Key Takeaways
The cryptocurrency space in 2024 is expected to grow and develop as an asset class, with the developments of spot ETFs in the first quarter of the year. Despite advancements in blockchain technology and increased security protocols, the crypto world is still a battleground for sophisticated cyber threats and exploits.
This article will provide a detailed and chronological list of all major security breaches and hacks in the cryptocurrency space in 2024.
As 2024 kicks off, the crypto space witnesses a tumultuous start marred by significant hacks targeting major platforms. The shocking breach at Orbit Chain on January 2nd followed by Radiant Capital’s compromise on January 3rd set a concerning tone for the year ahead, highlighting the persistent vulnerabilities within the crypto sphere.
The cryptocurrency world had several terrifying security breaches in 2023, each with enormous financial repercussions. A number of notable breaches occurred in the past year, including the $200 million breach at Mixim in September, the $197 million loss at Euler Finance in March, and the $126 million loss at Multichain in July. The cumulative effect of these hacks highlighted the ongoing difficulties with cybersecurity in the cryptocurrency space.
The string of security breaches throughout 2023 and the initial months of 2024 underscore the critical necessity for heightened security measures and amplified awareness within the dynamic and evolving cryptocurrency industry.
Target | Date | Estimated loss |
---|---|---|
MetaWin | November 03, 2024 | $4 Million |
M2 Exchange | October 31, 2024 | $13.7 Million |
US government-linked crypto wallet | October 25, 2024 | $20 Million |
Radiant Capital | October 16, 2024
January 03, 2024 |
$58 Million (approx)
$4.5 Million |
The Morpho PAXG/USDC Market | October 13, 2024 | $230 K |
Crypto Whale on a Blast Network | October 11, 2024 | $35 Million tokens |
Onyx Protocol` | September 26, 2024 | $3.8 Million |
BingX | September 20, 2024 | $43 Million |
Indodax | September 11, 2024 | $22 Million |
WazirX | July 18th, 2024 | $234.9 Million |
LIFI | July 16th, 2024 | $10 Million |
Bittensor Blockchain | July 3rd, 2024 | $ 8 Million TAO Tokens |
Kraken | June 19, 2024 | $3 Million |
Uwu Lend | June 10, 2024, June 13, 2024 | $19.3 Million, $3.5 Million |
Based Doge (BOGE) | May 27, 2024 | $16,926 (91.4 M BOGE) |
NORMIE | May 26, 2024 | $881,686 |
Pump.fun | May 17,2024 | $1.9 Million |
BlockTower Capital | May 15, 2024 | Undisclosed |
Gnus.AI Discord Hack | May 5, 2024 | $1.27 Million |
Prism Finance | March 28, 2024 | $10 Million |
Mozaic Finance | March 15, 2024 | $2.5 Million |
BitForex | February 23, 2024 | $57 Million |
PlayDapp | February 09, 2024 and February 12, 2024 | $290 Million |
Abracadabra Finance | January 30, 2024 | $6.5 Million |
Concentric.fi | January 22, 2024 | 1.8 Million |
Socket.Tech | January 16, 2024 | $3.3 Million |
Gamma Strategies | January 08,2024 | $3.4 Million |
CoinsPaid | January 08, 2024 | $7.5 Million |
Orbit Chain | January 02, 2024 | $80 Million |
On November 3, online casino platform MetaWin was hit by a significant exploit, resulting in the theft of approximately $4 million. The attack targeted MetaWin’s hot wallets through its frictionless withdrawal system, prompting the platform to halt all withdrawals. CEO Skel reported that withdrawals have since been restored for 95% of customers, and the stolen funds have been “topped off.”
Onchain investigator ZackXBT tracked the stolen funds to exchanges KuCoin and HitBTC, identifying over 115 addresses linked to the attacker. The motivations and identity of the hacker remain unclear.
The M2 cryptocurrency exchange suffered a hack on October 31, resulting in the theft of $13.7 million in digital assets. The breach targeted the exchange’s hot wallets, but CEO Skel confirmed that all user funds have been restored and services are fully operational.
As the crypto landscape faces increasing security challenges, centralized exchanges remain prime targets for hackers.
A crypto wallet connected to the U.S. government was hacked, losing $20 million in Ethereum and stablecoins like USDC and USDT. Initially seized assets from the 2016 Bitfinex hack, these funds were drained from the wallet, which reportedly had been inactive for eight months until now. The hacker moved the stolen funds to various exchanges, converting them to ETH.
