Beruflich Dokumente
Kultur Dokumente
1
[9] 7-13-2012, Bitcoinica Mt Gox Hack: In B itcoinica's third incident, they published another Bitcointalk
thread describing how their account had been "compromised," due to the "LastPass password being a
duplicate" of one u sed by a Mt Gox API service, which had been previously compromised.
$350,000.00 / 40,000 BTC stolen
[10] 9-4-2012, Bitfloor Exchange Hack: In another hack announcement m ade on Bitcointalk, the
proprietor of the B itfloor exchange said they "needed help" after their servers were compromised and attackers
were able to duplicate their keys and steal "almost all of the BTC."
$240,000.00 / 240,000 BTC stolen
[11] 11-16-2012, BitcoinTalk Trojan Wallet Hack: A user going by “ mralbi” on BitcoinTalk began a
thread by saying "[S]tupid as i am i allowed some hacker to somehow install a trojan horse on my pc where i
stored some of my bitcoins. The hacker sent the bitcoins to the address:
1Q3KFL7Z1BTpUboDaU6Qj3t9xCXWpzNntS"
3457 BTC stolen
[12] 1-11-2013, Vircurex Exchange Hack: Customers of the V ircurex exchange are still embroiled in suits
to figure out w
hat happened to their lost funds. One suit alleges the exchange suffered multiple un-reported
hacks, and "made efforts to cover their tracks and create impediments designed to deter account holders from
bringing suit to recover the Frozen Funds."
$50,000,000.00 / 1,666 BTC stolen
[13] 2-14-2013, BitMarket.eu Exit Scam: M aciej Trebacz explained that he had no responsibility for the
Bitmarket exchange's lost funds because they were b eing held at Bitcoinica when they were stolen. Their
company also had funds lost when Polish Banks shut down their accounts.
$400,000.00 / 18787 BTC stolen
[14] 3-10-2013, BTCGuild Mining Pool Hack: During a client upgrade in advance of a hardfork, the
BTCGuild mining pool was exposed to a vulnerability which allowed attackers to d rain their hot wallet.
$50,000.00 / 1,254 BTC stolen
[15] 3-28-2013, Bitcoin Rain Exit Scam: B itcoin Rain, a crypto hedge fund, was shut down by way of a
BitcoinTalk announcement by the owner, Leandro Cesar, who claimed his related "Mercado Bitcoin"
exchange had been hacked. This event has been compared to [8] Bitcoin Savings and Trust.
2,150 BTC stolen
[16] 7-15-2013, Just Dice Incident: C hris Moore, developer for the gambling service "Just Dice,"
discovered a flaw on his site which had allowed a user to make repeated withdrawals without his balance being
debited.
$121,000.00 / 1,300 BTC stolen
[17] 8-27-2013, Bitfunder and WeExchange Hack: Jon E. Montroll, 37, plead guilty to US fraud charges
related to two Bitcoin exchanges he operated, Bitfunder and WeExchange. He admitted to "failing to disclose
to investors that hackers were able to exploit a flaw in the BitFunder code," as well as lying to investigators
about it.
$560,000.00 / 6,000 BTC stolen
2
[18] 10-1-2013, Canada Bitcoins Social Engineering Theft: A hacker spoke with a representative for the
Canada Bitcoins' datacenter over online chat, and convinced them to rest their system to "fail safe mode,"
bypassing their security and allowing them to withdraw Bitcoins.
$100,000.00 / 149 BTC stolen
[19] 10-23-2013, Input.io Wallet Hack: A BitcoinTalk user going by " TradeFortress" waited more than a
week to let the users of their "Bitcoin Bank" service, Input.io, know that their Bitcoins held on the service had
been stolen.
$1,300,000.00 / 4,100 BTC stolen
[20] 10-26-2013, GBL Exchange Exit Scam: "Almost 1,000 people deposited around $4.1 million in
Chinese Yuan" into the G BL exchange, "attracted by inducements (savings) such as fee waivers." Even though,
the exchange hadn't received any financial services license. The owners a bsconded with the funds.
$4,100,000.00 / 9,640 BTC stolen
[21] 11-19-2013, BIPS Payment Services Hack: On Nov. 15, B IPS claims they were subject to a "massive
DDoS" attack, which was in preparation for a larger attack two days later, in which "several layers of
protection" were breached and "several wallets were compromised." The payment services company disclosed
these events another full two days later.
$1,000,000.00 / 1,295 BTC stolen
[22] 11-21-2013, Sheep Marketplace Exit Scam: Sheep Marketplace was a "Dark Web" exchange service.
Its owner, Thomas Jiřikovský, and his wife Eve Bartošová, are now known as being responsible for the " largest
exit scam in the history of the Dark Web."
$6,000,000.00 / 5,400 BTC stolen
[23] 11-29-2013, Picostocks Cold Wallet Hack: In a post submitted to the / r/Bitcoin reddit forum,
"Love_Eggs_and_Bacon" of Picostocks announced they would be "down for a while," as their "hot wallet and
cold wallet account have been stolen." They said it was suspected there were insiders involved.
$6,000,000 / 5,975 BTC stolen
[24] 12-22-2013, CryptoLocker Ransomware Attacks: O ne of the earliest, notably successful
ransomware programs to utilize cryptocurrency. The C ryptoLocker attack utilized a pre-existing trojan for
Windows PCs. A DoJ “consortium” called Operation Tovar announced their takedown of the “GameOver
ZeUs” botnet which had been the primary channel tool to operate CryptoLocker.
