Why analyze the biggest crypto‑exchange hacks
The history of the crypto market is not only about the rise of technology and capital; it is also a string of headline‑grabbing breaches. Each incident exposes technical and organizational weak points at exchanges, shapes regulation, and permanently raises the bar for security. Below is a concise analysis of the most consequential cases: how they unfolded, the industry‑wide fallout, and the lessons for users.
This guide brings together key cases (Mt.Gox, Bitfinex, Coincheck, Binance, Cryptopia, KuCoin, FTX, Bybit, and others), explains attack mechanics in plain language, shows the scale of losses and their consequences, and offers practical takeaways for safeguarding your crypto assets.
Hot wallet: a wallet connected to the internet and used for routine payouts. Convenient, but more exposed than cold storage.
Cold storage: offline wallets or custodial setups physically isolated from the network. The standard way to hold an exchange’s core reserves.
Multisignature (multisig): a scheme in which several independent keys must sign to withdraw funds; reduces single‑point‑of‑failure risk.
Transaction malleability: an early‑Bitcoin quirk that allowed changing a transaction’s ID without altering its contents; seen in disputed scenarios in the early 2010s.
Mt.Gox: collapse of the first “global” Bitcoin exchange (2014)
At its peak, Mt.Gox processed up to 70% of global BTC trading, but in February 2014 it halted withdrawals and revealed the loss of hundreds of thousands of bitcoins. The picture that later emerged was typical of crypto’s early days: vulnerable processes, overheated loads, and a long‑running compromise of keys.
How the attack happened: no single “hole” was ever confirmed; more likely it was prolonged unauthorized access to hot wallets amid weak controls and questionable technical allowances (including transaction‑ID malleability effects). A large portion of BTC leaked gradually and went unnoticed for months.
Scale: roughly 850,000 BTC were declared lost; about 200,000 BTC were later found in an old exchange wallet. Even after the “find,” the net hole was colossal for the time.
Aftermath: bankruptcy, years‑long creditor proceedings, and a major reputational hit to centralized venues. The payout process became a case study in how not to design operational security.
Bitfinex: a blow to multisig and an unprecedented clawback (2016)
How the attack happened: attackers bypassed multisig defenses and withdrew about 120,000 BTC. Details of the integration with a custodial partner proved to be the exploitable weak link.
Scale: ≈$70 million at the time; subsequent BTC appreciation made the case one of the costliest in hindsight.
Aftermath: the exchange avoided bankruptcy by socializing losses across clients and issuing BFX “recovery” tokens later redeemed for equity or cash. A significant share of the loot was eventually traced and seized — a rare recovery success.
Coincheck: record XEM theft and a regulatory wake‑up call (2018)
How the attack happened: attackers obtained the single key to a hot wallet holding NEM. The likely vector was phishing and malware on staff devices. Skipping multisig was a critical mistake.
Scale: about 523 million XEM (≈$530 million at the time). On‑chain tagging and blocking of redemptions helped partially, but sizable sums still flowed through grey venues.
Aftermath: the exchange compensated most client losses and was acquired by a major financial group. Japan’s FSA conducted broad inspections and tightened custodial requirements.
Binance: phishing, compromised APIs, and the SAFU backstop (2019)
How the attack happened: a prolonged phishing campaign and harvesting of 2FA/API data allowed attackers to trigger a large, coordinated withdrawal from a hot wallet.
Scale: 7,000 BTC — a small share of reserves for an industry leader, but a meaningful reputational stress test.
Aftermath: withdrawals were frozen promptly, an audit followed, and losses were fully covered from the SAFU fund. Clear communication and risk‑system tuning reinforced trust.
Cryptopia: small‑exchange exposure and a painful wind‑down (2019)
How the attack happened: hot‑wallet compromise and a gradual draining of balances. Insufficient reserves and weak incident response made ongoing operations impossible.
Scale: ≈$16–18 million across multiple assets — critical for a local exchange.
Aftermath: bankruptcy, years of asset reconciliation across hundreds of tokens, customer re‑identification, and piecemeal payouts.
KuCoin: key compromise, DeFi laundering, and recovery of the lion’s share (2020)
How the attack happened: attackers obtained private keys to part of the hot wallets and quickly withdrew assets, then followed a modern laundering route — DEX swaps and mixers.
Scale: ≈$275–280 million at the time.
Aftermath: stablecoin and token issuers froze or reissued assets; a major share was recovered. Users were made whole for the remainder, and storage/monitoring controls were upgraded.
FTX: not a hack but an “internal rupture,” plus an overnight drain (2022)
How the outflow happened: shortly after the bankruptcy announcement, hundreds of millions in crypto were moved out of FTX wallets within hours. Movement patterns and access pointed to an insider‑driven event.
Scale: ≈$0.5 billion. Against the broader balance‑sheet hole, this wasn’t the cause, but it reduced the estate available to creditors.
Aftermath: assets were consolidated into custodial cold storage, on‑chain tracing and freezes followed where possible, and criminal proceedings on fraud and governance abuses advanced in parallel.
