and therefore the most notorious, but in the following button you have access to an external resource with an extensive complete list:



Mt. Gox (Between 640,000 BTC and 850,000 BTC)

Exchange that was based in Shibuya, Tokyo, Japan and began operating on July 18, 2010. The problems began at the end of 2013, when the exchange house reported an insolvency and ended up closing on February 25, 2015 , disappearing along the way between 640,000 BTC and 850,000 BTC (there is a big dance of numbers on that)

We can divide the story into two parts:

Mt. Gox Robbery 1 (25,000 BTC)

The first takes us back to 2011, when an unidentified attacker made off with 25,000 Bitcoin. Although there is no data, it has been speculated that the theft could have been internal, specifically they could have been stolen by Jed McCaleb, although there is no evidence.

After the looting, in what appears to be a not-so-clean attempt to cover his tracks, the thief sold the bitcoins and bought them back to later exchange them for dollars, which is why some Mt. Gox users followed in his footsteps and reached a Hong Kong IP address.


Mt. Gox Robbery 2 (744,408 BTC)

The second robbery was sometime later and after the exchange changed hands. Fast-forward to 2014, when 744,408 BTC was reported lost or stolen. An audit carried out indicated that the robbery had been taking place ‘silently’ for years. The assets were never returned.

If we can take something positive from it, it is that the security of exchange houses was improved and that safer alternatives emerged in the process of buying and selling bitcoins.


‘Pony’ Botnet

Although this attack is not big in the amount of money stolen, it is in the number of affected machines.

Criminals used a Pony network of zombie computers with millions of infected computers for 5 months (September 2013 – January 2014).

They stole $220,000 worth of bitcoin and other cryptocurrencies. They only had to execute a line of code for all the private keys of users with installed Bitcoin wallets to reach them.

Later the criminals used them to move the bitcoins to their own wallets.


Silk Road (173.655 BTC)

It is one of the most contentious cases, as some have referred to it as theft while others have referred to it as an act of justice.

Silk Road was a well-known Dark Web store where you could trade weapons, drugs, tasteless digital content, and a host of other illegal items. The FBI after an arduous investigation, managed to close this illegal market.

During the arrest and closure work, 29,655 bitcoins owned by this digital store and another 144,000 bitcoins from the site’s founder, Ross Ulbricht, were seized.

The story would have one more twist, when agents Shaun Bridges and Carl Force, agents of the Drug Enforcement Division, made between 700,000 dollars and 1 million dollars in Bitcoin during the investigation and infiltration work, counting them almost seven years each of them in jail.


Bitfinex (121.256 BTC)

Bitfinex, based in Hong Kong and founded in 2012, is one of the world’s largest exchanges. It has been the victim of two thefts, the first minor in May 2015 where some 1,500 BTC were stolen and the second and more important on August 2, 2016 through a security breach that 119,756 BTC was stolen.

The exchange is still operational today and according to information, all users recovered their bitcoins.


BitFloor (24.000 BTC)

Exchange that was based in the state of New York, United States, was quite popular at the time, due to the fact that it allowed the device of cash in US dollars through LocalTill that was backed by Bank of America.

BitFloor on September 4, 2012 reported a security breach and reported that a group of attackers had managed to steal 24,000 BTC from the exchange’s wallet. The statement reported the closure and the refusal of customers to access their funds, since they barely had funds after the theft.

Supposedly the exchange would return lost funds to customers, but on March 8, 2013, three months after the last return (December 2012) of funds, it stopped responding. The alarms went off when the web was down for a while on April 3, 2012.

The last that was heard from the exchange was on April 17, 2013, when they finally ceased operations, after their bank announced that they were going to close the exchange account. No information was given in this regard, but there was talk of a closure due to money laundering operations.


YouBit (4,000 BTC)

South Korea is one of the world’s ‘crypto-friendly‘ countries, allowing for the establishment of regulated cryptocurrency exchanges. Among them was YouBit, a fairly important exchange that after suffering two computer attacks has closed its doors.

The first attack was in April 2017, when about 4,000 BTC were stolen and the second took place on December 19, 2017, when approximately 17% of the assets were stolen (it is not clear what amount was stolen).

After this second attack, the company reported that it would cease activity. They promised to return 75% of the funds, the remaining 25% will come from the liquidation of the company’s assets and assets.


NiceHash (4,700 BTC)

The cryptocurrency cloud mining service has been one of the most recent victims of theft. The Slovenia-based company offers cloud mining solutions and allows users to easily mine with their equipment.

