Cryptocurrency exchange Bybit recently fell victim to a staggering $1.5 billion hack, marking the largest cryptocurrency theft ever recorded. The attack, which targeted a supposedly secure “cold wallet” used for ether tokens, has sent shockwaves through the industry.
Bybit CEO Ben Zhou confirmed the breach last week and emphasized that cold wallets (typically stored offline to minimize hacking risks) were not immune to exploitation. Blockchain research firm Elliptic described the incident as “almost certainly the largest known theft of any kind of all time,” more than double the previous largest crypto theft.
The crypto industry has long been a prime target for cybercriminals, and attacks and security breaches are becoming alarmingly frequent. In 2024 alone, hackers stole more than $2 billion from various platforms, marking the fourth consecutive year that cryptocurrency-related thefts surpassed the $1 billion threshold.
Below, we take a look back at some of the biggest cryptocurrency thefts in history, highlighting the ongoing security challenges facing the industry.
Poly Network: $610 million (August 2021)
In one of the largest DeFi-related breaches, hackers siphoned $610 million from Poly Network, a platform that enables cross-chain token transfers. Surprisingly, the attackers later returned almost all of the stolen funds, citing a desire to “expose security flaws” rather than profit from the theft. The incident highlighted the vulnerabilities of decentralized finance (DeFi) platforms, which operate outside the traditional financial system.
Red Ronin: $540 million (March 2022)
Ronin Network, the blockchain that powers the popular online game Axie Infinity, suffered a $540 million hack when cybercriminals stole 173,600 ether tokens and 25.5 million USD coin tokens. According to US officials, the attack was linked to a group of North Korean hackers, raising concerns about state-sponsored cybercrime in the cryptocurrency sector.
Coincheck – $530 million (January 2018)
Tokyo-based cryptocurrency exchange Coincheck lost $530 million when hackers breached one of its “hot wallets” and depleted customer funds. The attack highlighted the risks of storing digital assets online, as hot wallets are much more vulnerable to cyber attacks compared to offline cold storage. South Korean intelligence agencies later suggested that North Korean hackers were behind the breach.
Mount Gox: $500 million (2011-2014)
The collapse of Mt. Gox, one of the first and most infamous cryptocurrency thefts, remains a warning. Once the world’s largest bitcoin exchange, Mt. Gox handled 80% of global bitcoin transactions before hackers exploited security weaknesses, stealing nearly $500 million worth of bitcoin between 2011 and 2014. The company eventually filed for bankruptcy, leaving 24,000 customers without access to their funds and setting a precedent for regulatory scrutiny in the world. cryptocurrencies.
Wormhole: $320 million (2022)
Decentralized finance platform Wormhole lost 120,000 ether tokens in a $320 million hack last year. The exploit shook the DeFi ecosystem, exposing vulnerabilities in cross-chain token transfers. In an unexpected twist, Jump Trading, the parent company of Wormhole’s developer, stepped in to replace the stolen funds, stabilizing the platform and reassuring its community.
With cyberattacks on crypto exchanges and DeFi platforms showing no signs of slowing down, the Bybit hack serves as another warning about the urgent need for stronger security measures. While blockchain technology promises decentralization and financial innovation, these unprecedented thefts highlight the risks involved in an industry still struggling to protect digital assets from sophisticated cybercriminals.
Also Read: SEC Closes Robinhood Crypto Investigation Without Action