Bybit: record hot‑wallet drain and global coordination (2025)
How the attack happened: attackers gained the private key to a large hot wallet and, in one sweep, withdrew hundreds of thousands of ETH. High speed and careful preparation helped sidestep standard alerting.
Scale: on the order of a billion‑plus dollars at the time — an absolute record for centralized‑exchange theft.
Aftermath: an immediate withdrawal pause, public commitments to full restitution, forensic analysis, and involvement of international agencies. Analysts quickly tagged portions of the funds, with freezes following.
Why crypto exchanges get hacked: key attack vectors
Private‑key leaks and weak storage policies
The primary risk for CEXs is the keys to hot wallets. If a single online key exists, compromising a device or staff account can grant full access. Splitting keys and enforcing limits was long underestimated — see Coincheck and similar cases.
Social engineering and targeted phishing
“Official” instruction emails, fake login portals, malicious attachments — the classics still work. Spear‑phishing against specific employees mimics internal correspondence to extract 2FA codes, API keys, or corporate‑network access.
API compromise and automated withdrawals
Leaked user API keys plus bypassed behavioral controls produce synchronized orders and mass withdrawals. The risk balloons without address allowlists and hard limits.
Integration and access‑architecture mistakes
Even advanced setups (multisig, custodial partners) can fail when roles and limits are misassigned. Skipping the “two‑person rule” for critical operations and weak network segmentation are frequent root causes.
Adjacent risks from DeFi and bridges
Modern exchanges interface with bridges and on‑chain protocols. A third‑party contract bug or liquidity‑management misstep can open a side door — or a rapid laundering route via DEXs.
How CEX defenses evolved: practices and tools
Cold storage of reserves
- Best for base reserves and long‑term holding.
- Shrinks the attack surface for network‑borne threats and malware.
✅ Pros
- Minimal online exposure.
- Multi‑step approvals for withdrawals.
- Clear segregation of reserves.
❌ Cons
- Limited speed when replenishing the hot pool.
- Reliance on procedural discipline and people.
Main point: cold storage is a non‑negotiable baseline; without sound operations and limits, it won’t save you on its own.
Multisignature (multisig)
- Applicable at both hot and cold layers.
- Demands clear role separation and per‑operation limits.
✅ Pros
- No single “master” key.
- Flexible thresholds (e.g., 2‑of‑3, 3‑of‑5).
❌ Cons
- Integration and key‑management errors can nullify the benefits.
- Complex emergency recovery and key rotations.
Main point: multisig works only when paired with solid processes and independent audits.
MPC: Multi‑Party Computation — a cryptographic method in which a “whole” key never exists in one place; the signature is assembled from shares on separate devices.
HSM: Hardware Security Module — a certified hardware appliance for secure key generation and storage with access policies and audit trails.
MPC wallets
- Well suited for hot wallets and automated withdrawal flows.
- Pairs effectively with hard limits and address allowlists.
✅ Pros
- No single point of key compromise.
- Flexible fault‑tolerance scenarios.
❌ Cons
- Implementation and operational complexity.
- Dependence on correct protocol implementations.
Main point: MPC reduces key‑leak risk but demands mature processes and regular drills.
HSMs and hardware key protection
- Best for cold layers and critical signing roles.
- Combines well with multisig/MPC and network segmentation.
✅ Pros
- Prevents extraction of keys from memory.
- Auditable actions and access policies.
❌ Cons
- Cost and maintenance complexity.
- The human factor in role management still matters.
Main point: HSMs harden the “physical” side of security but do not replace sound process controls.
Reserve funds and insurance (SAFU)
- Act as a cushion for rare but expensive events.
- Require transparent rules for funding and use.
✅ Pros
- Removes immediate pain for clients.
- Builds trust and buys time for forensics.
❌ Cons
- Not a substitute for security: funds are finite.
- Risks of opacity and discretionary allocation.
Main point: a well‑structured fund is the fire brigade — not the firewall.
Proof of Reserves (PoR)
- Adds asset‑side transparency but must be paired with a view of liabilities.
- Encourages discipline in reserve management.
✅ Pros
- Public on‑chain verification of assets.
- Incentivizes prudent reserve practices.
❌ Cons
- Without liabilities, PoR cannot reveal balance‑sheet holes.
- Requires independence and regular cadence.
Main point: PoR is useful within a broader toolkit; ideally it’s complemented by Proof‑of‑Liabilities (PoL) and independent audits.
Bug bounty, red teaming, and incident response
- Reduce the chance of nasty surprises in production.
- Help contain damage quickly when incidents occur.
✅ Pros
- Early discovery of vulnerabilities “before the bad guys.”
- Clear roles and procedures under pressure.
❌ Cons
- Cost and the need for sustained discipline.
- Risk of false comfort without systemic fixes.
Main point: regular testing and a living response plan are core elements of mature CEX security, not optional extras.
