Missing Crypto Timeline Draft 3 April 2016 - ​@KyleSGibson 

(Charts and figures start on page 16) 

 
[1] 6-13-2011, Allinvain Bitcointalk User Hack:​A u ​ ser on BitcoinTalk​ going by "allinvain" submitted a 
new thread to the forum claiming their Bitcoin wallet, which was held on a Windows computer, h ​ ad been 
hacked.​ This is commonly referred to as the "​ first major [...] Bitcoin hack." 
$500,000 / 25,000BTC stolen 
 
[2] 6-19-2011, Mt Gox Auditor Theft: ​The first of two major hacks on the ​Mt Gox exchange​. According 
to r​ eports​, a "computer belonging to an auditor" was compromised, and the attackers were able to "set the 
price of Bitcoin to one cent," then direct several accounts to buy and withdraw ~2000BTC, which to users of 
the exchange looked like a "​ flash crash." 
$30,000.00 / 2,000 BTC 
 
[3] 8-1-2011, Bitomat Exchange Wallet.dat File Is Deleted: P ​ oland-based Bitomat was allegedly the 
third largest Bitcoin exchange in the world when they announced to their users that, during a server upgrade, 
they had accidentally deleted a "wallet.dat" file, and thus locked away all of their funds. 
$220,000.00 / 17,000 BTC locked 
 
[4] 8-8-2011, MyBitcoin Exchange Hack: ​"Tom Williams" was the name given by the supposed operator 
of this Bitcoin wallet and exchange service, which at the time of Tom's disappearance, ​"had more deposits 
than the third largest Bitcoin exchange, Bitomat.pl."​ The only explanation he gave before disappearing was an 
"Incident Report" alleging a hack. The service was promoted by some "Bitcoin evangelists" such as Bruce 
Wagner, who ​claimed to have lost 25,000 BTC. 
$2,000,000.00 / 154,406 BTC stolen 
 
[5] 10-5-2011, Bitcoin7 Exchange Hack: A ​ notice sent by the operators of ​Bitcoin7​ to their exchange's 
customer said that their service had been the victim of a hack, one which "originated from Russia and Eastern 
Europe," and as part of the investigation they would be requiring such information from all their users as: a 
passport, bank account numbers, utility bills. No further explanation of the "hack" or recovery process has 
been offered. 
$50,000.00 / 5,000 BTC stolen 
 
[6] 3-2-2012, Linode Webhost Cloud Server Hack: L ​ inode, a webhosting service, was allegedly 
compromised in an attack​ which saw "46,703 Bitcoin" stolen, the majority of which ​"belonged to customers 
of Bitoinica,"​ an exchange. 
$228,000 / 46,703 BTC stolen 
 
[7] 5-6-2012, Bitcoinica Hot Wallet Hack: ​In their second incident of a hack or theft, B ​ itcoinica​ claimed a 
"a suspicious Bitcoin transaction​ that doesn't seem to be initiated by any one of the company owners" had 
drained their "online wallet." 
$90,000.00 / 18,547 BTC stolen 
 
[8] 7-2-2012, Bitcoin Savings and Trust Ponzi Scheme: ​The Bitcoin Savings & Trust was a "virtual 
hedge fund" operated by an account named "​ Pirateat40."​ It was shut down with a message from the account, 
claiming​ "The decision was based on the general size and overall time required to manage the transactions." 
~150,000 stolen 

1
 
[9] 7-13-2012, Bitcoinica Mt Gox Hack: ​In B ​ itcoinica​'s third incident, they published another Bitcointalk 
thread describing how their account had been "compromised," due to the "LastPass password being a 
duplicate" of one u ​ sed by a Mt Gox API service​, which had been previously compromised. 
$350,000.00 / 40,000 BTC stolen 
 
[10] 9-4-2012, Bitfloor Exchange Hack: ​In another hack announcement m ​ ade on Bitcointalk​, the 
proprietor of the B​ itfloor exchange​ said they "needed help" after their servers were compromised and attackers 
were able to duplicate their keys and steal "almost all of the BTC." 
$240,000.00 / 240,000 BTC stolen 
 
[11] 11-16-2012, BitcoinTalk Trojan Wallet Hack: A ​ user going by “​ mralbi” on BitcoinTalk​ began a 
thread​ by saying "[S]tupid as i am i allowed some hacker to somehow install a trojan horse on my pc where i 
stored some of my bitcoins. The hacker sent the bitcoins to the address: 
1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS" 
3457 BTC stolen 
 
[12] 1-11-2013, Vircurex Exchange Hack: ​Customers of the V ​ ircurex exchange​ are still embroiled in suits 
to figure out w
​ hat happened to their lost funds.​ One suit alleges the exchange suffered multiple un-reported 
hacks, and "made efforts to cover their tracks and create impediments designed to deter account holders from 
bringing suit to recover the Frozen Funds." 
$50,000,000.00 / 1,666 BTC stolen 
 
[13] 2-14-2013, BitMarket.eu Exit Scam: M ​ aciej Trebacz​ explained that he had no responsibility for the 
Bitmarket exchange's lost funds because they were b ​ eing held at Bitcoinica​ when they were stolen. Their 
company also had funds lost when ​Polish Banks shut down their accounts. 
$400,000.00 / 18787 BTC stolen 
 
[14] 3-10-2013, BTCGuild Mining Pool Hack: ​During a client upgrade in advance of a hardfork, the 
BTCGuild mining pool​ was exposed to a vulnerability which allowed attackers to d ​ rain their hot wallet. 
$50,000.00 / 1,254 BTC stolen 
 
[15] 3-28-2013, Bitcoin Rain Exit Scam: B ​ itcoin Rain, a crypto hedge fund, was shut down by way of a 
BitcoinTalk announcement by the owner, Leandro Cesar, who claimed his related "Mercado Bitcoin" 
exchange had been hacked. This event has been compared to [8] Bitcoin Savings and Trust. 
2,150 BTC stolen 
 
[16] 7-15-2013, Just Dice Incident: C ​ hris Moore, developer for the gambling service "Just Dice," 
discovered a flaw on his site which had allowed a user to make repeated withdrawals without his balance being 
debited. 
$121,000.00 / 1,300 BTC stolen 
 
[17] 8-27-2013, Bitfunder and WeExchange Hack: ​Jon E. Montroll, 37, plead guilty to US fraud charges 
related to two Bitcoin exchanges he operated, Bitfunder and WeExchange. He admitted to "failing to disclose 
to investors that hackers were able to exploit a flaw in the BitFunder code," as well as lying to investigators 
about it. 
$560,000.00 / 6,000 BTC stolen 
 

2
[18] 10-1-2013, Canada Bitcoins Social Engineering Theft: ​A hacker spoke with a representative for the 
Canada Bitcoins' datacenter​ over online chat, and convinced them to rest their system to "fail safe mode," 
bypassing their security and allowing them to withdraw Bitcoins. 
$100,000.00 / 149 BTC stolen 
 