Mark Kobal, CEO of the company, announced in a Facebook live that 4,700 BTC had indeed been stolen. He also announced his interest in returning the funds to their rightful owners, for which a return plan was created.



Some of the biggest heist in history, as we have seen in the first installment, have to do with the theft of Bitcoin from different exchange houses (or illegal markets) but there are cases of theft of other cryptocurrencies. And it is that the altcoin have not been spared from thefts.

Bitcoin tops the list, of course, in stolen amounts and in fiat currency equivalence but other cryptocurrencies, especially Ethereum, have suffered significant thefts that have ended up destroying projects due to code errors or the theft of NEM from a Japanese exchange, such as some of the most notorious cases, which we will see below.


Coincheck (523 million NEM)

The Japanese exchange Coincheck began operating in 2014 and I’m sure I always hope to be recognized for its great volume, work and reliability, not because of what happened on January 26, 2018, which is when it was revealed that the exchange house had been a victim of theft of 523 million NEM, which at the same time had an equivalent of 534 million dollars, being the largest theft in history to date.

The problem stems from cryptocurrency storage. Coincheck stored the coins in a simple hot wallet, rather than a multi-signature wallet, which made the task easier because the attackers obtained the private key that unlocks the correct wallet.

Despite the important theft, the exchange continues to operate normally and established a plan to return the stolen assets that began on March 12, 2018. The Japanese authorities are working on the resolution of the case and have their eyes on the exchange house. , to verify that the security is adequate and that the stolen capital is returned.


The DAO (3.6 million Ether)

Ethereum is a platform that allows many things, including the creation of Smart Contracts that allow the development of Decentralized Autonomous Organizations (DAO) , which are named after The DAO, the first of its kind that was a crowdfunding project.

The idea, despite being good, had a problem: the developed code. It seems that the code that gives rise to the DAO contained a bug or a programming error that allows a third party to transfer the 3.6 million Ether worth about 50 million dollars at that time.

The attacker claimed that the money transfer was completely legal and shouldn’t be considered theft. He even threatened those attempting to recover the funds with legal action.


Parity Wallet (Stolen: 153,000 ETH; Frozen: 513,774 ETH)

One of the most outrageous stories in the world of cryptocurrencies has to do with Gavin Woods, Founder of Parity and former lead developer on Ethereum. The story is divided into two parts.

The first incident takes place on July 19, 2017, when a total of 153,000 ETH is stolen anonymously, which is equivalent to about 32 million dollars from the Aeternity, Edgeless and Swarm City wallets. The origin of the theft lies in a bug in the Parity 1.5 utility itself

The second incident takes place on November 8, 2017. We need to go back to January 2017 to figure out what’s going on, when an important vulnerability in multisignature wallets was discovered, but the developers decided to fix it despite the fact that it was a potential problem. sometime in the future

Going back to November, user ‘devopps199’ created what was initially thought to be a corrupt wallet by mistake that ended up freezing multi-signature wallet funds over time. It was later discovered that it had originated in an attempt to fraudulently load Parity wallets.

Initially there was talk of a block of about 280 million dollars in Ethereum, the figure was later reduced to a total of 513,774.16 ETH, which is equivalent to about 169 million dollars.

CoinDash (43,400 ETH)

CoinDash (488 ETH stolen / 43,400 ETH returned)

Possibly one of the most curious cases to date is that on July 17, 2017, the sale of CoinDash tokens began through ICO, an Israeli project that was forced to close after a computer attack.

The attacker managed to access the wallet address through a security hole, taking control and releasing 488 ETH. But what happened next is the first time it is seen and it is that the attacker has not only returned what was stolen, but has given more

On September 12, 2017, the attacker, maintaining his anonymity, sent the stolen 488 ETH to CoinDash’s ShapeShift account. On September 19, 2017, he makes another deposit of 10,000 ETH. Subsequently, another transaction of 20,000 ETH was made and the one made by this attacker turned into a good samaritan was 13,000 ETH.

The identity of this or these individuals is unknown, but some speculate that it was a strategy devised by the ICO’s creators to gain free publicity. Who knows.


The arrival of Bitcoin has sparked a discussion about the future of Bitcoin and other cryptocurrencies. Despite recent issues, Bitcoin’s success since its launch in 2009 has sparked the creation of alternative cryptocurrencies such as Ethereum, Litecoin, and Ripple. A cryptocurrency that wants to be accepted into the mainstream financial system must meet a number of criteria. While that possibility appears remote, there is no doubt that Bitcoin’s success or failure in dealing with the challenges it faces in the coming years will have a significant impact on the fortunes of other cryptocurrencies.

Read next: Road trip planning guide

Photo by Pexels