Hacked Exchanges since 2011

[VB1001]

DENVER – Decentralized finance (DeFi) project bZx has suffered an attack in which a hacker successfully gamed multiple DeFi protocols to extract $350,000 from the platform, about 2 percent of the assets under management.

The attack could be symptomatic of a continuing issue in DeFi, said Chainlink CEO Sergey Nazarov at the event: how to source price information.

The attack was even more notable because of its timing as the team had to deal with the hack during the ethereum community’s
EthDenver hackathon, which largely focuses on DeFi.

https://www.coindesk.com/exploit-during-ethdenver-reveals-experimental-nature-of-decentralized-finance

[Dmasked]

I do not trust exchanges to store my cryptocurrencies. Even the popular exchanges have a history of hacked and stolen cryptocurrencies so I only hold my funds on exchanges when I need to trade them. When you are offline the assets on your exchange is highly vulnerable to being hacked. So store your assets in secure wallets to avoid risks.

[VB1001]

https://twitter.com/TradeSatoshi/status/1230509341142220800

TRADESATOSHI CRYPTO EXCHANGE SHUTS DOWN, USERS REPORT FOUL PLAY

TradeSatoshi, a popular UK exchange that opened for business in 2015, has announced this week that it will be closing up shop. Traders who used the platform, however, are reporting that they cannot get their funds returned.

https://bitcoinist.com/tradesatoshi-crypto-exchange-shuts-down-users-report-foul-play/

[VB1001]

Trident Crypto Fund Data Breach: 266,000 Passwords Stolen

In a major privacy breach, the usernames and passwords of more than a quarter of a million Trident Crypto Fund customers have been stolen and published online.

Technical director of cybersecurity firm DeviceLock Ashot Oganesyan told Russian news outlet IZ the database — which contains email addresses, cellphone numbers, encrypted passwords and IP addresses — had been uploaded to various file sharing websites on February 20.
Earlier this week, hackers decrypted and published close to 120,000 of the passwords, potentially enabling them to log into affected users’ accounts and access their funds.

10,000 Russians affected

https://cointelegraph.com/news/trident-crypto-fund-data-breach-266-000-passwords-stolen

[KyoRider]

yet people arent still learning from these hacks.. still using unsecured and unreliable exchanges. 

[rijaljun]

yet people arent still learning from these hacks.. still using unsecured and unreliable exchanges. 

I am not trying to defend then, but those who use unreliable exchanges are probably looking for more profit by taking more risk during the process.

We can't judge them by only one point of view.

[VB1001]

Network of Fake Bitcoin QR Code Generators Stole $45,000 in March

A network of malicious QR code generators has stolen more than $40,000 from Bitcoin (BTC) users in one month.

At least nine fake Bitcoin-to-QR code generators have been spotted in recent weeks, with security researcher, Harry Denley, first tweeting that he had identified two domains hosting fake QR code applications on March 22.

Denley later identified seven other domains sharing the same interface — suggesting that they are all created by the same developer.

The malicious websites are

-bitcoin-barcode-generator.com
-bitcoinaddresstoqrcode.com
-bitcoins-qr-code.com
-btc-to-qr.com
-create-bitcoin-qr-code.com
-free-bitcoin-qr-codes.com
-freebitcoinqrcodes.com
-qr-code-bitcoin.com
-qrcodebtc.com.

https://cointelegraph.com/news/network-of-fake-bitcoin-qr-code-generators-stole-45-000-in-march

Be careful where you generate QR codes, the safest way to do it is from your own wallet, do not trust external pages.

[Flux0z]

This is pretty crazy when you sit down and look at this list. That's a LOT of money we're dealing with here.

I'm sure DEX's will be the answer to our prayers eventually, as a REAL DEX cannot be hacked, 100% trustless and permissionless, which is making it very appealing.

The problem with most DEX's is: Speed, and Liquidity.

Stakenet's Lightning Network compatible DEX solves both of these issues. Trading through the Lightning Network reduces fees, and makes trading happen pretty much instantly, furthermore their "DEX Aggragator" will combine multiple DEX orderbooks together and provide a TON on liquidity.