[19] 10-23-2013, Input.io Wallet Hack: ​A BitcoinTalk user going by "​ TradeFortress"​ waited more than a 
week to let the users of their "Bitcoin Bank" service, Input.io, know that their Bitcoins held on the service ​had 
been stolen. 
$1,300,000.00 / 4,100 BTC stolen 
 
[20] 10-26-2013, GBL Exchange Exit Scam: "​Almost 1,000 people deposited around $4.1 million in 
Chinese Yuan" into the G ​ BL exchange​, "attracted by inducements (savings) such as fee waivers." Even though, 
the exchange hadn't received any financial services license. The owners a​ bsconded with the funds. 
$4,100,000.00 / 9,640 BTC stolen 
 
[21] 11-19-2013, BIPS Payment Services Hack: ​On Nov. 15, B ​ IPS​ claims they were subject to a "massive 
DDoS" attack, which was in preparation for a larger attack ​two days later,​ in which "several layers of 
protection" were breached and "several wallets were compromised." The payment services company ​disclosed 
these events​ another full two days later. 
$1,000,000.00 / 1,295 BTC stolen 
 
[22] 11-21-2013, Sheep Marketplace Exit Scam: S​heep Marketplace​ was a "Dark Web" exchange service. 
Its owner, Thomas Jiřikovský, and his wife Eve Bartošová, are now known as being responsible for the "​ largest 
exit scam in the history of the Dark Web." 
$6,000,000.00 / 5,400 BTC stolen 
 
[23] 11-29-2013, Picostocks Cold Wallet Hack: ​In a post submitted to the /​ r/Bitcoin reddit forum​, 
"Love_Eggs_and_Bacon" of Picostocks announced they would be "down for a while," as their "hot wallet and 
cold wallet account have been stolen." They said it was suspected there were insiders involved. 
$6,000,000 / 5,975 BTC stolen 
 
[24] 12-22-2013, CryptoLocker Ransomware Attacks: O ​ ne of the earliest, notably successful 
ransomware programs to utilize cryptocurrency. The C ​ ryptoLocker​ attack utilized a pre-existing trojan for 
Windows PCs. A DoJ “consortium” called Operation Tovar announced their takedown of the “GameOver 
ZeUs” botnet which had been the primary channel tool to operate CryptoLocker. 
~42,000 BTC stolen 
 
[25] 2-7-2014, MT Gox Halts Trade Over Major Hack: F ​ollowing the discovery and extended fix of a 
widely publicized network issue with Bitcoin, referred to as a “transaction malleability” bug, the M ​ t Gox 
crypto exchange​ (the largest at the time) first “halted all BTC withdrawals” on February 7. The price of 
Bitcoin “fell 20%”; then, on the 24th, Mt Gox “went offline completely” and a “crisis strategy” plan was 
leaked, “which declared Mt Gox’s insolvency.” This incident is known as the ​“most iconic exchange hack,”​ as 
well as one of the largest cyber crimes, and has been the subject of many theories and reports. 
$450,000,000.00 / 650,000 BTC stolen 
 
[26] 3-4-2014, Poloniex Withdrawal Hack: A ​ hacker allegedly found out that if you "place several 
withdrawals at the same instant," the Poloniex exchange would process them as "valid insertions into the 

3
database." 
$1,000 / 97 BTC 
 
[27] 3-4-2014, Flexcoin Hot Wallet Hack: "​The first ​Bitcoin bank,"​ according to Flexcoin, was 
Flexcoin...even though they were never technically a bank. They shut down after a "robbery" of their hot 
wallets. 
$600,000.00 / 896 BTC stolen 
 
[28] 3-9-2014, PonziCoin Exit Scam: ​A nameless developer created a service, "​ PonziCoin,"​ which 
ostensibly would operate as a pyramid scheme, but it ended up operating like a simple e​ xit scam​; nobody 
received any payouts. 
10 BTC stolen 
 
[29] 3​-11-2014​, Crypto Rush Hack: F ​rom the owner of the ​Crypto Rush exchange:​ "The guilt was starting 
to build up inside of me. I answered very few tickets the week of the 16th. [...] I wanted so bad for the 
exchange to stay afloat, thinking ‘Maybe tomorrow will bring us back our volume!” But alas, the problems 
with Zeit, and BTC withdrawals killed our volume. There was no coming back.’" 
$800,000.00 / 950 BTC stolen 
 
[30] 5-15-2014, Cryptsy Exchange Hack: ​Like [24] Mt. Gox, this "hack" was (at best) coincidentally 
divulged after m​ onths of customers reporting issues with withdrawals.​ Now those creditors have been 
involved in multiple lawsuits against the Cryptsy exchange. 
$9,580,000.00 / 13,000 BTC stolen 
 
[31] 10-8-2014, Mintpal Exchange Exit Scam:  
"Alex Green," or "Ryan Kennedy," bought the ​Mintpal exchange​ and allegedly stole all of its customers funds, 
then was subsequently arrested in the US, on rape charges. 
$1,300,000.00 / 3,894 BTC stolen 
 
[32] 1-4-2015, Bitstamp Hot Wallet Hack: ​In a statement, B ​ itstamp​ told its customers that their wallet 
system had been compromised and some BTC had been stolen, but that it was a "small fraction" of their total 
reserves. A ​leaked document​ in July 2015 claimed the hack was the result of a successful phishing attempt on 
the exchange's employees. 
$5,000,000.00 / 19,000 BTC stolen 
 
[33] 1-28-2015, 796 Exchange Hack: ​Hackers were able to, according to the owner, "compromise a 
certain weakness" on the servers of Chinese-based exchange 7​ 96​, and make edits which redirected customer 
deposits to a wallet besides their hot wallet. 
$230,000.00 / 1,000 BTC stolen 
 
[34] 2-9-2015, MyCoin Exchange Ponzi Scheme: A ​ dvertised as a High Yield Investment Product, 
MyCoin​ turned out to be a simple exit scam which operated for a short time like a Ponzi. Its victims, who 
were mostly in Hong Kong, invested an "average of $400,000" and waited for their payouts. The proprietors 
vanished. 
$8,000,000.00 stolen 
 
[35] 2-15-2015, BTER Cold Wallet Hack: T ​ he website of the BTER exchange was altered to display a 
4-line message announcing "BTC got stolen" and a "720 BTC bounty for chasing it back." The exchange had 

4
a similar event previously, but in that incident they claimed to have "negotiated for a partial return of those 
funds." (​ CoinDesk) 
$1,750,000.00 / 1,170 BTC stolen 
 