~42,000 BTC stolen
[25] 2-7-2014, MT Gox Halts Trade Over Major Hack: F ollowing the discovery and extended fix of a
widely publicized network issue with Bitcoin, referred to as a “transaction malleability” bug, the M t Gox
crypto exchange (the largest at the time) first “halted all BTC withdrawals” on February 7. The price of
Bitcoin “fell 20%”; then, on the 24th, Mt Gox “went offline completely” and a “crisis strategy” plan was
leaked, “which declared Mt Gox’s insolvency.” This incident is known as the “most iconic exchange hack,” as
well as one of the largest cyber crimes, and has been the subject of many theories and reports.
$450,000,000.00 / 650,000 BTC stolen
[26] 3-4-2014, Poloniex Withdrawal Hack: A hacker allegedly found out that if you "place several
withdrawals at the same instant," the Poloniex exchange would process them as "valid insertions into the
3
database."
$1,000 / 97 BTC
[27] 3-4-2014, Flexcoin Hot Wallet Hack: "The first Bitcoin bank," according to Flexcoin, was
Flexcoin...even though they were never technically a bank. They shut down after a "robbery" of their hot
wallets.
$600,000.00 / 896 BTC stolen
[28] 3-9-2014, PonziCoin Exit Scam: A nameless developer created a service, " PonziCoin," which
ostensibly would operate as a pyramid scheme, but it ended up operating like a simple e xit scam; nobody
received any payouts.
10 BTC stolen
[29] 3-11-2014, Crypto Rush Hack: F rom the owner of the Crypto Rush exchange: "The guilt was starting
to build up inside of me. I answered very few tickets the week of the 16th. [...] I wanted so bad for the
exchange to stay afloat, thinking ‘Maybe tomorrow will bring us back our volume!” But alas, the problems
with Zeit, and BTC withdrawals killed our volume. There was no coming back.’"
$800,000.00 / 950 BTC stolen
[30] 5-15-2014, Cryptsy Exchange Hack: Like [24] Mt. Gox, this "hack" was (at best) coincidentally
divulged after m onths of customers reporting issues with withdrawals. Now those creditors have been
involved in multiple lawsuits against the Cryptsy exchange.
$9,580,000.00 / 13,000 BTC stolen
[31] 10-8-2014, Mintpal Exchange Exit Scam:
"Alex Green," or "Ryan Kennedy," bought the Mintpal exchange and allegedly stole all of its customers funds,
then was subsequently arrested in the US, on rape charges.
$1,300,000.00 / 3,894 BTC stolen
[32] 1-4-2015, Bitstamp Hot Wallet Hack: In a statement, B itstamp told its customers that their wallet
system had been compromised and some BTC had been stolen, but that it was a "small fraction" of their total
reserves. A leaked document in July 2015 claimed the hack was the result of a successful phishing attempt on
the exchange's employees.
$5,000,000.00 / 19,000 BTC stolen
[33] 1-28-2015, 796 Exchange Hack: Hackers were able to, according to the owner, "compromise a
certain weakness" on the servers of Chinese-based exchange 7 96, and make edits which redirected customer
deposits to a wallet besides their hot wallet.
$230,000.00 / 1,000 BTC stolen
[34] 2-9-2015, MyCoin Exchange Ponzi Scheme: A dvertised as a High Yield Investment Product,
MyCoin turned out to be a simple exit scam which operated for a short time like a Ponzi. Its victims, who
were mostly in Hong Kong, invested an "average of $400,000" and waited for their payouts. The proprietors
vanished.
$8,000,000.00 stolen
[35] 2-15-2015, BTER Cold Wallet Hack: T he website of the BTER exchange was altered to display a
4-line message announcing "BTC got stolen" and a "720 BTC bounty for chasing it back." The exchange had
4
a similar event previously, but in that incident they claimed to have "negotiated for a partial return of those
funds." ( CoinDesk)
$1,750,000.00 / 1,170 BTC stolen
[36] 2-19-2015, Kipcoin Exchange Hack: The Kipcoin exchange offered "a 22% annualized interest, paid
daily" and said they were planning to launch a futures exchange, before they claimed on the day before
Chinese Lunar New Year that "their wallet servers were hacked."
$690,000.00 / 3,000 BTC stolen
[37] 2-24-2015, Swedesboro-Woolwich School District Ransomware Attack: T he entire IT system of
aN ew Jersey town was taken hostage by similar malware to CryptoLocker and CryptoWall.
$124,000.00 / 500 BTC stolen
[38] 3-18-2015, Evolution Marketplace Exit Scam: L ike [22] Sheep Marketplace, Evolution Marketplace
was a Dark Web exchange service whose owners " disappeared."
$1,200,000.00 / 43,000 BTC stolen
[39] 4-6-2015, CryptoWall Ransomware Attacks: In attacks which were functionally similar to
CryptoLocker, but presumably using different exploits, hackers again froze the computers of individuals and
organizations, such as the T ewksbury Police Department. “According to Dell, during a six month time frame
last year, ‘CryptoWall infected more than 625,000 computers worldwide, including 250,000 in the United
States.’”
$1,000,000.00 stolen (according to Dell Inc. research)
[40] 5-22-2015, Bitfinex Hot Wallet Hack: About 0.06% of the B itfinex exchange's total holdings were
allegedly stolen from their hot wallet, a loss which the company "indicated it would absorb." Bitfinex halted
deposits for some time, and said they were conducting an investigation.
$400,000.00 / 1,400 BTC stolen
[41] 9-17-2015, Bitpay Social Engineering Theft: A hacker gained access to the email address for Bryan
Krohn, CFO for Bitpay, a payment processor. They spoke to Bitpay's CEO, Stephen Paid, and executive
chairman Tony Gallippi, convincing them to "authorize three payments totalling 5,000 BTC on 11th and
12th December, including one transaction from a wallet on the bitcoin exchange Bitstamp."