Crypto analyst ZachXBT noted that ETH batches were quickly shifted to multiple wallets and exchange services. Before the hack, the government had withdrawn $5.4 million from Aave, raising questions about the funds’ safety and the government’s crypto management practices.
Radiant Capital, a cross-chain lending platform, has faced significant security issues, including two separate hacks. Most recently, on October 16, 2024, the platform suspended lending and borrowing on the Arbitrum network after a flash loan attack on its newly launched USDC market resulted in a loss of $58 million (approx).
Earlier, in January 2024, Radiant experienced another breach that drained around $4.5 million from its lending protocols on the BNB Chain and Arbitrum. This exploit occurred mere seconds after the market’s debut, with blockchain security firms PeckShield and Beosin identifying the manipulation of the ‘index parameter’ as the cause.
The tokenized gold market on Morpho Protocol experienced a $230,000 loss due to an Oracle misconfiguration involving the PAXG/USDC market. The issue arose from a decimal error in setting Oracle prices, leading to an inflated gold price. The exploiter used this discrepancy to withdraw funds.
While Morpho Labs stated this incident did not affect the platform’s security, the misconfiguration highlights the risks of decentralized platforms. Most of the funds have been recovered, and steps are being taken to prevent similar issues in the future.
A recent exploit, confirmed by security firms PeckShield and BlockSec, involved an attacker tricking a user into signing an offline permit message, allowing the hacker to drain fwDETH tokens from the victim’s account.
As a result, the value of DETH plummeted by over 90%, dropping from $2,000 to $100. Although some recovery occurred, the token price remained around $1,000 at the time of reporting.
Onyx Protocol, a fork of Compound Finance, suffered a preventable hack on September 26, 2024, leading to a $3.8 million loss. Attackers exploited a known precision issue in the protocol’s code, targeting empty markets to manipulate exchange rates.
This vulnerability had previously affected other Compound forks like Hundred Finance and Midas Capital. Most of the stolen assets were in VUSD stablecoin, with hackers swiftly converting funds.
The crypto exchange BingX was hacked with more than $43 million in assets stolen. Hackers moved funds in several transactions, draining assets like Ethereum (ETH), Binance Coin (BNB), and Tether (USDT).
Despite the large loss, BingX stated that the hack had a “minimal” impact on its operations and that it would compensate affected users. The stolen assets were transferred to decentralized exchanges, with most swapped for ETH and BNB.
BingX temporarily paused withdrawals and deposits, promising to restore them within 24 hours. This hack highlights ongoing security challenges within crypto platforms.
Indonesian crypto exchange Indodax recently experienced a breach resulting in the loss of $22 million across several cryptocurrencies. On Sept. 11, firms like PeckShield, Cyvers, and SlowMist identified an attack on Indodax’s hot wallets, leading to the theft of assets including Bitcoin, Tronix (TRX), Ether, Polygon (POL), and Shiba Inu (SHIB).
The breach likely involved a flaw in the withdrawal system, while Cyvers noted other systems may have been compromised. In response, Indodax shut down its web and mobile services for maintenance and reassured users that their funds remain secure during the investigation.
India’s largest crypto exchange, WazirX, has reportedly been hacked, resulting in the theft of $234.9 million from its multi-sig wallet. The security firm Cyvers identified the suspicious transactions, noting that the hackers moved the funds to a new address and began converting various cryptocurrencies, including PEPE, GALA, and USDT, into Ethereum.
In response to the breach, WazirX halted both INR and crypto withdrawals, reassured users of fund security, and initiated an investigation into the incident while collaborating with law enforcement.
On July 16, LIFI, a cross-chain DeFi platform, was hacked, resulting in the loss of $10 million in users’ funds. Hackers stole substantial amounts of stablecoins and ether, prompting LIFI to urge users to revoke approvals and halt service usage.
The platform linked the vulnerability to wallets with infinite approvals, affecting a small number of users. LIFI assured users it would refund all losses and is working with law enforcement to recover the stolen funds. This incident mirrors a similar hack LIFI faced in March 2022.
On July 3rd, Bittensor blockchain experienced a security breach, resulting in the theft of $8 million worth of TAO tokens from user wallets. The breach, suspected to be due to leaked private keys, led to a 15% decline in the TAO token price. In response, the decentralized AI project TAO of Bittensor has paused its blockchain operations.