[36] 2-19-2015, Kipcoin Exchange Hack: ​The​ Kipcoin exchange​ offered "a 22% annualized interest, paid 
daily" and said they were planning to launch a futures exchange, before they claimed on the day before 
Chinese Lunar New Year that "their wallet servers were hacked." 
$690,000.00 / 3,000 BTC stolen 
 
[37] 2-24-2015, Swedesboro-Woolwich School District Ransomware Attack: T ​ he entire IT system of 
aN​ ew Jersey town​ was taken hostage by similar malware to CryptoLocker and CryptoWall. 
$124,000.00 / 500 BTC stolen 
 
[38] 3-18-2015, Evolution Marketplace Exit Scam: L ​ ike [22] Sheep Marketplace, ​Evolution Marketplace 
was a ​Dark Web exchange service​ whose owners "​ disappeared." 
$1,200,000.00 / 43,000 BTC stolen 
 
[39] 4-6-2015, CryptoWall Ransomware Attacks: ​In attacks which were functionally similar to 
CryptoLocker, but presumably using different exploits, hackers again froze the computers of individuals and 
organizations, such as the T​ ewksbury Police Department.​ “According to Dell, during a six month time frame 
last year, ‘CryptoWall infected more than 625,000 computers worldwide, including 250,000 in the United 
States.’” 
$1,000,000.00 stolen (according to Dell Inc. research) 
 
[40] 5-22-2015, Bitfinex Hot Wallet Hack: ​About 0.06% of the B ​ itfinex exchange's​ total holdings were 
allegedly ​stolen from their hot wallet,​ a loss which the company ​"indicated it would absorb."​ Bitfinex halted 
deposits for some time, and said they were conducting an investigation. 
$400,000.00 / 1,400 BTC stolen 
 
[41] 9-17-2015, Bitpay Social Engineering Theft: ​A hacker gained access to the email address for Bryan 
Krohn, CFO for ​Bitpay,​ a payment processor. They spoke to Bitpay's CEO, Stephen Paid, and executive 
chairman Tony Gallippi, convincing them to "authorize three payments totalling 5,000 BTC on 11th and 
12th December, including one transaction from a wallet on the bitcoin exchange Bitstamp." 
$1,800,000.00 / 5,000 BTC stolen 
 
[42] 2-16-2016, Hollywood Presbyterian Medical Center Ransomware Hack: ​Hackers used malware 
to “​ hold at ransom”​ a Los Angeles hospital (see: “​ ransomware”​), disabling their IT systems and demanding 
payment in Bitcoin. The original amount requested was $3.4 million, but the hospital “regained access after 
paying a little more than $17,000.” (Wired) 
$17,000 / 15 BTC stolen 
 
[43] 4-7-2016, Shapeshift AG Exchange Hack: ​Shapeshift​ claimed, in the weeks following this theft, that 
they were confident an “inside party” was involved. They said this w ​ as corroborated​ by the firm brought in to 
investigate, LedgerLabs and that Shapeshift were in the process of filing civil suits, in 2016. 
$200,000.00 / 469 BTC stolen 
 

5
[44] 5-13-2016, Gatecoin Hack: ​Gatecoin,​ a Hong Kong-based exchange for Ethereum-based "DAO," or 
Decentralized Autonomous Organization, and other digital assets, claimed their hot wallets had been hacked. 
$2,500,000.00 / 250 BTC stolen 
 
[45] 6-7-2016, University of Calgary Ransomware Hack: T ​ he vice president of finances and services 
announced via press release that their organization had paid a ransom to recover their encrypted email server. 
In Canada, and other countries but not all, a malware attack like this “is considered a criminal act.” (​ CBC) 
$20,000.00 / 20 BTC stolen 
 
[46] 6-17-2016, DAO Hack: ​The team responsible for developing t​ he DAO​ had allegedly written an 
effective fix for the vulnerability which allowed for this incident to take place, before the hacker was able to 
drain ETH from their centralized structure. A vulnerability in the smart contract network which the 
developers for the DAO created allowed a hacker to drain ETH from their centralized structure. Allegedly, 
the team had ​written a fix​ for the vulnerability just a few days before the main event of the theft took place, 
but hadn’t released it in time. 
$amount / stolen 
 
[47] 8-2-2016, Bitfinex Security Breach: B ​ itfinex said in a​ n announcement​ on their exchange's blog that a 
"security breach"​ required them to halt their service and "settle open margin positions, associated financing, 
and/or collateral affected by the breach." One week later, Bitfinex ​discounted its users' accounts by 36.067%​, 
to account for the "loss" from the "security breach." In compensation, BFX tokens were distributed "equal to 
each customer's exact losses." They claimed to r​ edeem 100% of BFX tokens​ in April, 2017, with the help of 
the DoJ, though they did not release any corroborative information. 
$72,000,000.00 / 119,756 BTC stolen 
 
[48] 2-17-2017, Bitcurex Exchange Hack: ​Like [19], the owner of B ​ itcurex​ waited a week before 
disclosing a severe hack to their customers. Their service was ​"one of the bigger"​ exchanges servicing the 
European markets at the time of its closure. 
$50,000,000.00 / 2,300 BTC stolen 
 
[49] 2-17-17, Zerocoin Glitch Hack: ​A hacker found ​an exploit in the source code​ for "Zerocoin" which 
allowed them to "reuse his/her existing valid proofs to generate additional Zerocoin." The bug was reportedly 
created with a single character. 
$585,000.00 / 370,000 ZCash stolen 
 
[50] 2-24-2017, Coinhoarder Phishing Scams: ​"Cisco identified a​ n attack pattern​ in which the threat 
actors behind the operation would establish a "gateway" phishing link that would appear in search results 
among Google Ads. When searching for crypto-related keywords such as "blockchain" or "bitcoin wallet," the 
spoofed links would appear at the top of search results. When clicked, the link would redirect to a "lander" 
page and serve phishing content in the native language of the geographic region of the victim's IP address." 
-Talos Intelligence 
$1,800,000.00 
 
[51] 4-24-2017, Asian-European Currency Ponzi Scam: "​Suspect Xu,"​ as described by authorities who 
charged him with fraud, operated a "multi-layer marketing scheme" based on virtual currency. 
$680,000.00 
 

6
[52] 4-26-2017, Yapizon Exchange Hack: T ​ wo details make this instance similar to [47]; like Bitfinex, the 
Yapizon exchange claimed about a third of their funds had been stolen (37.08%); and, they were docking each 
customer's balances relative to that loss, with an IOU token being created in its place. T ​ heir token was called 
"FEI."​ South Korean officials have stated this specific incident may have had involvement by North Korea. 
$7,600,000.00 / 3,831 BTC stolen 
 
[53] 5-17-2017, eBitz Exit Scam: A ​ thread o​ n BitcoinTalk​ started by user "YIz" and mentioning another, 
"iudica," solicited information from victims of two alleged exit scams, Opair.co and Ebitz.org, which they 
allege were "done by the same guy(s)." 
$2,900,000.00 / 388 BTC stolen 
 