$1,800,000.00 / 5,000 BTC stolen
[42] 2-16-2016, Hollywood Presbyterian Medical Center Ransomware Hack: Hackers used malware
to “ hold at ransom” a Los Angeles hospital (see: “ ransomware”), disabling their IT systems and demanding
payment in Bitcoin. The original amount requested was $3.4 million, but the hospital “regained access after
paying a little more than $17,000.” (Wired)
$17,000 / 15 BTC stolen
[43] 4-7-2016, Shapeshift AG Exchange Hack: Shapeshift claimed, in the weeks following this theft, that
they were confident an “inside party” was involved. They said this w as corroborated by the firm brought in to
investigate, LedgerLabs and that Shapeshift were in the process of filing civil suits, in 2016.
$200,000.00 / 469 BTC stolen
5
[44] 5-13-2016, Gatecoin Hack: Gatecoin, a Hong Kong-based exchange for Ethereum-based "DAO," or
Decentralized Autonomous Organization, and other digital assets, claimed their hot wallets had been hacked.
$2,500,000.00 / 250 BTC stolen
[45] 6-7-2016, University of Calgary Ransomware Hack: T he vice president of finances and services
announced via press release that their organization had paid a ransom to recover their encrypted email server.
In Canada, and other countries but not all, a malware attack like this “is considered a criminal act.” ( CBC)
$20,000.00 / 20 BTC stolen
[46] 6-17-2016, DAO Hack: The team responsible for developing t he DAO had allegedly written an
effective fix for the vulnerability which allowed for this incident to take place, before the hacker was able to
drain ETH from their centralized structure. A vulnerability in the smart contract network which the
developers for the DAO created allowed a hacker to drain ETH from their centralized structure. Allegedly,
the team had written a fix for the vulnerability just a few days before the main event of the theft took place,
but hadn’t released it in time.
$amount / stolen
[47] 8-2-2016, Bitfinex Security Breach: B itfinex said in a n announcement on their exchange's blog that a
"security breach" required them to halt their service and "settle open margin positions, associated financing,
and/or collateral affected by the breach." One week later, Bitfinex discounted its users' accounts by 36.067%,
to account for the "loss" from the "security breach." In compensation, BFX tokens were distributed "equal to
each customer's exact losses." They claimed to r edeem 100% of BFX tokens in April, 2017, with the help of
the DoJ, though they did not release any corroborative information.
$72,000,000.00 / 119,756 BTC stolen
[48] 2-17-2017, Bitcurex Exchange Hack: Like [19], the owner of B itcurex waited a week before
disclosing a severe hack to their customers. Their service was "one of the bigger" exchanges servicing the
European markets at the time of its closure.
$50,000,000.00 / 2,300 BTC stolen
[49] 2-17-17, Zerocoin Glitch Hack: A hacker found an exploit in the source code for "Zerocoin" which
allowed them to "reuse his/her existing valid proofs to generate additional Zerocoin." The bug was reportedly
created with a single character.
$585,000.00 / 370,000 ZCash stolen
[50] 2-24-2017, Coinhoarder Phishing Scams: "Cisco identified a n attack pattern in which the threat
actors behind the operation would establish a "gateway" phishing link that would appear in search results
among Google Ads. When searching for crypto-related keywords such as "blockchain" or "bitcoin wallet," the
spoofed links would appear at the top of search results. When clicked, the link would redirect to a "lander"
page and serve phishing content in the native language of the geographic region of the victim's IP address."
-Talos Intelligence
$1,800,000.00
[51] 4-24-2017, Asian-European Currency Ponzi Scam: "Suspect Xu," as described by authorities who
charged him with fraud, operated a "multi-layer marketing scheme" based on virtual currency.
$680,000.00
6
[52] 4-26-2017, Yapizon Exchange Hack: T wo details make this instance similar to [47]; like Bitfinex, the
Yapizon exchange claimed about a third of their funds had been stolen (37.08%); and, they were docking each
customer's balances relative to that loss, with an IOU token being created in its place. T heir token was called
"FEI." South Korean officials have stated this specific incident may have had involvement by North Korea.
$7,600,000.00 / 3,831 BTC stolen
[53] 5-17-2017, eBitz Exit Scam: A thread o n BitcoinTalk started by user "YIz" and mentioning another,
"iudica," solicited information from victims of two alleged exit scams, Opair.co and Ebitz.org, which they
allege were "done by the same guy(s)."
$2,900,000.00 / 388 BTC stolen
[54] 6-2-2017, QuadrigaCX Contract Error: A notice published to the / r/Ethereum reddit forum by
QuadrigaCX, a Canadian Bitcoin exchange started by Gerald Cotten, explained that due to an "irregularity"
with their "ETH/ETC splitter contract," 60,000 Ether had become "trapped," though their announcement
contained no wallet addresses for proof.
60,000 ETH allegedly frozen
[55] 6-26-2017, VERI ICO Hack: F ounder Reggie Middleton told his ICO participants that, in the week
following the beginning of selling VERI tokens, 36,000 of them were stolen from Veritaseum and sold on the
decentralized exchange EtherDelta. CoinDesk noted that in this time, VERI accounted for "80%" of the
DEX's volume for Ether trades.
$8,000,000.00 / 36,000 VERI stolen
[56]6-29-2017, Bitthumb Hack and PII Leak: Both won and personal information belonging to "30,000
users" was allegedly s tolen by hackers from the servers of Bitthumb, a Korean crypto exchange. South Korean
officials indicated this may have had involvement by North Korea.
$31,000,000.00 stolen
[57] 6-29-2017, ClassicEtherWallet DNS Hack: L ike [18], this was a social engineering hack. The hacker
"convinced support staff at a web hosting provider" to grant them access to the official domain of the
ClassicEtherWallet service. They swapped the deposit address on the site for their own, and for a period of
about 48 hours users were sending ETH directly to the hacker.
