The cryptocurrency industry has lost over $10 billion to hacks, exploits, and theft since Bitcoin’s inception. Each major hack taught the industry lessons — some of which were learned, and some of which were apparently not. Here are the most consequential security failures in crypto history.
Mt. Gox (2014): 850,000 BTC stolen ($450 million at the time, worth $50+ billion at 2024 prices). The Tokyo-based exchange, which handled 70% of all Bitcoin trading, slowly lost funds over years through security failures that went undetected. CEO Mark Karpelès was arrested. Creditors waited a decade for partial repayment, which finally began in 2024.
Ronin Bridge (March 2022): $625 million stolen by North Korea’s Lazarus Group. The Ronin sidechain (built for Axie Infinity) used only 9 validator nodes, and the attacker compromised 5 of them — gaining enough control to authorize fraudulent withdrawals. The hack wasn’t even detected for six days. Sky Mavis (Ronin’s operator) repaid users with venture capital funding.
Poly Network (August 2021): $610 million exploited through a smart contract vulnerability. In a bizarre twist, the hacker returned all funds, claiming they hacked “for fun” and to expose the vulnerability. Poly Network controversially offered the hacker a security advisor role.
Wormhole (February 2022): $325 million exploited through a bridge vulnerability on Solana. Jump Crypto (a Wormhole investor) quietly replenished the stolen funds from its own reserves, preventing ecosystem damage.
FTX (November 2022): ~$400 million drained from FTX wallets hours after the exchange filed for bankruptcy, in what appeared to be an inside job or opportunistic hack exploiting the chaos of collapse. The pattern across these hacks is clear: bridges and centralized points of control are the weakest links. The largest DeFi hacks exploited bridge vulnerabilities, not core protocol logic. The industry’s response — better auditing, bug bounties, formal verification, and reduced trust assumptions — has improved security, but billions remain at risk as long as bridges transfer value between chains.
Leave a Reply