[54] 6-2-2017, QuadrigaCX Contract Error: ​A notice published to the /​ r/Ethereum reddit​ forum by 
QuadrigaCX, a Canadian Bitcoin exchange started by Gerald Cotten, explained that due to an "irregularity" 
with their "ETH/ETC splitter contract," ​60,000 Ether had become "trapped,"​ though their announcement 
contained no wallet addresses for proof. 
60,000 ETH allegedly frozen 
 
[55] 6-26-2017, VERI ICO Hack: F ​ounder Reggie Middleton ​told his ICO participants​ that, in the week 
following the beginning of selling VERI tokens, 36,000 of them were stolen from Veritaseum and sold on the 
decentralized exchange EtherDelta. CoinDesk noted that in this time, VERI accounted for "80%" of the 
DEX's volume for Ether trades. 
$8,000,000.00 / 36,000 VERI stolen 
 
[56]6-29-2017, Bitthumb Hack and PII Leak: ​Both won and personal information belonging to "30,000 
users" was allegedly s​ tolen by hackers ​from the servers of ​Bitthumb​, a Korean crypto exchange. South Korean 
officials indicated this may have had involvement by North Korea. 
$31,000,000.00 stolen 
 
[57] 6-29-2017, ClassicEtherWallet DNS Hack: L ​ ike [18], this was a social engineering hack. The hacker 
"convinced support staff at a web hosting provider" to grant them access to the official domain of the 
ClassicEtherWallet service​. They swapped the deposit address on the site for their own, and for a period of 
about 48 hours users were sending ETH directly to the hacker. 
1,001 ETH stolen 
 
[58] 7-4-2017, AlphaBay Exit Scam: L ​ ike [22] and [38]; A​ lphaBay​ was an escrow system for the Dark Web 
which suddenly went offline, leading to a 100% loss for any users with funds held on the service. NYMag 
refers to this incident as "possible the largest exit scam in history.” 
$4,000,000.00 
 
[59] 7-18-2017, CoinDash ICO Cryptojack: T ​ he ETH address which was being used for C ​ oinDash​’s 
ICO was replaced, only 13 minutes after the sale started, by an attacker who had gained access to their site. 
The hacker then allegedly ​returned 20,000 of the stolen ETH,​ which the company said allowed them to 
“remain on schedule.” 
$7,000,000.00 / 35,000 ETH stolen 
 
[60] 7-19-2017, Parity Wallet Breach: “​As reported by the startup, the issue is the result of a bug in a 
specific multi-signature contract known as wallet.sol. Data suggests the issue was mitigated, however, as 

7
377,000 ethers that were potentially vulnerable to the issue were recovered by white hat hackers." ​(CoinDesk) 
$30,000,000.00 / 153,000 ETH stolen 
 
[61] 7-25-2017, BTC-e Exit Scam: B ​ TC-e​ was an exchange widely believed to have been run by ​Alexander 
Vinnik​. However, "according to Pawel Kusowski, CEO of Coinfirm, right after (Alexander's) arrest, 66,000 
Bitcoins" were sent from accounts associated with BTC-e through "mixer" services. Vinnik was arrested in 
Greece, and "faces accusations of leading a money laundering operation estimated at around $4 bln, and it is 
also presumed that A ​ lexander took part in the MtGox hack.​" 
66,000 BTC stolen 
 
[62] 8-3-2017, WannaCry Ransomware Attacks: ​One of the most significant, and resilient, incidents of 
ransomware in history. “A new variant of WannaCry ransomware forced Taiwan Semiconductor 
Manufacturing Company (TSMC) to temporarily shut down several of its chip-fabrication factories in 
August 2018.” In all, more than 300,000 computers have been infected. 
$130,634.77 / 50.62 BTC stolen 
 
[63] 8-21-2017, Enigma ICO Pre-Sale Identity Theft Scam: ​Sent to me from E ​ nigma: ​"There was a 
social account compromised three weeks before token sale. People were victimized by scammers who posted a 
fake link for 'presale contributions.' We took back control of the account within the hour, but $500k in ETH 
and usd was already sent to the address. We took responsibility for the security compromise and r​ ecompensed 
everyone hurt in the scam attempt.​" 
$500,000.00 / 1,500 ETH stolen 
 
[64] 10-2-2017, MsCollec BitcoinTalk Malicious WiFi Hack: ​"My wallet got cleaned out, I dont know 
how it happened. I'm currently on a trip maybe i got connected to a malicious WIfi. All the token are 
currently here ​https://etherscan.io/address/0x33455fd51b59852e6f80514169517a35588c2a0c#tokentxns​" 
(BitcoinTalk) 
 
[65] 11-6-2017, Parity Frozen Wallets Bug: ​"I accidentally killed it," is how ​GitHub user "devopps199" 
announced to the users of the Parity service they had discovered, and "triggered," a bug, which in effect ​froze 
thousands of user wallets​ which were holding over 500,000 ETH, and were using the "multi-sig" function. 
513,374 ETH locked 
 
[66] 11-21-2017, Tether Critical Announcement: ​On a new page on Tether's website, the stablecoin 
company announced to its users that funds were removed from their own "Treasury Wallet" by an "external 
attacker," but that "As Tether is the issuer of the USDT managed asset, we will not redeem any of the stolen 
tokens(...)". The ~30m USDT were "Frozen"; however, there is no known proof of any Tether customer 
having ever redeemed a single USDT for USD from the company. 
30,950,010 USDT frozen 
 
[67] 11-22-2017, South Korea Shuts Down Bitcoin Ponzi Scheme: ​"Middle-aged investors" were "lured" 
into a Ponzi scheme, according to the ​Jeonbuk Iksan police department and cybersecurity agency.​ They 
arrested seven men in connection with the scam. "During interrogation, Jang, the operator of the ponzi 
scheme, claimed that the group never intended to run a multi-million dollar scam at the beginning. The group 
established a bitcoin investment firm initially to assist investors in investing in the cryptocurrency market. 
But, over time, as the business grew, the group decided to abuse its clientbase by alluring investors into a 
scam." 
$38,000,000.00 / stolen 

8
 
[68] 11-26-2017, Bitcoin Gold Wallet Repository Hack: A ​ ccording to ​Reddit user "Uejji,"​ the website 
for "Bitcoin Gold," ​mybtgwallet.com,​ was storing user passwords "in base 64 and stored it on the website 
cookie, which was later transmitted to Google There, the scammer was free to decode it and steal the person's 
funds." 
$3,300,000.00 stolen 
 