1,001 ETH stolen
[58] 7-4-2017, AlphaBay Exit Scam: L ike [22] and [38]; A lphaBay was an escrow system for the Dark Web
which suddenly went offline, leading to a 100% loss for any users with funds held on the service. NYMag
refers to this incident as "possible the largest exit scam in history.”
$4,000,000.00
[59] 7-18-2017, CoinDash ICO Cryptojack: T he ETH address which was being used for C oinDash’s
ICO was replaced, only 13 minutes after the sale started, by an attacker who had gained access to their site.
The hacker then allegedly returned 20,000 of the stolen ETH, which the company said allowed them to
“remain on schedule.”
$7,000,000.00 / 35,000 ETH stolen
[60] 7-19-2017, Parity Wallet Breach: “As reported by the startup, the issue is the result of a bug in a
specific multi-signature contract known as wallet.sol. Data suggests the issue was mitigated, however, as
7
377,000 ethers that were potentially vulnerable to the issue were recovered by white hat hackers." (CoinDesk)
$30,000,000.00 / 153,000 ETH stolen
[61] 7-25-2017, BTC-e Exit Scam: B TC-e was an exchange widely believed to have been run by Alexander
Vinnik. However, "according to Pawel Kusowski, CEO of Coinfirm, right after (Alexander's) arrest, 66,000
Bitcoins" were sent from accounts associated with BTC-e through "mixer" services. Vinnik was arrested in
Greece, and "faces accusations of leading a money laundering operation estimated at around $4 bln, and it is
also presumed that A lexander took part in the MtGox hack."
66,000 BTC stolen
[62] 8-3-2017, WannaCry Ransomware Attacks: One of the most significant, and resilient, incidents of
ransomware in history. “A new variant of WannaCry ransomware forced Taiwan Semiconductor
Manufacturing Company (TSMC) to temporarily shut down several of its chip-fabrication factories in
August 2018.” In all, more than 300,000 computers have been infected.
$130,634.77 / 50.62 BTC stolen
[63] 8-21-2017, Enigma ICO Pre-Sale Identity Theft Scam: Sent to me from E nigma: "There was a
social account compromised three weeks before token sale. People were victimized by scammers who posted a
fake link for 'presale contributions.' We took back control of the account within the hour, but $500k in ETH
and usd was already sent to the address. We took responsibility for the security compromise and r ecompensed
everyone hurt in the scam attempt."
$500,000.00 / 1,500 ETH stolen
[64] 10-2-2017, MsCollec BitcoinTalk Malicious WiFi Hack: "My wallet got cleaned out, I dont know
how it happened. I'm currently on a trip maybe i got connected to a malicious WIfi. All the token are
currently here https://etherscan.io/address/0x33455fd51b59852e6f80514169517a35588c2a0c#tokentxns"
(BitcoinTalk)
[65] 11-6-2017, Parity Frozen Wallets Bug: "I accidentally killed it," is how GitHub user "devopps199"
announced to the users of the Parity service they had discovered, and "triggered," a bug, which in effect froze
thousands of user wallets which were holding over 500,000 ETH, and were using the "multi-sig" function.
513,374 ETH locked
[66] 11-21-2017, Tether Critical Announcement: On a new page on Tether's website, the stablecoin
company announced to its users that funds were removed from their own "Treasury Wallet" by an "external
attacker," but that "As Tether is the issuer of the USDT managed asset, we will not redeem any of the stolen
tokens(...)". The ~30m USDT were "Frozen"; however, there is no known proof of any Tether customer
having ever redeemed a single USDT for USD from the company.
30,950,010 USDT frozen
[67] 11-22-2017, South Korea Shuts Down Bitcoin Ponzi Scheme: "Middle-aged investors" were "lured"
into a Ponzi scheme, according to the Jeonbuk Iksan police department and cybersecurity agency. They
arrested seven men in connection with the scam. "During interrogation, Jang, the operator of the ponzi
scheme, claimed that the group never intended to run a multi-million dollar scam at the beginning. The group
established a bitcoin investment firm initially to assist investors in investing in the cryptocurrency market.
But, over time, as the business grew, the group decided to abuse its clientbase by alluring investors into a
scam."
$38,000,000.00 / stolen
8
[68] 11-26-2017, Bitcoin Gold Wallet Repository Hack: A ccording to Reddit user "Uejji," the website
for "Bitcoin Gold," mybtgwallet.com, was storing user passwords "in base 64 and stored it on the website
cookie, which was later transmitted to Google There, the scammer was free to decode it and steal the person's
funds."
$3,300,000.00 stolen
[69] 12-6-2017, NiceHash Exchange hack: U sers of the Nicehash mining pool service began to discuss on
Reddit their missing funds from internal wallets stored on the site a few hours before the company made an
announcement explaining, there has been a security breach...our payment system was compromised and the
contents of the NiceHash Bitcoin wallet have been stolen."
$60,000,000.00 / 4,700 BTC stolen
[70] 12-10-2017, Bitcoin Platinum Exit Scam: "Investors in the local cryptocurrency exchange market are
outraged over Bitcoin Platinum, an alleged scam created by a South Korean teenager."..."The Twitter handle
@bitcoinplatinum, the official account of the B itcoin Platinum project has advertised the project, as a hard
fork of the Bitcoin Blockchain."..."However, the Twitter account has not provided the public with any
information about supporters, developers, investors and/or miners."
??? stolen
[71] 12-19-2017, Youbit Exchange Hack: Y oubit was previously hacked, when they were known as
"Yapizon" [47]. Immediately following this incident, their exchange declared bankruptcy, and said to
minimize losses they would "Seek to pare losses by tapping insurance funds and selling a stake in the
exchange." Read the CoinDesk article for details on possible North Korea tie to their first hack.
