Key Takeaways
- Cryptocurrency hacks often exploit vulnerabilities in platforms like exchanges and bridges, leading to significant losses. The largest hacks have exceeded billions of dollars.
- Notable cases like Mt. Gox, Poly Network, and Ronin Bridge highlight how technical flaws and human errors create opportunities for crypto hackers to steal funds.
- The FTX collapse in 2022 showcased internal mismanagement and fraud, sparking debates on governance and calls for stricter regulations in the crypto industry.
- Groups like the Lazarus Group, linked to state-sponsored cybercrime, play a significant role in crypto hacking, demonstrating these threats’ global scale and complexity.
Cryptocurrency has redefined money, transforming it into a digital, decentralized, and borderless transaction medium. However, it has also become a target for crypto hackers. With billions of dollars coursing through blockchain networks, crypto platforms, and protocols often resemble digital vaults with flawed locks.
In 2023, hackers stole $1.7 billion worth of cryptocurrency—a stark improvement from 2022’s staggering $3.8 billion loss but still a painful reminder of the risks. However, Bybit’s $1.5 billion loss in February 2025 highlights why hackers still threaten the crypto ecosystem. These breaches have shaken trust in blockchain security, tarnishing the promise of a decentralized financial future.
In this article, we’ll explore the most significant crypto heists, uncover the controversies they sparked, and highlight the vulnerabilities hackers exploit.
Biggest Crypto Hacks in History
Cryptocurrency theft has a long history of brazen attacks and losses. Here’s a snapshot of some of the most infamous breaches:
| Platform | Year | Hacker (if known) | Vulnerability | Value Lost | Recovery Status | Type of Attack |
|---|---|---|---|---|---|---|
| Mt. Gox | 2014 | Unknown | Hot wallet compromise | $450 million | Some funds recovered | Exchange hack |
| Poly Network | 2021 | White Hat Hacker | Cross-chain vulnerability | $610 million | Most funds recovered | Smart contract exploit |
| FTX | 2022 | Internal misuse (alleged) | Poor governance | $8 billion | Funds not recovered | Internal theft/mismanagement |
| Ronin Bridge | 2022 | Lazarus Group | Private key compromise | $625 million | Funds not recovered | Bridge exploit |
| Binance BNB Bridge | 2022 | Unknown | Smart contract flaw | $570 million | Funds not recovered | Smart contract exploit |
| Bybit Exchange | 2025 | Lazarus Group and TraderTraitor | Malware-laden cryptocurrency trading applications | $1.5 billion | Funds not recovered | Exchange hack |
Silk Road
The Silk Road marketplace represented a pivotal chapter in crypto history, embodying blockchain technology’s revolutionary potential and darker implications. Operating on the dark web from 2011 to 2013, it was an illegal Amazon-like platform for illicit transactions, with Bitcoin as one of its main currencies. The site’s promise of anonymity attracted thousands of users, ranging from drug dealers to legitimate privacy advocates.
Working under the pseudonym Dread Pirate Roberts, Ross Ulbricht created and maintained the platform until his dramatic arrest in a San Francisco library in October 2013. The FBI’s seizure of 144,000 BTC, worth millions at the time and billions today, marked one of the largest cryptocurrency confiscations in history.
In September 2012, James Zhong exploited a weakness in Silk Road’s withdrawal system, creating fake accounts to execute Bitcoin theft worth over 50,000 Bitcoin. Zhong consolidated the stolen funds and later benefited from a cryptocurrency split in 2017, increasing his holdings to over 53,500 BTC.
In November 2021, federal agents uncovered 50,491 Bitcoin hidden in Zhong’s Georgia home, including a popcorn tin and an underground safe. This marked one of the largest cryptocurrency seizures in US history, valued at over $3.36 billion. Zhong later surrendered additional Bitcoin, bringing the total seized to over 51,351 BTC.
Binance BNB Bridge
The October 2022 attack on Binance’s BNB Bridge is one of cryptocurrency’s most significant security incidents, exposing critical vulnerabilities in blockchain infrastructure.
Attackers exploited a flaw in the bridge’s intelligent contract verification system, allowing them to forge proof-of-deposit transactions and artificially mint BNB tokens they never owned. This sophisticated breach resulted in approximately $570 million in losses, positioning it among the largest cryptocurrency heists in history.
Binance’s response to the incident drew mixed reactions from the crypto community. While the company acted swiftly to freeze portions of the stolen funds and halt bridge operations, critics pointed to the breach as evidence of inadequate security auditing in critical blockchain infrastructure.
Bybit
In February 2025, Bybit, a centralized cryptocurrency exchange based in Dubai, experienced a significant security breach resulting in the theft of approximately $1.5 billion in Ethereum. The FBI attributed this theft to North Korean-backed hacking groups, specifically the famous Lazarus Group and TraderTraitor. These groups employed malware-laden cryptocurrency trading applications to infiltrate systems and exfiltrate assets.