[69] 12-6-2017, NiceHash Exchange hack: U ​ sers of the ​Nicehash mining pool​ service began to discuss on 
Reddit their missing funds from internal wallets stored on the site a few hours before the company made an 
announcement explaining, there has been ​a security breach​...our payment system was compromised and the 
contents of the NiceHash Bitcoin wallet have been stolen." 
$60,000,000.00 / 4,700 BTC stolen 
 
[70] 12-10-2017, Bitcoin Platinum Exit Scam: "​Investors in the local cryptocurrency exchange market are 
outraged over Bitcoin Platinum, an alleged scam created by a South Korean teenager."..."The Twitter handle 
@bitcoinplatinum, the official account of the B ​ itcoin Platinum project​ has advertised the project, as a hard 
fork of the Bitcoin Blockchain."..."However, the Twitter account has not provided the public with any 
information about supporters, developers, investors and/or miners." 
??? stolen 
 
[71] 12-19-2017, Youbit Exchange Hack: Y ​ oubit​ was previously hacked, when they were known as 
"Yapizon" [47]. Immediately following this incident, their exchange declared bankruptcy, and said to 
minimize losses they would "Seek to pare losses by tapping insurance funds and selling a stake in the 
exchange." Read the CoinDesk article for details on possible North Korea tie to their first hack. 
??? stolen 
 
[72] 12-25-2017, RegalCoin Ponzi Stops Trading: R ​ egalCoin​ was an ICO and High Yield Investment 
scheme which operated during the same time as B ​ itconnect​. 
??? stolen 
 
[73] 1-7-2018, AT&T Customer Claims Sim Jacking: M ​ ichael Terpin​ is still suing AT&T over a theft he 
claims was able to be carried out because hackers spoofed, or swapped, his SIM card (a common method of 
bank- and crypto-fraud). 
$23,800,000.00 stolen 
 
[74] 1-14-2018, BlackWallet Hack: "​According to cybersecurity reearcher Kevin Beaumont, the attacker 
hijacked BlackWallet’s domain name system (DNS) server over the weekend, adding a piece of code which 
transferred any deposits of 20 or more lumens into another wallet." - ​CoinDesk 
$400,000.00 / 670,000 XLM stolen 
  
[75] 1-16-2018, Bitconnect Shut Down: ​Investigations are still ongoing into the leadership of Bitconnect 
and their affiliated enterprises, which span the globe. ​Bitconnect​ shut down their high interest loan services, 
including the payouts for referrals / commissions, because of an order given by the Texas State Securities 
Board. 
??? stolen 
 
[76] 1-23-2018, Benebit Exit Scam: ​The B ​ enebit platform​ was supposed to resemble a customer loyalty 
program, but investors in the ICO soon realized it was a simple exit scam. Doctored photos of their 

9
non-existent team,​ and deleted social profiles, were just some of the clues. 
$2,700,000.00 stolen 
  
[77] 1-26-2018, Coincheck Exchange Hack: H ​ ackers were somehow able to make copies of the private key 
for ​Coincheck's​ hot wallets, and in just a few transactions, steal thousands in customer funds from the 
Japanese exchange. The employees reported the theft to the FSA and police the same day, and made a p ​ ublic 
apology. 
$400,000.00 / 500,000,000.00 XLM stolen 
  
[78] 1-29-2018, Experty ICO Scam: R ​ eal participants of the Experty ICO started receiving believable, fake 
emails purporting to have details for how to purchase "Pre-ICO" EXY tokens. Some users on Twitter claimed 
it looked like an "inside job," but no proof or further explanation has been given. 
$150,000.00 stolen 
  
[79] 2-1-2018, Bee Token ICO Scam:​ICO participants were sent emails which were spoofing the B ​ ee 
Token's​ employees, offering details about a "pre-sale," but any ETH sent to the provided addresses were 
stolen. 
$920,000.00 / 890 ETH stolen 
  
[80] 2-4-2018, Seele ICO Insider Hack: A ​ nother social engineering hack on an ICO, this time perpetrated 
on Telegram. S​ eele​ support staff were impersonated, in order to trick would-be investors into s​ ending ETH to 
a fraud address. 
$1,800,000.00 / 2,162 ETH 
  
[81] 2-11-2018, Bitgrail NANO Hack: ​Like nearly these incidents, reports about this B ​ itgrail hack​ are 
conflicting. Francesco Firano, owner of the exchange, says he caught the "hack" early and contacted NANO 
to have the transactions reversed; but others say it was him, or someone working for him, who caused the loss. 
$120,000,000.00 /170,000,000 NANO stolen 
  
[82] 3-1-2018, BTC Global Ponzi Scheme: B ​ TC Global​ was a scheme ran by a user going as "Steve 
Twain"; they paid out "inconsistent" weekly installments to the victims, before ​disappearing​ with the bulk of 
the deposits. 
$50,000,000.00 stolen 
  
[83] 4-8-2018, GainBitcoin India Ponzi Scam: "​Bharadwaj, along with his associates had started the 
multilevel marketing scheme​ and would conduct seminars to lure victims into investing in Bitcoin, with 
assurances of large financial gains. He took help of P ​ ankaj Ladakhiya,​ a motivational speaker, who would 
conduct seminars in India and abroad. Bhardwaj stopped paying returns to investors and fled in January." 
Authorities were later able to recover 451,999 BTC after a​ rresting Bharadwaj in December 2018. 
$300,000,000.00 
  
[84] 4-10-2018, Sailesh Bhatt Alleged Extortion: S​ailesh Bhatt,​ a Bitcoin broker, said he was kidnapped 
by men who came to his house in police vehicles, then forced him to t​ ransfer his Bitcoin to them. 
$1,300,000.00 / 200 BTC stolen 
  
[85] 4-12-2018, iFan Ponzi Scheme: M ​ odern Tech, a Vietnamese IT company, is alleged to have also 
operated "​ iFan,"​ a ponzi scheme which was a registered investment company in Singapore. They promised "at 
least 48%" returns per month, which they quickly started to pay out in their own currency, iFan Coins, before 

10
stopping all payments. 
$650,000,000.00 stolen 
  
[86] 4-13-2018, Coinsecure Exchange Hack: ​Coinsecure​ blamed this hack on a "rogue employee," Dr. 
Amitabh Saxena, who they told investigators was "making a false story to divert our attention and he might 
have a role to play in this entire incident.” They say he made certain operations to distribute Bitcoin Gold 
(BTG) in an online environment, which exposed their private keys. 
$3,300,000.00 / 438 BTC stolen 
  
[87] 4-24-2018, MyEtherWallet DNS Hack: S​omehow, a ​hacker​ was able to manipulate a Google DNS to 
"resolve the domain" for the MyEtherWallet service to a "bad server," which was able to ​steal users' private 
keys and extract funds. 
$152,000.00 / 215 ETH stolen 
 