??? stolen
[72] 12-25-2017, RegalCoin Ponzi Stops Trading: R egalCoin was an ICO and High Yield Investment
scheme which operated during the same time as B itconnect.
??? stolen
[73] 1-7-2018, AT&T Customer Claims Sim Jacking: M ichael Terpin is still suing AT&T over a theft he
claims was able to be carried out because hackers spoofed, or swapped, his SIM card (a common method of
bank- and crypto-fraud).
$23,800,000.00 stolen
[74] 1-14-2018, BlackWallet Hack: "According to cybersecurity reearcher Kevin Beaumont, the attacker
hijacked BlackWallet’s domain name system (DNS) server over the weekend, adding a piece of code which
transferred any deposits of 20 or more lumens into another wallet." - CoinDesk
$400,000.00 / 670,000 XLM stolen
[75] 1-16-2018, Bitconnect Shut Down: Investigations are still ongoing into the leadership of Bitconnect
and their affiliated enterprises, which span the globe. Bitconnect shut down their high interest loan services,
including the payouts for referrals / commissions, because of an order given by the Texas State Securities
Board.
??? stolen
[76] 1-23-2018, Benebit Exit Scam: The B enebit platform was supposed to resemble a customer loyalty
program, but investors in the ICO soon realized it was a simple exit scam. Doctored photos of their
9
non-existent team, and deleted social profiles, were just some of the clues.
$2,700,000.00 stolen
[77] 1-26-2018, Coincheck Exchange Hack: H ackers were somehow able to make copies of the private key
for Coincheck's hot wallets, and in just a few transactions, steal thousands in customer funds from the
Japanese exchange. The employees reported the theft to the FSA and police the same day, and made a p ublic
apology.
$400,000.00 / 500,000,000.00 XLM stolen
[78] 1-29-2018, Experty ICO Scam: R eal participants of the Experty ICO started receiving believable, fake
emails purporting to have details for how to purchase "Pre-ICO" EXY tokens. Some users on Twitter claimed
it looked like an "inside job," but no proof or further explanation has been given.
$150,000.00 stolen
[79] 2-1-2018, Bee Token ICO Scam:ICO participants were sent emails which were spoofing the B ee
Token's employees, offering details about a "pre-sale," but any ETH sent to the provided addresses were
stolen.
$920,000.00 / 890 ETH stolen
[80] 2-4-2018, Seele ICO Insider Hack: A nother social engineering hack on an ICO, this time perpetrated
on Telegram. S eele support staff were impersonated, in order to trick would-be investors into s ending ETH to
a fraud address.
$1,800,000.00 / 2,162 ETH
[81] 2-11-2018, Bitgrail NANO Hack: Like nearly these incidents, reports about this B itgrail hack are
conflicting. Francesco Firano, owner of the exchange, says he caught the "hack" early and contacted NANO
to have the transactions reversed; but others say it was him, or someone working for him, who caused the loss.
$120,000,000.00 /170,000,000 NANO stolen
[82] 3-1-2018, BTC Global Ponzi Scheme: B TC Global was a scheme ran by a user going as "Steve
Twain"; they paid out "inconsistent" weekly installments to the victims, before disappearing with the bulk of
the deposits.
$50,000,000.00 stolen
[83] 4-8-2018, GainBitcoin India Ponzi Scam: "Bharadwaj, along with his associates had started the
multilevel marketing scheme and would conduct seminars to lure victims into investing in Bitcoin, with
assurances of large financial gains. He took help of P ankaj Ladakhiya, a motivational speaker, who would
conduct seminars in India and abroad. Bhardwaj stopped paying returns to investors and fled in January."
Authorities were later able to recover 451,999 BTC after a rresting Bharadwaj in December 2018.
$300,000,000.00
[84] 4-10-2018, Sailesh Bhatt Alleged Extortion: Sailesh Bhatt, a Bitcoin broker, said he was kidnapped
by men who came to his house in police vehicles, then forced him to t ransfer his Bitcoin to them.
$1,300,000.00 / 200 BTC stolen
[85] 4-12-2018, iFan Ponzi Scheme: M odern Tech, a Vietnamese IT company, is alleged to have also
operated " iFan," a ponzi scheme which was a registered investment company in Singapore. They promised "at
least 48%" returns per month, which they quickly started to pay out in their own currency, iFan Coins, before
10
stopping all payments.
$650,000,000.00 stolen
[86] 4-13-2018, Coinsecure Exchange Hack: Coinsecure blamed this hack on a "rogue employee," Dr.
Amitabh Saxena, who they told investigators was "making a false story to divert our attention and he might
have a role to play in this entire incident.” They say he made certain operations to distribute Bitcoin Gold
(BTG) in an online environment, which exposed their private keys.
$3,300,000.00 / 438 BTC stolen
[87] 4-24-2018, MyEtherWallet DNS Hack: Somehow, a hacker was able to manipulate a Google DNS to
"resolve the domain" for the MyEtherWallet service to a "bad server," which was able to steal users' private
keys and extract funds.
$152,000.00 / 215 ETH stolen
[88] 5-23-2018, Taylor Trading Crypto ICO Hack: The "entire amount" which Taylor Trading Crypto
raised in their ICO, selling TAY tokens, w as stolen by a hacker. Well, not all of it: "The only tokens that were
not stolen are the ones from the Founders’ and Advisors’ pools, because there’s a vesting contract making
them inaccessible for now.”