Following the breach, the stolen assets were rapidly converted into Bitcoin and other virtual currencies, dispersed across numerous blockchain addresses, and laundered to be exchanged for fiat currency eventually. Bybit’s CEO, Ben Zhou, acknowledged the incident and assured stakeholders of the company’s solvency, even without asset recovery.
Ronin Bridge
Ronin Bridge, a core part of the Axie Infinity gaming platform, suffered a catastrophic attack in 2022. The Lazarus Group compromised private keys, gaining control of validators and draining $625 million in Ethereum and USDC.
Controversy swirled around the bridge’s security setup. With only nine validators managing billions of dollars, critics questioned the platform’s overreliance on centralized control points. Axie Infinity faced a backlash from its user base, many of whom were small-scale investors in developing countries.
Mt. Gox
Before its downfall, Mt. Gox was the kingpin of crypto exchanges, handling 70% of Bitcoin transactions globally. However, in 2014, the platform revealed it had lost 850,000 Bitcoin due to years of hacks and mismanagement.
While some funds were later recovered, the collapse sparked chaos, leaving thousands of users in financial ruin. Controversy ensued over the exchange’s handling of customer funds, with many accusing Mt. Gox of negligence. To this day, the exchange is a cautionary tale about the importance of robust security measures and transparent operations.
Poly Network
In 2021, the Poly Network hack made headlines as the largest cryptocurrency heist in history. A hacker exploited a vulnerability in the platform’s cross-chain protocol to siphon $610 million in crypto. However, nearly all the funds were returned within 48 hours in a surprising turn of events. The hacker claimed they intended to expose security flaws rather than profit, earning the nickname “Mr. White Hat.”
Poly Network, a decentralized finance (DeFi) platform, facilitates token swaps across Ethereum, Binance Smart Chain, and Polygon. Its cross-chain protocols rely on smart contracts to manage token transfers, but one was flawed. The hacker exploited this to override its instructions and drain funds into three wallet addresses. These wallets were quickly traced, forcing the hacker to return the assets.
The incident sparked debate. Was the hacker an ethical white hat exposing weaknesses or a criminal who found laundering $610 million too risky? Regardless of intent, the breach highlighted ongoing risks in DeFi platforms, especially cross-chain protocols.
For the crypto industry, this was a wake-up call to prioritize security. As technologies evolve, so must measures to protect against increasingly sophisticated threats.
FTX
FTX’s dramatic collapse in 2022 wasn’t due to external hacking but internal chaos and alleged fraud. Once valued at over $32 billion, the exchange left an $8 billion gap in customer funds, sparking outrage and panic across the crypto world. Allegations of mismanagement centered on founder Sam Bankman-Fried, who allegedly commingled customer deposits with Alameda Research, FTX’s affiliated trading firm. The misuse of funds, lavish spending, and poor risk management painted a picture of systemic dysfunction.
Sam Bankman-Fried quickly became a polarizing figure. Once hailed as a crypto visionary, he faces multiple criminal charges, including fraud and conspiracy.
The scandal increased debates about governance and transparency in the crypto space. Critics pointed to the lack of regulation as a breeding ground for such misconduct. FTX’s implosion eroded public trust and spurred global calls for stricter regulation to protect investors and ensure accountability.
Who Is the Lazarus Group?
The Lazarus Group is a North Korean hacking group that’s become a legend in cybersecurity circles—and not in a good way.
Known for its cyber-espionage and cybercrime activities, Lazarus has been involved in several major hacks targeting financial institutions, media organizations, and government agencies worldwide. The Lazarus Group’s cyber activities are thought to be directly funded by North Korea’s regime, and their operations are often linked to the country’s efforts to finance its missile and nuclear programs. Their attacks are carried out with precision and often exploit vulnerabilities in financial systems, companies, and governments to further their national interests.
These hackers have pulled off some of history’s most audacious crypto heists, including the $625 million Ronin Bridge theft in 2022. But they’re not just after the big fish. The Lazarus group is equally comfortable targeting individual crypto users through clever phishing schemes that can make even seasoned traders fall for their tricks.
What makes them particularly fascinating and concerning is their versatility. One day, they might exploit complex vulnerabilities in blockchain bridges; the next, they could send convincing job offers to developers on LinkedIn. One of their famous non-crypto targets was Sony Pictures in 2014, where sensitive data was stolen and released to the public as a form of retaliation against the film The Interview. They’ve also been known to create fake companies with websites and social media presence just to lure potential victims.
The cybersecurity community has learned to recognize its distinctive patterns, but its tactics constantly evolve. It’s like a high-stakes game of digital cat and mouse, where the stakes involve both personal fortunes and international security.
Closing Thoughts
A look back at just a few of the biggest crypto hacks in history shows that no system is completely safe. Blockchain is powerful but can still have flaws, and hackers are always finding new ways to exploit its weaknesses.
For users, caution is essential. Stick to trusted platforms, use hardware wallets, and enable two-factor authentication. Developers should focus on building secure systems and learning from past mistakes.
While the industry is making progress, various security risks remain. The challenge is to make crypto safer without slowing innovation. Security must stay a top priority as more people use cryptocurrencies.