[88] 5-23-2018, Taylor Trading Crypto ICO Hack: ​The "entire amount" which Taylor Trading Crypto 
raised in their ICO, selling ​TAY tokens, w ​ as stolen by a hacker. Well, not all of it: "The only tokens that were 
not stolen are the ones from the Founders’ and Advisors’ pools, because there’s a vesting contract making 
them inaccessible for now.” 
$1,500,000.00 / 2,578 ETH stolen 
 
[89] 6-5-2018, Syndicate Wallet ICO Hack: ​"[I]nvolved a Japanese syndicate that had gathered 
participants for Shopin's Token Generation Event using a hot MyEtherWallet storage wallet containing a 
large amount of various tokens, including 61 million Shopin Tokens. Shortly after successfully receiving the 
allotment of participant tokens, [ … ] the syndicate member's wallet was hacked by what authorities believe 
was someone with credentialed access." -​PRNewswire 
$`10,000,000.00 stolen 
 
[90] 6-10-2018, Coinrail Exchange Hack: D ​ ecentralized exchanges IDEX and EtherDelta were allegedly 
used, or attempted to be used, to launder the stolen ERC-20 tokens from the ​Coinrail exchange.​ The service, 
for whatever reason, did not originally disclose how much was stolen, or even which currencies. 
$40,000,000.00 / 1,927 ETH stolen 
  
[91] 7-9-2018, Bancor Hack: ​Like [83], Pundi X's "NPXS" tokens were stolen in this incident. B ​ ancor​ said 
"a wallet used to u
​ pgrade some smart contracts​ was compromised." 
$23,500,000.00 / 24,894 BTC stolen 
 
[92] 7-26-2018, KICKICO Security Breach: T ​ heir ​announcement:​ "On July 26 at 9:04 (UTC) 
KICKICO has experienced a security breach, which resulted in the attackers gaining access to the account of 
the KICK smart contract — tokens of the ​KICKICO platform.​ The team learned about this incident after the 
complaints of several victims, who did not find tokens worth 800 thousand dollars in their wallets." 
$7,700,000.00 / 700,000,000 KICK stolen 
  
[93] 9-5-2018, OneCoin Ponzi scheme: "​OneCoin​ was a multi-level marketing company that tricked 
investors into buying into what they believed to be a legitimate investment. After the investments were taken 
in, Marks and his co-conspirators ​laundered the investor money​ through several shell companies based all 
around the world. Some of the money laundered—around USD $400 million of f​ unds stolen​ from defrauded 
investors—was used to purchase a massive mansion for Scott and his family in Massachusetts." 
$400,000,000.00 stolen 

11
  
[94] 9-20-2018, Zaif Exchange Hack: "​The licensed exchange, called ​Zaif,​ is operated by the Tech Bureau. 
It said on Thursday that the exchange first noticed an unusual outflow of funds on the platform around 
17:00 Japan time on September 14, after which the company suspended asset deposit and withdrawal services. 
Tech Bureau explained that after further investigation, it discovered that hackers with unauthorized access to 
the exchange’s hot wallets had stolen roughly $60 million in bitcoin, bitcoin cash, and MonaCoin. That being 
said, the exact amount of bitcoin cash stolen remains unknown." (CoinDesk) 
$60,000,000.00 / 913 BTC 
 
[95] 10-8-2018, SpankChain ICO Hack: "​Unfortunately, as we were in the middle of investigating other 
smart contract bugs, we didn’t realize the hack had taken place until 7:00pm PST Sunday, at which point we 
took S​ pank.Live​ offline to prevent any additional funds from being deposited into the payment channels 
smart contract." 
$40,000.00 / 165 ETH stolen 
  
[96] 10-15-2018, William Kopko Ransom: N ​ ine of the suspects were arrested in Costa Rica while three 
were nabbed in Spain, according to Television New Zealand. It’s now three months since the American 
businessman w ​ as kidnapped​ in the Central American country. Kopko’s family paid a ransom of nearly 
$950,000 in bitcoin which was demanded shortly after he disappeared. However, Kopko, who owns the 
online gambling platform 5Dimes, was never released and i​ s still missing." 
$950,000.00 stolen 
  
[97] 10-25-2018, Australia XRP Hack: ​"The victim told investigators he believed his email account had 
been hacked the previous month and was subsequently locked out of his account for two days in 
mid-January. When he regained control of the account and checked the activity, he noticed his 
cryptocurrency account had also been compromised​ leaving almost a zero balance." 
$450,000.00 / 100,000 XRP stolen 
  
[98] 10-28-2018, MapleChange Exchange Exit Scam: ​"Due to a bug, some people have managed to 
withdraw all the funds​ from our exchange. We are in the process of a thorough investigation for this. We are 
extremely sorry that it has to come to end like this. Until the​ investigation is over,​ we cannot refund 
anything." 
$6,000,000.00 / 913 BTC stolen 
  
[99] 10-29-2018, Oyster Protocol CEO Exit Scam: "​Earlier today, it was discovered that the 
transferDirector function was utilized on the O ​ yster Protocol token contract.​ This allowed the new director 
to re-open the ICO for PRL and re-issue new tokens (1 ETH = 5000 PRL / .04 per PRL). The individual in 
question then sent these tokens (upwards of 3M PRL) to KuCoin where the tokens were market sold. They 
were able to e​ xtract ~$300,000 in funds​ prior to us being able to shut down trading and withdrawals on 
KuCoin." A company going by CipherBlade was hired to investigate; ​their report​ blamed Bruno Block. 
$300,000.00 stolen 
  
[100] 11-7-2018, Dragon Coin Exit Scam: "​During the hearings, Thai prosecutors accused the three 
defendants and six accomplices of defrauding 21-year-old Finnish investor A ​ amai Otava Saarimaa​ back in 
2017. According to the investigation, he was persuaded to buy shares in Expay Software Co, invest in a 
gambling-focused crypto token Dragon Coin (DRG), and buy 500 million shares in DNA (2002) Co, which 
he consequently did by transferring crypto to the siblings’ wallets." 
$2,400,000.00 stolen 

12
  
[101] 11-13-2018, PureBit Exit Scam: ​"On November 4, the group conducted an initial coin offering 
(ICO) to raise nearly $30 million using Ethereum (ETH) to build a cryptocurrency exchange...On November 
13, as C
​ CN reported,​ Pure Bit and ​its operators​ shut down all of their social media handles including 
KakaoTalk groups, kicking out investors in various public chat groups with the message “I’m sorry.”" 
$2,800,000.00 / 13,000 ETH stolen 
  
[102] 11-21-2018, Nicholas Truglia SIM Swapping Hack: "​Remember that kid that got tortured by his 
friends in an attempt to steal his BTC about a month ago? Well, turns out he may have actually made his 
cryptocurrency fortune by stealing it from a Silicon Valley exec, after pulling an elaborate SIM-swapping 
scheme. Santa Clara investigators recently arrested Nicholas Truglia, a 21-year-old con man from New York, 
for removing $1 million in cryptocurrency from exchange accounts belonging to the Bay Area‘s richest, N ​ ew 
York Post reports." 
$1,000,000.00 stolen 
  