$1,500,000.00 / 2,578 ETH stolen
[89] 6-5-2018, Syndicate Wallet ICO Hack: "[I]nvolved a Japanese syndicate that had gathered
participants for Shopin's Token Generation Event using a hot MyEtherWallet storage wallet containing a
large amount of various tokens, including 61 million Shopin Tokens. Shortly after successfully receiving the
allotment of participant tokens, [ … ] the syndicate member's wallet was hacked by what authorities believe
was someone with credentialed access." -PRNewswire
$`10,000,000.00 stolen
[90] 6-10-2018, Coinrail Exchange Hack: D ecentralized exchanges IDEX and EtherDelta were allegedly
used, or attempted to be used, to launder the stolen ERC-20 tokens from the Coinrail exchange. The service,
for whatever reason, did not originally disclose how much was stolen, or even which currencies.
$40,000,000.00 / 1,927 ETH stolen
[91] 7-9-2018, Bancor Hack: Like [83], Pundi X's "NPXS" tokens were stolen in this incident. B ancor said
"a wallet used to u
pgrade some smart contracts was compromised."
$23,500,000.00 / 24,894 BTC stolen
[92] 7-26-2018, KICKICO Security Breach: T heir announcement: "On July 26 at 9:04 (UTC)
KICKICO has experienced a security breach, which resulted in the attackers gaining access to the account of
the KICK smart contract — tokens of the KICKICO platform. The team learned about this incident after the
complaints of several victims, who did not find tokens worth 800 thousand dollars in their wallets."
$7,700,000.00 / 700,000,000 KICK stolen
[93] 9-5-2018, OneCoin Ponzi scheme: "OneCoin was a multi-level marketing company that tricked
investors into buying into what they believed to be a legitimate investment. After the investments were taken
in, Marks and his co-conspirators laundered the investor money through several shell companies based all
around the world. Some of the money laundered—around USD $400 million of f unds stolen from defrauded
investors—was used to purchase a massive mansion for Scott and his family in Massachusetts."
$400,000,000.00 stolen
11
[94] 9-20-2018, Zaif Exchange Hack: "The licensed exchange, called Zaif, is operated by the Tech Bureau.
It said on Thursday that the exchange first noticed an unusual outflow of funds on the platform around
17:00 Japan time on September 14, after which the company suspended asset deposit and withdrawal services.
Tech Bureau explained that after further investigation, it discovered that hackers with unauthorized access to
the exchange’s hot wallets had stolen roughly $60 million in bitcoin, bitcoin cash, and MonaCoin. That being
said, the exact amount of bitcoin cash stolen remains unknown." (CoinDesk)
$60,000,000.00 / 913 BTC
[95] 10-8-2018, SpankChain ICO Hack: "Unfortunately, as we were in the middle of investigating other
smart contract bugs, we didn’t realize the hack had taken place until 7:00pm PST Sunday, at which point we
took S pank.Live offline to prevent any additional funds from being deposited into the payment channels
smart contract."
$40,000.00 / 165 ETH stolen
[96] 10-15-2018, William Kopko Ransom: N ine of the suspects were arrested in Costa Rica while three
were nabbed in Spain, according to Television New Zealand. It’s now three months since the American
businessman w as kidnapped in the Central American country. Kopko’s family paid a ransom of nearly
$950,000 in bitcoin which was demanded shortly after he disappeared. However, Kopko, who owns the
online gambling platform 5Dimes, was never released and i s still missing."
$950,000.00 stolen
[97] 10-25-2018, Australia XRP Hack: "The victim told investigators he believed his email account had
been hacked the previous month and was subsequently locked out of his account for two days in
mid-January. When he regained control of the account and checked the activity, he noticed his
cryptocurrency account had also been compromised leaving almost a zero balance."
$450,000.00 / 100,000 XRP stolen
[98] 10-28-2018, MapleChange Exchange Exit Scam: "Due to a bug, some people have managed to
withdraw all the funds from our exchange. We are in the process of a thorough investigation for this. We are
extremely sorry that it has to come to end like this. Until the investigation is over, we cannot refund
anything."
$6,000,000.00 / 913 BTC stolen
[99] 10-29-2018, Oyster Protocol CEO Exit Scam: "Earlier today, it was discovered that the
transferDirector function was utilized on the O yster Protocol token contract. This allowed the new director
to re-open the ICO for PRL and re-issue new tokens (1 ETH = 5000 PRL / .04 per PRL). The individual in
question then sent these tokens (upwards of 3M PRL) to KuCoin where the tokens were market sold. They
were able to e xtract ~$300,000 in funds prior to us being able to shut down trading and withdrawals on
KuCoin." A company going by CipherBlade was hired to investigate; their report blamed Bruno Block.
$300,000.00 stolen
[100] 11-7-2018, Dragon Coin Exit Scam: "During the hearings, Thai prosecutors accused the three
defendants and six accomplices of defrauding 21-year-old Finnish investor A amai Otava Saarimaa back in
2017. According to the investigation, he was persuaded to buy shares in Expay Software Co, invest in a
gambling-focused crypto token Dragon Coin (DRG), and buy 500 million shares in DNA (2002) Co, which
he consequently did by transferring crypto to the siblings’ wallets."
$2,400,000.00 stolen
12
[101] 11-13-2018, PureBit Exit Scam: "On November 4, the group conducted an initial coin offering
(ICO) to raise nearly $30 million using Ethereum (ETH) to build a cryptocurrency exchange...On November
13, as C
CN reported, Pure Bit and its operators shut down all of their social media handles including
KakaoTalk groups, kicking out investors in various public chat groups with the message “I’m sorry.”"
$2,800,000.00 / 13,000 ETH stolen
[102] 11-21-2018, Nicholas Truglia SIM Swapping Hack: "Remember that kid that got tortured by his
friends in an attempt to steal his BTC about a month ago? Well, turns out he may have actually made his
cryptocurrency fortune by stealing it from a Silicon Valley exec, after pulling an elaborate SIM-swapping
scheme. Santa Clara investigators recently arrested Nicholas Truglia, a 21-year-old con man from New York,
for removing $1 million in cryptocurrency from exchange accounts belonging to the Bay Area‘s richest, N ew
York Post reports."