On-chain analyst ZachXBT highlighted that approximately 32,000 TAO tokens were stolen, causing the token’s price to drop from $281 to $234. The final block on Bittensor’s Explorer was recorded about three hours before the network was shut down.
Kraken’s security was compromised when a self-proclaimed security researcher exploited a zero-day vulnerability, absconding with $3 million worth of cryptocurrency and refusing to return the funds. Chief Security Officer Nick Percoco disclosed the incident on June 9, revealing the discovery of a critical bug that allowed unauthorized inflation of account balances.
The vulnerability stemmed from a recent user interface update, enabling transactions to proceed before assets were fully cleared. Despite Kraken’s prompt investigation and mitigation efforts, the exploit occurred, prompting the exchange to accuse the individuals involved of extortion rather than legitimate security research.
UwU Lend, a lending and liquidity protocol, experienced an exploit totaling $19.3 million, confirmed by blockchain security firms such as Arkham. On-chain data revealed that a single wallet managed to siphon various tokens, including wrapped ether (WETH), wrapped bitcoin (WBTC), and stablecoins, subsequently trading the majority on Uniswap.
The initial exploit on June 10 was due to price manipulation, where flash loans were used to manipulate token prices, enabling the attacker to borrow and steal tokens, eventually converting them into ETH.
Following this, on June 13, UwU Lend suffered another exploit, compounding its losses. Details on the second attack were not fully disclosed, but it further underscored weaknesses in the protocol’s security. Blockchain security firms like Arkham confirmed the extent of the losses, highlighting the ongoing challenges faced by decentralized finance platforms in maintaining robust security measures.
On May 27, memecoin protocol Based Doge (BOGE) on the Base network was exploited, mirroring the previous day’s Normie attack. The BOGE team announced the hack on X, confirming the exploitation of a similar vulnerability. The attack method involved exploiting a smart contract vulnerability to mint new tokens.
Following the breach, the team plans to take a snapshot of current token balances and relaunch the project to compensate victims. The hacker transferred approximately 91.4 million BOGE into their account and exchanged them for around 4.47 ETH, significantly devaluing BOGE from $0.002983 to $0.000072, causing a market cap loss of over $2.8 million.
The Base memecoin Normie (NORMIE) experienced a $41.7 million market cap drop in under three hours due to a smart contract exploit . The hacker offered to return 90% of the stolen funds if Normie launched a new token to reimburse holders, using both the recovered and their $2.3 million dev wallet funds.
Despite accepting the deal, Normie’s token value plummeted by 96%. The hacker insisted on a re-launch before returning the funds. The Normie team’s main communication channels faced suspensions, delaying further updates. The breach affected 72,000 holders, leading to significant market fluctuations.
Pump.fun, a Solana-based memecoin launchpad, experienced an exploit that led to the misappropriation of approximately $1.9 million worth of SOL on Thursday. The breach was perpetrated by a former employee who gained unauthorized access to Pump.fun’s admin privileges. The attacker used flash loans on a Solana lending protocol to buy out memecoins, affecting $1.9 million out of $45 million in liquidity within the bonding curve contracts.
The platform promptly paused trading and upgraded its contracts to prevent further damage. To compensate affected users, Pump.fun announced plans to replenish the liquidity pools with an equal or greater amount of SOL and set trading fees to 0% for the next seven days.
The exploiter, identified as “Stacc” on X, admitted to the act and criticized Pump.fun’s management.
BlockTower Capital, a prominent crypto investment firm, experienced a significant security breach, leading to the partial draining of its main hedge fund, as reported by Bloomberg. The exact amount of the stolen funds remains undisclosed and the attacker has not been apprehended.
The firm has engaged blockchain forensics experts to investigate the incident. BlockTower did not provide further comments on the situation. This incident follows a previous loss of $1.55 million in TrueFi tokens in February 2023 due to an exploit.
Founded in 2017, BlockTower has invested in notable crypto and web3 firms such as Dapper Labs, Sky Mavis, and Aptos Labs. Despite the breach, the firm continues to be a significant player in the crypto investment landscape.
The Gnus.AI AI network faced a significant setback, losing around $1.27 million due to a token-minting exploit on May 5. To address this, the team plans to issue a new version of the Genius (GNUS) token, advising users against purchasing the old one.
CertiK revealed that the attacker obtained the team’s private key starting with 0x18, then exploited Ethereum’s salt data to create fake GNUS tokens on the Fantom network, which were later sold. SuperGenius aims to partially compensate for losses by injecting $1 million, covering 80% of the estimated $1.25 million loss.
