News - The 10 biggest Bitcoin hacks of 2023
By
Overall, 2023 was a good year for the crypto market. But there were also setbacks: These were the most successful crypto hacks of 2023.
Not only investors should be happy with the strong performance of Bitcoin (BTC), Ether (ETH) and co. Because the past year has also brought cryptohackers full pockets. We present the 10 most successful hacks of the year.
We begin our journey of cryptohacks early in the year. To be exact, on Feb. 27. A previously unknown hacker managed to compromise Algorand's MyAlgo wallet and use it to steal cryptocurrencies from various users. The total loot amounted to $9.2 million.
DeFi were also irritated by a hacker attack a short time later. On April 12, 2023, misconfigurations in the yUSDT Vault (a type of wallet) allowed hackers to exploit a vulnerability in the Yearn Finance protocol. They were able to steal a total of $11.54 million dollars from the platform. It was later revealed that much of the loot was pursued through Mixer and thus would have disappeared forever.
The 8th largest cryptohack of the year also took place in April. Just days before the Yearn Finance debacle, hackers took down the South Korean crypto exchange GDAC. The hackers had wiped out $13 million, nearly a quarter of the crypto exchange's total assets.
Because it was so beautiful, we will stay in April 2023 - the most successful month in our list so far. On April 14, Singaporean Bitcoin exchange Bitrue was also attacked by cyber pirates. They penetrated the exchange's hot wallets and managed to capture a total of $23 million in the form of cryptocurrencies.
On July 22, the infamous North Korean hacker group Lazarus struck. In a concerted effort, the perpetrators managed to steal multiple U.S. dollars from crypto-payment service provider CoinsPaid. The attack was the result of a six-month social engineering campaign in which the hackers distributed infiltrated software around the world. This allowed them to collect $37.7 million.
On September 4, 2023, the online cryptocasino Stake.com was attacked. As suspected, the masterminds here also came from North Korea. Poorly secured hot wallets were the gateway for the attackers. The estimated loss is $41 million in cryptocurrencies.
With Curve Finance, another DeFi makes it into this unclaimed hit list. While the sun was shining on the heads of crypto investors, attackers fired up the protocol's trading pools with attacks on July 30, 2023. The attack was enabled by problems with the Vyper programming language. When the vulnerability became known, a number of free riders apparently jumped on the hacking bandwagon and got rich together. A total of $61.7 million was extracted from the protocol as a result. One small bright spot: Some white-hat hackers were able to recover at least some of the lost money.
It keeps getting worse. In June of this year, the Lazarus Group compromised the Atomic Wallet and was able to steal $100 million in the form of cryptocurrencies. It is suspected that a not insignificant portion of the cyber robbery is flowing to funding the North Korean nuclear program.
Many chains, big losses: On July 6, more than $125 millionoe in the form of cryptocurrencies was extracted from Multichain Protocol. The target of the attack were the smart contracts of "Bridges," Multichain's business model. This allows cryptocurrencies or their values to be transferred between different blockchains ("bridging"). Among others, the company's former CEO, who was arrested shortly thereafter, came under unconfirmed suspicion.
A hacker named Jacob topped our crypto hit list. He was able to extract $197 million from the log using a Flash Loan attack. However, Jacob decided to return the money a short time later. At least someone did!