$1,000,000.00 stolen
[103] 11-26-2018, Bulgaria Police Charge 3 With Crypto Hack: "In its s tatement, the Prosecutor’s
Office said that the investigation, which was first launched back in June of this year, is the first of its kind in
both Bulgaria and Europe. The three people arrested appear to have been fairly sophisticated, with the
prosecutor saying that they had exceptionally high “computer literacy skills,” which enabled them to steal the
cryptocurrency. Those notebooks appear to indicate that the fraudsters were using a range of different
accounts, with both real and fake users, to steal cryptocurrency."
$5,000,000.00 stolen
[104] 12-26-2018, Exmo CEO Pays Ransom: “According to Russian and Ukrainian media reports P avel
Lerner, 40, was kidnapped while leaving his office in Kiev's Obolon district on 26 December. The reports said
he was dragged into a black Mercedes-Benz by men wearing balaclavas.”
$1,000,000.00 stolen
[105] 12-27-2018, Electroneum Wallet Hack: "The hacker setup a whole bunch of malicious servers,”
Reddit user u/normal_rc explained: “If someone's Electrum Wallet connected to one of those servers, and
tried to send a BTC transaction, they would see an official-looking message telling them to update their
Electrum Wallet, along with a scam URL."
$800,000 / 250BTC stolen
[106] 1-7-2019, ETC 51% Gate.io Attack: “Gate.io's censor successfully blocked [the] attacker's
transactions at the beginning and submitted them to [a] manual exam. Unfortunately, during the 51% attack,
all the transactions looked valid and confirmed well on the blockchain..."
$271,500.00 / 40,000 ETC stolen
[107] 1-15-2019, Cryptopia Exchange ERC20 Hack: "The exchange that was affected was the New
Zealand based Cryptopia. The exchange has since been on maintenance as the team at C ryptopia continues to
assess the damage and losses made during the hack. They are also collaborating with New Zealand Authorities
to bring the criminals to justice."
$16,000,000.00 / ETH + ERC-20 tokens stolen
[108] 1-26-2019, LocalBitcoins Hack: "The funds were taken from more than 76k different wallets, none
of which were smart contracts. The thieves must have gained access to not one private key, but thousands of
13
them. - E
lementus"
$28,000 / 8+ BTC stolen
[109] 2-1-2019, Joel Ortiz SIM Swapping Hack: “Authorities reportedly state that Ortiz is the first
individual convicted of a crime for SIM swapping. SIM swapping is growing in popularity with criminals as a
means to steal fiat, crypto, and even social media usernames and handles, which can subsequently be sold on a
black market. The Instagram account “@t” reportedly sold for $40,000 in Bitcoin (BTC)." (CoinTelegraph)
$5,000,000.00 stolen
[110] 2-5-2019, QuadrigaCX Bankruptcy: "Citing a creditor protection filing from the Nova Scotia
Supreme court, the Globe and Mail states that the firm has been unable to locate or access the funds since
Cotten passed on Dec. 9, leading to a liquidity crisis at the exchange. QuadrigaCX filed for creditor
protection in compliance with the Companies' Creditors Arrangement Act (CCAA) on Feb. 1." See: ( Jen
Robertson Affidavit)
~$145,000,000.000 / 26,489 BTC stolen
[111] 2-23-2019, CoinMama PII Leak: "The official statement of the exchange disclosed that 450,000
email addresses and passwords were leaked in a massive global hacking attack involving 24 websites and some
747 million records."
Personal information stolen
[112] 2-27-2019, Bitstrades ICO Exit Scam: According to the FIR, the accused took 190 investors on
tours to Bangkok and Singapore to gain their trust. The police suspects many of these investors could have
been duped by Bitstrades, but are hesitating to come forward. “[The] majority of investors who lost money in
the racket are yet to come forward. We hope that following the registration of the complaint, they will
provide details of cheating about the accused to [the crime department],” an investigating officer told TOI.
The discovery of Bitstrades as a pyramid scheme has highlighted the lack of due diligence in the
cryptocurrency industry.
$230,000.00 stolen
[113] 2-27-2019, Coinomi Wallet Google Authentication Vulnerability: "According to
cryptocurrency investor Warith Al Mawali, he has lost all of his life savings in the tune of $60,000 to $70,000
on Coinomi, a widely utilized crypto wallet on Android. In a detailed report, Mawali claimed that a c ritical
vulnerability found on the wallet led to the loss of user funds as it compromised the private key of his wallet."
$70,000.00 stolen
[114] 2-28-2019, My Big Coin Exit Scam: “Randall Crater was nabbed in Florida on Wednesday for his
part in persuading investors that the digital dosh was backed by real gold coins. Twenty-eight of them handed
over a total of $6m – an average of $215,000 – to fund the business, having been told there was a total of
$300m in gold behind the operation.” (The Register)
$6,000,000.00 stolen
[115] 3-8-2019, AUSTRAC Shuts Down Two Exchanges For Drug Money Laundering:
"[T]wo Australian cryptocurrency exchanges have been suspended by AUSTRAC after a ‘key member’
involved in the businesses was arrested during Australian Federal Police raids across Melbourne yesterday."
$2,000,000.00
14
[116] 3-8-2019, Morgan Rockcoons Bitcointopia Fraud: "A bitcoin entrepreneur who pitched an
elaborate vision for a c ryptocurrency Utopia in the Nevada high desert pleaded guilty to wire fraud in San
Diego federal court this week, admitting he sold land he never owned to investors."