Comparing exchanges’ responses to hacks
| 🏦 Exchange | 🧨 Incident type | 💰 Losses (at the time) | 🧾 Customer restitution | ⏱️ Response time | ⚖️ Regulators/status |
|---|---|---|---|---|---|
| Mt.Gox | Prolonged leak of keys | ≈850,000 BTC | Compensation via bankruptcy | Withdrawal halt → bankruptcy | Bankrupt; lengthy resolution |
| Bitfinex | Multisig‑integration failure | ≈120,000 BTC | 100% via BFX tokens/equity | Freeze, BFX issuance, buyback | Operational; some BTC later seized |
| Coincheck | Hot wallet single key | ≈$530M XEM | ~90% from own funds | Freeze, payout plan | Operational; FSA tightened controls |
| Binance | Phishing API/2FA | 7,000 BTC | Fully covered by SAFU | Immediate withdrawal pause | Operational; security enhanced |
| Cryptopia | Wallet compromise | ≈$16–18M | Through liquidation (remaining assets) | Service halted → bankruptcy | Liquidation; long payouts |
| KuCoin | Theft of private keys | ≈$275–280M | Major share returned/frozen | Rapid forensics, freezes | Operational; investigation ongoing |
| FTX | Unauthorized drain during bankruptcy | ≈$0.5B | Within bankruptcy | Emergency consolidation to cold storage | Bankrupt; criminal cases |
| Bybit | Hot‑wallet key leak | ≈400,000 ETH | Full compensation publicly stated | Withdrawal pause, investigation | Operational; global coordination |
In brief: the most mature exchanges (Binance, KuCoin, Bitfinex) fully or almost fully covered client losses; weaker players (Mt.Gox, Cryptopia, FTX) failed. Response speed and pre‑positioned reserves largely determine an exchange’s fate.
How hackers “launder” stolen coins: a short example
What to do if an exchange you use gets hacked
- Stop activity: cancel open orders and revoke or disable API keys.
- Check your devices: change passwords, reset 2FA, and run a reputable malware scan.
- Move assets: withdraw remaining funds to your own cold‑storage wallet.
- Enable address allowlists and login/withdrawal alerts if the service stays online.
- Collect evidence: screenshots of balances, transactions, emails, and notifications.
- Follow official channels: compensation instructions, forensic updates, claim forms.
- If bankruptcy begins, file a creditor claim and complete KYC within the deadlines.
Timeline of the biggest crypto‑exchange hacks
| 🏦 Exchange | 📅 Date | 💰 Losses | 🔓 Method | ⚖️ Status |
|---|---|---|---|---|
| Mt.Gox | Feb 2014 | ≈850,000 BTC | Prolonged key leakage weak accounting | Bankruptcy |
| Bitfinex | Aug 2016 | ≈120,000 BTC | Compromise of multisig schemes | Operational; compensation |
| Coincheck | Jan 2018 | ≈$530M XEM | Hot wallet without multisig | Operational; payouts |
| BitGrail | Feb 2018 | ≈$170M XNO | Accounting errors double withdrawals | Bankruptcy |
| Zaif | Sep 2018 | ≈$60M | Hot‑wallet theft | Acquired |
| Cryptopia | Jan 2019 | ≈$16–18M | Wallet compromise | Liquidation; payouts |
| CoinBene | Mar 2019 | >$100M | Probable insider access | Service wound down |
| Binance | May 2019 | 7,000 BTC | Phishing + 2FA/API | Operational; SAFU |
| Upbit | Nov 2019 | ≈$49M ETH | Hot‑wallet breach | Operational; covered |
| KuCoin | Sep 2020 | ≈$275–280M | Private keys stolen | Operational; partial recovery |
| BitMart | Dec 2021 | ≈$196M | Hot‑wallet compromise | Operational; compensation |
| FTX | Nov 2022 | ≈$0.5B | Unauthorized drain (insider) | Bankruptcy |
| DMM Bitcoin | May 2024 | ≈4,503 BTC | Hot‑wallet theft | Operational; investigation |
| WazirX | Jul 2024 | >$200M | Security breach | Operational; investigation |
| Bybit | Feb 2025 | ≈400,000 ETH | Private‑key leak | Operational; compensation |
In brief: combined losses from these breaches exceeded
Questions and answers (FAQ)
How do hot wallets differ from cold ones — and why does it matter?
Does multisig guarantee you’ll avoid a hack?
What are SAFU and insurance funds — do they really cover losses?
Why is it sometimes possible to get stolen funds back?
Should I keep crypto only in my own custody — not on an exchange?
What is Proof of Reserves and why isn’t it enough?
How do I file a claim if an exchange goes bankrupt?
Is it risky to keep active API keys with brokers and bots?
How does MPC differ from multisig?
How dangerous are SIM swaps and email takeovers?
Conclusion
From Mt.Gox to Bybit, breaches pushed the industry from naive “speed at any cost” toward mature security: cold storage by default, distributed authority, hard limits, and safety nets are now the norm, with regulators codifying expectations.
Risk, however, hasn’t vanished. Attackers adapt — probing multisig integrations, supply‑chain links, and human behavior. The best defense is layered exchange security plus user hygiene: strong 2FA, address allowlists, minimal in‑platform balances, and self‑custodied offline wallets for savings.
Main point: vulnerabilities live not only in code but also in processes. Reserve‑storage standards, transparent compensation funds, and disciplined user practices together markedly lower the odds of irrecoverable loss.