Prisma Finance, a decentralized finance (DeFi) protocol, fell victim to an exploit, resulting in approximately $10 million worth of cryptocurrencies being siphoned off on March 28. The security breach was first identified by on-chain security alert provider Cyvers, which detected multiple suspicious transactions associated with Prisma Finance.
As the attack unfolded, Cyvers flagged around $9 million in losses, with an additional $1 million in fraudulent transactions swiftly following. Prisma Finance promptly announced a pause in its protocol operations to conduct a thorough investigation.
The incident underscores the ongoing vulnerability of DeFi platforms to security threats, with crypto hacks totaling over $200 million in losses in 2024 alone, according to blockchain security firm Immunefi.
On March 15, 2024, Mozaic Finance, a DeFi platform, faced a security breach resulting in a $2.4 million loss. The incident targeted the Arbitrum chain on Mozaic, a layer 2 scaling solution for Ethereum, via a compromised private key. The breach, identified by CertiK, involved unauthorized transactions exploiting the “bridgeViaLifi” contract.
Analysis traced the activity to an account initiating significant token transfers, leading to over $2 million in losses. Mozaic Finance promptly addressed the breach, transferring stolen funds to MEXC for potential recovery. Their proactive response underscores the importance of swift action and transparency in DeFi security incidents, setting a precedent for the industry.
BitForex, an online cryptocurrency exchange, vanished after withdrawing nearly $57 million from its hot wallets on February 23, 2024. Users were subsequently blocked from accessing their accounts, highlighting Hong Kong’s ongoing struggle with suspicious crypto entities.
Despite regulatory efforts, BitForex wasn’t listed among the 14 flagged platforms by the Securities & Futures Commission. The company, registered in Hong Kong since 2018, claims to be headquartered there while also registered in the Seychelles, with operational teams in several countries including Germany, Estonia, Singapore, Malaysia, and the Philippines.
Abracadabra Finance, the platform responsible for the stablecoin Magic Internet Money (MIM), fell victim to a hack on January 30, 2024, resulting in a loss of approximately $6.5 million. Consequently, MIM experienced a deviation from its intended value.
CoinMarketCap data reveals that the stablecoin’s market capitalization, initially standing at $100 million, briefly plummeted to $0.76. However, swift actions by the project’s team helped restore the token’s price, leading to a rebound.
Blocksec, a security firm, disclosed that the attackers exploited a vulnerability in the project’s smart contract, exploiting a rounding issue that caused a “precision loss.” The firm’s analysis indicated that about $29 million in assets were still present in the affected contract as of January 30, 2024.
Concentric.fi has experienced a “serious” security breach through a targeted social engineering attack. The attacker compromised a deployer wallet, which allowed them to exploit the protocol. Despite having audited vaults, the upgradability of these vaults made the protocol vulnerable. A thorough investigation, in collaboration with security researchers, to release a post-mortem report has begun.
A report from CertiK, a blockchain security platform, reveals that the attack has resulted in losses exceeding $1.8 million. CertiK notes that the wallet involved in the attack is associated with the wallet responsible for the exploit on the OKX decentralized exchange that occurred on December 13. This suggests a potential connection between the two incidents, indicating the possibility of the same individual or group behind both attacks.
The team stated on X that it plans to resolve the issue, mitigate losses and safeguard the community’s interests, apologizing for any inconvenience caused.
Socket.Tech, was exploited on Jan. 16, impacting several Web3 applications. The attack focused on Bungee Exchange, a component of Socket Protocol bridging Ethereum and 12 EVM chains, resulting in a $3.3 million loss. The hacker exploited a flaw in SocketGateway, allowing unauthorized fund transfers from users who granted it unlimited access. PeckShield reported the theft, confirmed shortly after by Socket Tech.
Approximately 700 victims were affected, with the largest loss being $656,000 USDC. The attacker used privacy-focused exchange FixedFloat to exploit a system vulnerability in processing user data.
Gamma Strategies, a DeFi protocol, suffered a $3.4 million loss due to a vulnerability in its accounting mechanism. The exploited vulnerability involved the attacker withdrawing more that 1500 ETH by exploiting a high price change threshold in LST and stablecoin vaults. The Security firm PeckShield has since confirmed the incident.
The protocol has disabled deposits to all public DeFi vaults, maintaining active withdrawals for users. The inconsistency in deposit and withdrawal accounting mechanisms was identified as the root cause. Gamma Strategies operates on Ethereum.