[103] 11-26-2018, Bulgaria Police Charge 3 With Crypto Hack: ​"In its s​ tatement,​ the Prosecutor’s 
Office said that the investigation, which was first launched back in June of this year, is the first of its kind in 
both Bulgaria and Europe. The three people arrested appear to have been fairly sophisticated, with the 
prosecutor saying that they had exceptionally high “computer literacy skills,” which enabled them to steal the 
cryptocurrency. Those notebooks appear to indicate that the fraudsters were using a range of different 
accounts, with both real and fake users, to steal cryptocurrency." 
$5,000,000.00 stolen 
 
[104] 12-26-2018, Exmo CEO Pays Ransom: ​“According to Russian and Ukrainian media reports P ​ avel 
Lerner,​ 40, was kidnapped while ​leaving his office​ in Kiev's Obolon district on 26 December. The reports said 
he was dragged into a black Mercedes-Benz by ​men wearing balaclavas.” 
$1,000,000.00 stolen 
 
[105] 12-27-2018, Electroneum Wallet Hack: "​The hacker setup a whole bunch of malicious servers,” 
Reddit user u/normal_rc explained: “If someone's ​Electrum Wallet​ connected to one of those servers, and 
tried to send a ​BTC transaction,​ they would see an official-looking message telling them to update their 
Electrum Wallet, along with a scam URL." 
$800,000 / 250BTC stolen 
 
[106] 1-7-2019, ETC 51% Gate.io Attack: “​Gate.io's​ censor successfully blocked [the] attacker's 
transactions at the beginning and submitted them to [a] manual exam. Unfortunately, during the 51% attack, 
all the transactions looked valid and confirmed well on the blockchain..." 
$271,500.00 / 40,000 ETC stolen 
 
[107] 1-15-2019, Cryptopia Exchange ERC20 Hack: ​"The exchange that was affected was the New 
Zealand based Cryptopia. The exchange has since been on maintenance as the team at C ​ ryptopia​ continues to 
assess the damage and losses made during the hack. They are also collaborating with New Zealand Authorities 
to bring the criminals to justice." 
$16,000,000.00 / ETH + ERC-20 tokens stolen 
 
[108] 1-26-2019, LocalBitcoins Hack: "​The funds were taken from more than 76k different wallets, none 
of which were smart contracts. The thieves must have gained access to not one private key, but thousands of 

13
them. - E
​ lementus​" 
$28,000 / 8+ BTC stolen 
 
[109] 2-1-2019, Joel Ortiz SIM Swapping Hack: ​“Authorities reportedly state that Ortiz is the first 
individual convicted of a crime for SIM swapping. SIM swapping is growing in popularity with criminals as a 
means to steal fiat, crypto, and even social media usernames and handles, which can subsequently be sold on a 
black market. The Instagram account “@t” reportedly sold for $40,000 in Bitcoin (BTC)." ​(CoinTelegraph) 
$5,000,000.00 stolen 
 
[110] 2-5-2019, QuadrigaCX Bankruptcy: "​Citing a creditor protection filing from the Nova Scotia 
Supreme court, the Globe and Mail states that the firm has been ​unable to locate or access the funds​ since 
Cotten passed on Dec. 9, leading to a liquidity crisis at the exchange. QuadrigaCX filed for creditor 
protection in compliance with the Companies' Creditors Arrangement Act (CCAA) on Feb. 1." See: (​ Jen 
Robertson Affidavit) 
~​$145,000,000.000 / 26,489 BTC stolen 
 
[111] 2-23-2019, CoinMama PII Leak: ​"The official statement of the exchange disclosed that 450,000 
email addresses and passwords were leaked in a massive global hacking attack involving 24 websites and some 
747 million records." 
Personal information stolen 
 
[112] 2-27-2019, Bitstrades ICO Exit Scam: ​According to the FIR, the accused took 190 investors on 
tours to Bangkok and Singapore to gain their trust. The police suspects many of these investors could have 
been duped by Bitstrades, but are hesitating to come forward. “[The] majority of investors who lost money in 
the racket are yet to come forward. We hope that following the registration of the complaint, they will 
provide details of cheating about the accused to [the crime department],” an investigating officer told TOI. 
The discovery of ​Bitstrades as a pyramid scheme ​has highlighted the lack of due diligence in the 
cryptocurrency industry. 
$230,000.00 stolen 
 
[113] 2-27-2019, Coinomi Wallet Google Authentication Vulnerability: ​"According to 
cryptocurrency investor ​Warith Al Mawali,​ he has lost all of his life savings in the tune of $60,000 to $70,000 
on Coinomi, a widely utilized crypto wallet on Android. In a detailed report, Mawali claimed that a c​ ritical 
vulnerability​ found on the wallet led to the loss of user funds as it compromised the private key of his wallet." 
$70,000.00 stolen 
 
[114] 2-28-2019, My Big Coin Exit Scam: “​Randall Crater​ was nabbed in Florida on Wednesday for his 
part in persuading investors that the digital dosh was backed by real gold coins. Twenty-eight of them handed 
over a total of $6m – an average of $215,000 – to fund the business, having been told there was a total of 
$300m in gold behind the operation.” (The Register) 
$6,000,000.00 stolen 
 
[115] 3-8-2019, AUSTRAC Shuts Down Two Exchanges For Drug Money Laundering:  
"[T]wo ​Australian cryptocurrency exchanges​ have been suspended by AUSTRAC after a ‘key member’ 
involved in the businesses was arrested during ​Australian Federal Police raids​ across Melbourne yesterday." 
$2,000,000.00 
 

14
[116] 3-8-2019, Morgan Rockcoons Bitcointopia Fraud: "​A bitcoin entrepreneur who pitched an 
elaborate vision for a c​ ryptocurrency Utopia​ in the Nevada high desert pleaded guilty to wire fraud in San 
Diego federal court this week, admitting he sold land he never owned to investors." 
$45,000 stolen 
 
[117] 3-10-2019, CrashDoge Withholds Withdrawals: C ​ haboJ ​on Reddit:​ "CrashDoge, 
CrashingBitcoin and CrashingCrypto are GIANT SCAMS. They stole $8,000 of my money. STAY 
AWAY...I recently went on CrashDoge.com to try my luck. I am a gambling YouTuber with a channel called 
StackGambler. I deposited 5,000 Dogecoins with the intent of making 500,000 Dogecoins." 
$6,000,000.00 stolen 
 
