Bitcoin is the internet of money, and just like the internet is a haven for hackers so is Bitcoin. Due to the pseudoanonymous nature of Bitcoin, hackers never give up on trying to hack exchanges and steal coins. This article presents the top 8 Bitcoin hesits in history based on dollar value.
#1. MtGox – $400 Million
MtGox (“Magic: The Gathering Online eXchange”) was initially a domain set up to trade Magic The Gathering cards like stocks. Eventually the owner learned about Bitcoin and saw an opportunity to open an exchange. The domain was repurposed to form a Bitcoin exchange and shortly afterwards a man by the name of Mark Karpeles bought the site. A few months after running on June 2011 the Bitcoin exchange faced with it’s first major hack which cost them at least 25,000 or an equivalent $8 million at the time. This brought the site down for a few days but operations ultimately resumed.
During the next 2 years the exchange gained much traction dominating all other Bitcoin exchanges with both volume an user base. However, it all ended when a major heist brought the exchange to it’s knees. Allegedly, a hacked stole $400 million worth of Bitcoins from the exchange’s wallets rendering it insolvent and thus declaring bankruptcy. Karpeles response to the hack seemed very vague and too calm:
“We had weaknesses in our system, and our bitcoins vanished. We’ve caused trouble and inconvenience to many people, and I feel deeply sorry for what has happened,”
As the investigation by law enforcement panned out, because there was no hard evidence to who the hacker was Karpeles was charged with embezzlement. There is pending legal action against him in Japan where he currently resides.
#2. Sheep Marketplace – $100 Million
Sheep Marketplace was once a very popular darknet market right behind the now defunct Silk Road. Available only through tor users could buy all types of drugs, illicit material, and other illegal items. As a darknet market it dealt exclusively with Bitcoin, so when the owner decided to fold and take down the site, he took with him over $100 million in users’ funds. It was labeled as the largest darkent exit scam in history. Karma is a bitch and justice has been served when Thomas Jiřikovský was arrested as the owner of Sheep Marketplace when he tried laundering his proceeds to buy a luxury condo.
#3. Evolution Marketplace – $12 Million
Evolution Marketplace was yet another popular darknet market, at the time it dominated the black market competition with over 50% total marketshare. The owners of the market decided to fold one day either due to fear from deanonymization by law enforecemnt or simple paranoia. However, with them they owners took over $12 million of users’ funds. The owner only known by the name “Verto” released a statement you only expect in a movie explaining he stole the users’ funds and what he was going to do with them:
Due to unforseen events I decided to close down Evolution Marketplace. We want to thank you guys for you effort and help making this the most profitable and popular marketplace. This wasn’t an easy decision but due to other marketplaces getting shut down and the forum going downhill I decided to cut my ties and exit with an eight figure profit. The millions from evo will be divided up amongst the mods a few admin and members. Since this is such an abundance of money I may consider buy ins from former evo members in exchange for 1k bitcoinis. I’ll be around around for a short period of time before permanently moving to the caribbeans, I hope you guys understand.
#4. Cryptsy – $6 Million
Cryptsy was once one of the most popular altcoin exchanges having hundreds of coins listed with some of the highest trading volume. The exchange has always been dodgy in regards to regulations and transparancy which is one of the reason for it’s downfall. Due to having virtually no regulation the owners added cryptocurrencies left and right without vetting the code. Allegedly, a coin by the name Lucky7Coin contained malware which was responsible for the loss of more than $6 million in Bitcoin.
The key word here is Allegedly, Paul Vernon the owner of the exchange decided to bail on his customers and flee to China instead of facing the music in the United States and either face charges of embezzlement or aid with the investigation of the alleged hack. Furthermore, there are rumors of Mr. Vernon starting a new exchange in China by the name BiteBi9.
#5. Bitstamp – $5 Million
Bitstamp is a fully regulated and licensed Bitcoin exchange based in the UK. However, no amount of regulation will save a company from a phishing attack. In January of 2015 the exchanged faced a major loss of 19,000 Bitcoins totaling to around $5 million at the time.
The details of the hack stem from the company’s System Administrator Luka Kodrič’s laptop. The investigation uncovered the hacker gained access to Bitstamp’s wallet files by phishing Luka Kodric. Gaining access to his credentials he was able to log into his account and transfer roughly 19,000 Bitcoins to unknown addresses. Humans will always be the weakest link in a secure system. education of employees on possible attack vectors and vulnerabilities is as important as software security.
#6. Bitpay – 1.8 million
Bitpay is a payment processing service for Bitcoin, it enables merchants to easily accept Bitcoin and convert them to US dollars. Surprisingly, the heist which plagued Bitpay is quite similar in nature to the Bitstamp hack. The attacker first used social engineering tactics and posed as the CEO of a major Bitcoin media company to obtain access to BitPay’s CFO Bryan Krohn’s account. These credentials were then used to social engineer BitPay’s CEO Stephen Pair to send 3 transactions totaling 5,000 Bitcoins equivalent to $1.8 million at the time.
BitPay filed a claim with their insurance for $950,000 in damages and when the inurance refused to pay out the claim they took it to court. Due to the nature of the hack and the fact that BitPay’s executive authorized the payment, the heist doesn’t fall in their policy and thus relieves all responsibility from the insurance. Despite the hack BitPay is still in operation and maintains a good reputation in the community.
#7. BTE-R – 1.75 Million
BTE-R was once a very popular altcoin exchange similar to Cryptsy, the main difference is that BTE-R is based in the British Virgin Islands while Cryptsy was based in the US. Furthermore, after the hack which emptied the exchange’s pockets it is still in operation today. There aren’t much details to the specifics of how the attack was performed except for the transaction that BTE-R provided which shows the roughly 7000 stolen BTC, $1.75 Million at the time, surprisingly a year later the coins still haven’t moved.
That wasn’t the first time BTE-R was hacked, just a year earlier the exchange suffered a major heist which cost them $1.65 million. Hackers withdrew 50 million NXT worth $1.65 million at the time, surprisingly the exchange decided to not roll back transactions and instead work with the hacker to recover the stolen funds as they supposedly had his dox.
We have decided not to rollback but get the stolen funds back from the hacker since we have got lots of information of him.
— Bter.com Exchange (@btercom) August 15, 2014
Eventually the exchange reached a deal with the hacker and were able to recover approximately 43 million nxt which cost them roughly 300 BTC. Not a bad deal for recovering over $1 million in lost funds.
#8. FBI Agent – $800k
During the investigation into Silk Road and it’s seizure a crooked FBI agent by the name Carl Force used his powers to extort and steal over $800,000 worth of Bitcoins from the market. Force tried extorting the mastermind behind Silk Road – Ross Ulbricht – for over $250,00 and took on different personas to try and sell him inside info about the investigation relating to Silk Road.
Furthermore, Force used his position at the now defunct CoinMKT Bitcoin exchange to seize customer accounts and steal their funds. All in all the amount of funds stolen added up to a bit over $800,000 and Force plead guilty to the charges presented. He was consequently charged with wire fraud, theft of government property, money laundering and conflict of interest which landed him 6.5 years in prison.
While Bitcoin may seem like the perfect currency for criminals, when one steals Bitcoin the whole world can track those funds around the blockchain. If the hack was significant enough, Bitcoin companies all over the world can collaborate to find the hacker. Out of our top 8 Bitcoin heists only 4 hackers were able to remain anonymous and keep the funds. Even so, half of those stolen coins haven’t moved, possibly for fear of being deanonymized.