$45,000 stolen
[117] 3-10-2019, CrashDoge Withholds Withdrawals: C haboJ on Reddit: "CrashDoge,
CrashingBitcoin and CrashingCrypto are GIANT SCAMS. They stole $8,000 of my money. STAY
AWAY...I recently went on CrashDoge.com to try my luck. I am a gambling YouTuber with a channel called
StackGambler. I deposited 5,000 Dogecoins with the intent of making 500,000 Dogecoins."
$6,000,000.00 stolen
[118] 3-12-2019, Bitcoin ATM Double-Spenders: In “targeted” attacks, multiple people went to many
Bitcoin ATMs in seven Canadian cities, which they were able to make “ double-spends” on by immediately
canceling the transaction before any change has processed it. P olice say they carried out 112 “fraudulent
transactions.”
$200,000.00 stolen
[119] 3-15-2019, Monacoin Hack: "An 18-year-old boy was referred to prosecutors Thursday for allegedly
stealing about ¥15 million ($134,300) worth of cryptocurrency last year by hacking a digital currency storage
website, police said. The case is the first in Japan in which criminal charges have been pursued against a h acker
over cryptocurrency losses, the police said."
$134,300.00 stolen
[120] 3-25-2019, DragonEx Exchange Hack: D ragonEx is an exchange which primarily uses Tether
USDT pairs. They initially said they were shutting off the service for “maintenance,” but within a day they
then told customers they had been hacked, had alerted numerous authorities, and had some of the stolen
funds returned, or halted at other exchanges like Gate and Huobi.
??? stolen
[121] 3-27-2019, CabbageTech Exit Scam: The U.S. Attorney’s Office of the Eastern District of New
York announced Tuesday that it has unsealed a nine-count indictment charging Patrick McDonnell, also
known as “Jason Flack,” with wire fraud and has arrested him….Between November 2014 and January 2018,
McDonnell allegedly represented himself as an experienced cryptocurrency trader, promising customers that
he would provide them with trading advice, as well as buy and trade cryptocurrency on their behalf.
...However, neither McDonnell nor CabbageTech provided any investment services, according to the
indictment. Instead, he sent investors “false” balance statements indicating that their investments were
profitable, and “stole their money for his personal use.” When customers requested refunds, McDonnell
allegedly first made excuses for delays in repayment and later stopped responding at all. ( CoinDesk)
$200,000.00 stolen
15
16
Missing Crypto Timeline Figures, April 2019 - @KyleSGibson
Fg 1a
Fg 1b
16
Fg. 2a:Includes only Bitcoin-related incidents in which the amount involved was known*, showing by day the cumulative amount of
money involved in lost or stolen Bitcoin incidents, the price of Bitcoin according to Blockchain.com (and predominantly based on
Mt Gox before 2014), and the estimated total value of the “Missing Bitcoins.” (*”Bitcoin-related” events with amount involved not
publicly known were not included here, but are in other figures.)
Totals: 61 incidents, $1.59 billion in cumulative “Missing Bitcoin,” 1,583,592.063 BTC involved.
The total market value of publicly known “Missing Bitcoin” almost reached $30 billion in late 2017, early 2018.
Fg. 2b
17
Fg. 2c: “Bear Market” following the early 2014 Mt Gox hack
Fg 2d
18
Fg 3a: Incidents involving Bitcoin going missing appear to be shrinking in size, denominated in Bitcoin. Though, they also appear to
be happening more frequently, compared to the period before 2014… which was before the arrival of a broader exchange and wallet
industry.
Fg 3b
19
Fg 3c: The longest apparent time of there being no publicized incident of lost or stolen Bitcoin happened just as the price bottomed,
following the peak just before Mt Gox’s 2014 hack.
Fg 3d: The Zaif Exchange hack in September 2019 was apparently the first major incident of lost or stolen Bitcoin, following the
price run-up to ~$20,000.
20
Fg 4a: E thereum came after Bitcoin, and so naturally, incidents involving lost or stolen Ethereum didn’t occur until years after the
first Bitcoin-related incidents. Ethereum-related incidents, though, have almost reached ~20 in a shorter period than those involving
BTC. Missing Crypto incidents not involving either Bitcoin or Ethereum started occurring in 2015, apparently, and in about 3 years
had as many as there were Bitcoin incidents in 5 years (2011-2016).
Fg 4b: E
xchange-related incidents of Missing Crypto have apparently been happening at a steady rate of ~10-15 per year since 2011.
21
Fg 4c: Missing Crypto incidents which involved a hack appear to have accelerated in 2018, compared to 2011-2017. Early 2018 was
apparently an active time for pyramid and/or Ponzi schemes involving Bitcoin.
Fg 5a: In early 2018, Missing Crypto events not involving Bitcoin or Ethereum started to involve larger amounts, than the incidents
which did. Directly Ethereum-related incidents have involved much less; though, there are ERC-20 projects in “ALL” incidents…
22
Fg 5b: T
he iFan Coin incident in April 2018 ($650m involved) and OneCoin ($400m, September 2018), as well as the Coincheck
exchange hack ($400m, late January 2018) are the incidents which come closest to Mt Gox’s record hack in 2014.
Fg 5c: Publicly known ransomware incidents involving stolen crypto have not garnered as much as other methods of theft, it appears,
though there could be much more lost to ransomware than is publicly reported. Same goes for hacks, pyramid and Ponzi schemes.
23
$ Amount
Incident Type Incidents Missing, M % of All Missing Bitcoin $ Value, 3-30-19, M % Change
All 121 3842.868 100.00%
Bitcoin Related 78 2286.832 59.51%
Bitcoin Related -
Amt Known 61 1594.732 41.50% 1583592.1 6438.632 75.23%
24