[118] 3-12-2019, Bitcoin ATM Double-Spenders: ​In “targeted” attacks, multiple people went to many 
Bitcoin ATMs in seven Canadian cities, which they were able to make “​ double-spends”​ on by immediately 
canceling the transaction before any change has processed it. P ​ olice say​ they carried out 112 “fraudulent 
transactions.” 
$200,000.00 stolen 
 
[119] 3-15-2019, Monacoin Hack: "​An 18-year-old boy was referred to prosecutors Thursday for allegedly 
stealing about ¥15 million ($134,300) worth of cryptocurrency last year by ​hacking a digital currency storage 
website,​ police said. The case is the first in Japan in which criminal charges have been pursued against a h ​ acker 
over cryptocurrency losses,​ the police said." 
$134,300.00 stolen 
 
[120] 3-25-2019, DragonEx Exchange Hack: D ​ ragonEx​ is an exchange which primarily uses Tether 
USDT pairs. They initially said they were shutting off the service for “maintenance,” but within a day they 
then told customers they had been hacked, had alerted numerous authorities, and had some of the stolen 
funds returned, or halted at other exchanges like Gate and Huobi. 
??? stolen 
 
[121] 3-27-2019, CabbageTech Exit Scam: ​The U.S. Attorney’s Office of the Eastern District of New 
York announced Tuesday that it has unsealed a nine-count indictment charging Patrick McDonnell, also 
known as “Jason Flack,” with wire fraud and has arrested him….Between November 2014 and January 2018, 
McDonnell allegedly represented himself as an experienced cryptocurrency trader, promising customers that 
he would provide them with trading advice, as well as buy and trade cryptocurrency on their behalf. 
...However, neither McDonnell nor CabbageTech provided any investment services, according to the 
indictment. Instead, he sent investors “false” balance statements indicating that their investments were 
profitable, and “stole their money for his personal use.” When customers requested refunds, McDonnell 
allegedly first made excuses for delays in repayment and later stopped responding at all. (​ CoinDesk) 
$200,000.00 stolen 
 
 
 
 
 
 
 
 
 

15
 

16
Missing Crypto Timeline Figures, April 2019 - @KyleSGibson 

Fg 1a

Fg 1b

16
Fg. 2a:​Includes only Bitcoin-related incidents in which the amount involved was known*, showing by day the cumulative amount of 
money involved in lost or stolen Bitcoin incidents, the price of Bitcoin according to Blockchain.com (and predominantly based on 
Mt Gox before 2014), and the estimated total value of the “Missing Bitcoins.” (*”Bitcoin-related” events with amount involved not 
publicly known were not included here, but are in other figures.)  
Totals: 61 incidents, $1.59 billion in cumulative “Missing Bitcoin,” 1,583,592.063 BTC involved. 
The total market value of publicly known “Missing Bitcoin” almost reached $30 billion in late 2017, early 2018. 
 

 
Fg. 2b 
 
 
 

17
  
Fg. 2c: “Bear Market” following the early 2014 Mt Gox hack 
 
 
 
 
 
 

 
Fg 2d 
 
 
 
 
 
 

18
  
 
Fg 3a: I​ncidents involving Bitcoin going missing appear to be shrinking in size, denominated in Bitcoin. Though, they also appear to 
be happening more frequently, compared to the period before 2014… which was before the arrival of a broader exchange and wallet 
industry. 
 

 
Fg 3b 
 
 

19
  
Fg 3c: ​The longest apparent time of there being no publicized incident of lost or stolen Bitcoin happened just as the price bottomed, 
following the peak just before Mt Gox’s 2014 hack. 
 

 
Fg 3d: ​The Zaif Exchange hack in September 2019 was apparently the first major incident of lost or stolen Bitcoin, following the 
price run-up to ~$20,000. 
 
 
 

20
  
Fg 4a: E ​ thereum came after Bitcoin, and so naturally, incidents involving lost or stolen Ethereum didn’t occur until years after the 
first Bitcoin-related incidents. Ethereum-related incidents, though, have almost reached ~20 in a shorter period than those involving 
BTC. Missing Crypto incidents not involving either Bitcoin or Ethereum started occurring in 2015, apparently, and in about 3 years 
had as many as there were Bitcoin incidents in 5 years (2011-2016). 

 
Fg 4b: E
​ xchange-related incidents of Missing Crypto have apparently been happening at a steady rate of ~10-15 per year since 2011. 

21
  
Fg 4c: ​Missing Crypto incidents which involved a hack appear to have accelerated in 2018, compared to 2011-2017. Early 2018 was 
apparently an active time for pyramid and/or Ponzi schemes involving Bitcoin. 
 

 
Fg 5a: I​n early 2018, Missing Crypto events not involving Bitcoin or Ethereum started to involve larger amounts, than the incidents 
which did. Directly Ethereum-related incidents have involved much less; though, there are ERC-20 projects in “ALL” incidents… 
 

22
  
Fg 5b: T
​ he iFan Coin incident in April 2018 ($650m involved) and OneCoin ($400m, September 2018), as well as the Coincheck 
exchange hack ($400m, late January 2018) are the incidents which come closest to Mt Gox’s record hack in 2014. 
 

 
Fg 5c: ​Publicly known ransomware incidents involving stolen crypto have not garnered as much as other methods of theft, it appears, 
though there could be much more lost to ransomware than is publicly reported. Same goes for hacks, pyramid and Ponzi schemes. 
 

23
 
$ Amount
Incident Type Incidents Missing, M % of All Missing Bitcoin $ Value, 3-30-19, M % Change
All 121 3842.868 100.00%
Bitcoin Related 78 2286.832 59.51%
Bitcoin Related -
Amt Known 61 1594.732 41.50% 1583592.1 6438.632 75.23%

Ethereum Related 20 302.732 7.88% 4410196.0 623.822 51.47%

Exchange Related 52 1742.861 45.35% 1478225.0 6010.226 71.00%

ICO Related 20 1120.340 29.15% 56485.1 229.659 -387.83%
Hack 69 1617.452 42.09% 1193380.0 4852.092 66.66%

Pyramid / Ponzi 16 1724.692 44.88% 208395.1 847.301 -103.55%

Ransomware /
Extortion 9 5.641 0.15% 56485.1 229.659 97.54%
 
Fg 6a 
 
 

Amt. BTC Gone

Year Incidents (ALL) Missing Missing BTC $ Value, 3-30-19, M $ Change
2011 5 2.800 203406 827.016 29436.29%
2012 6 6.551 282708 1149.445 17446.11%
2013 13 66.801 58842 239.242 258.14%
2014 6 470.991 664953 2703.593 474.02%
2015 11 43.494 83964 341.384 684.90%
2016 7 184.737 122810 499.326 170.29%
2017 24 524.345 74970 304.816 -41.87%
2018 33 2367.962 65443 266.081 -88.76%
2019 16 175.187 26496 107.728 -38.51%
 
Fg 6b 

24