CoinsPaid, an Estonia-based digital asset processor, experienced a $7.5 million hack, its second in six months. The breach involved unauthorized withdrawals of Tether, Ether, USD Coin, and CPD tokens. The hacker exchanged CPD tokens for Ethereum and transferred them to various exchanges, with a total loss including over $1 million in BNB Coin.
The previous July hack, potentially linked to the Lazarus Group, involved sophisticated social engineering. Despite investigations and a police report, CoinsPaid has not commented on the recent breach. Security firm Cyvers has publicized the hacker’s digital address.
Radiant Capital, a cross-chain lending platform, has suspended lending and borrowing on the Arbitrum network after its newly introduced USDC market suffered a flash loan attack. The attack, occurring seconds after the market’s launch, exploited the codebase, leading to a $4.5 million loss.
Blockchain security firms PeckShield and Beosin identified the vulnerability and the manipulation of the ‘index parameter’ as the cause. Radiant acknowledged the breach, assuring that no existing funds were at risk, and has postponed any further action until a full review is completed and the Arbitrum markets are reopened.
South Korea’s Orbit Chain lost over $80 million due to a hack linked to compromised multisig signers. The breach involved various cryptocurrencies, including stablecoins, wrapped Bitcoin (WBTC), and Ether (ETH), which were transferred through mixers. This incident is part of a pattern of security issues for Ozys’ projects, including previous hacks on KlaySwap and Belt Finance.
The situation underscores the persistent risks in crypto security, particularly with multisig wallets and private key management, highlighting a need for improved safeguards and lessons from past breaches. As of yet, there is no information on whether the victims will receive stolen crypto.
The year 2023 has been marked by numerous high-profile cryptocurrency hacks, underscoring the ongoing vulnerabilities in the digital asset space. The below table highlights the most significant breaches during the year. Understanding these incidents is crucial for enhancing security measures and safeguarding assets in the evolving crypto landscape.
Target | Date | Estimated Loss |
Mixim Breach | September 23, 2023 | $200 Million |
Euler Finance | March 13, 2023 | $197 Million |
Multichain | July 6, 2023 | $126 Million |
BonqDAO | February 01, 2023 | $120 Million |
HECO Bridge and HTX hack | November 23, 2023 | $115 Million |
Atomic Wallet | June 03, 2023 | $100 Million |
CoinEx Hack | September 12, 2023 | $70 Million |
Curve Finance | July 30, 2023 | $60 Million |
Kyber Network | November 22, 2023 | $54.7 Million |
Stake.com Hack | September 04, 2023 | $41 Million |
CoinsPaid Phishing Scam | July 22, 2023 | $37 Million |
Krosnos Research | November 19, 2023 | $26 Million |
Bitrue Exchange | April 14, 2023 | $23 Million |
Angle Protocol | March 13, 2023 | $17.6 Million |
Platypus Finance | October 12, 2023 | $9.2 Million |
Safemoon | March 28, 2023 | $9 Million |
dYdX Hack | November 17, 2023 | $9 Million |
LendHub | January 12, 2023 | $6 Million |
Deus Finance | May 05, 2023 | $6 Million+ |
LastPass Hack | October 25, 2023 | $4.4 Million |
Trust Wallet | February 08, 2023 | $4 Million |
Stars Arena | October 09, 2023 | $3 Million |
Telcoin | December 26, 2023 | $1.3 Million |
Coins.ph | October 23, 2023 | $445K |
Balancer | September 19, 2023 | $238K |
Kucoin’s Twitter Scandal | April 24, 2023 | $23K USDT |
MyAlgo | February 27, 2023 | Customer Information |
Smart contracts, if poorly coded or unaudited, may contain vulnerabilities or bugs that hackers can exploit to manipulate contract functionalities, leading to unauthorized access or alterations, potentially causing loss of funds stored within the contract.
Crypto exchanges can be targeted for hacks due to their vast amounts of assets, vulnerabilities, inadequate security measures, or internal malpractices that may lead to unauthorized withdrawals, data breaches, or other exploitations.
Users can secure crypto wallets by using hardware wallets for significant amounts, employing solid and unique passwords, enabling two-factor authentication, and being vigilant against phishing attempts and malicious software.
DeFi platforms can be susceptible to attacks like flash loan attacks, front-running, and exploits due to smart contract vulnerabilities, which can be orchestrated to drain funds or manipulate market conditions, highlighting the need for thorough platform assessment and cautious investment.