Here's a screenshot:

[VB1001]

https://twitter.com/bisq_network/status/1247650606875099136

edit:

hacker hits bisq for $250K
https://www.coindesk.com/hacker-exploits-flaw-in-decentralized-exchange-bisq-to-steal-250k

what % of your btc is on an exchange? I used to have 1%, now much less.

Trading halted until v1.3.0 hotfix

https://bisq.community/t/trading-halted-until-v1-3-0-hotfix/9208

[Chaco]

I hope this year no more hack exchange to add in that list and for the team of the trading sites make sure to secure your system and also the information of your traders/user because they are affected to that also and posaible their real Identity to be compromised just like for the exchange who required KYC.

The list of attacks will continue to grow. Exchange owners need to insure funds so that users do not suffer from hacker attacks. Users also do not need to store large amounts on exchanges

[VB1001]

A DeFi App Was Just Hacked for Over $300,000 in Ethereum & Bitcoin

Reports indicate that on April 18th, a leading protocol was just hacked for a large sum of Ether and tokenized Bitcoin.
$300,000 in Ethereum & Bitcoin Swiped

https://bitcoinist.com/a-defi-protocol-was-just-hacked-for-over-300000-in-ethereum-bitcoin/


Weekend Attack Drains Decentralized Protocol dForce of $25M in Crypto

Decentralized finance protocol dForce has lost over 99 percent of its assets in an attack Saturday night, according to DeFi Pulse.

Lending protocol Lendf.me saw some $25 million in ether (ETH) and bitcoin (BTC) exit its wallets late Saturday and early Sunday after its money market pool was attacked. Lendf is one of two protocols supported by the dForce Foundation.

https://www.coindesk.com/attacker-drains-decentralized-protocol-dforce-of-25m-in-weekend-attack

[bearexin]

These decentralized finance things are somehow getting easier and easier to get hacked, I mean they are saying its decentralized but in reality they are becoming more centralized to hackers apparently What is the point of creating a defi system just because you think everything should be decentralized and not centralized?

I mean I get it, I love the decentralization in bitcoin but at the same time bitcoin can do it and it is against hacking as well and its quite good at being one, yet exchanges who are disliking and dismissing the centralized exchanges like binance should be capable of holding the funds there, if you are not capable of "not getting hacked", I am sorry but it is obvious why people would prefer binance or any other centralized company over the defi ones easily.

[VB1001]

Binance Quashes Upbit Hackers’ Attempt to Launder Stolen Funds

Binance CEO Changpeng "CZ" Zhao tweeted soon after that the funds had been successfully frozen and that the money would shortly be returned to Upbit. The time between hackers transferring the ether to Binance, and the exchange blocking funds, was little more than half an hour.

https://www.coindesk.com/binance-upbit-hacker

https://twitter.com/cz_binance/status/1260609983051227137

[pakhitheboss]

Cryptocurrency exchanges have become an easy target for hackers. The list is enormous and the amount lost is staggering. New upcoming exchanges are more vulnerable to attacks. In most cases it has been an insider job or a rival exchange.

This business is so lucrative that everyone wants to have a pie of it but none of them want to safe guard investors money. It is sad to see so many name in this list every year.

[FanEagle]

It is awesome that Binance managed to get all that money and realized that money was from the upbit and actually decided to even give it back to upbit as well. That is like the best type of friendship you could find in the exchange world, Binance knows how hard it is to run an exchange so they are making friends with the other exchanges instead of being rivals.

Think about it, it is quite easy to just keep the money because you want some other exchange to bankrupt, they are your rival after all and it doesn't make sense to help them out financially, they will be doing better thanks to your move and be your competition.

In face of all of that actually helping out and being friendly worths a lot. CZ was always the reason why I prefer binance, dude basically is the epitome of a successful crypto person.

[Shallow]

With this long lists of hacked exchanges and probably even more to come, it can't be overruled that exchanges are not secured mostly centralized exchanges; although some were able to manage it, a good number weren't which lead to terrible losses. Moreover, so far exchanges will continue existing, hackers will always see them as a potential place to steal from. Thus, as many have said and will continue saying, if one cares for the safety of his assets then the only line of security is keeping those huge assets off exchanges.

[psycodad]

VB1001, there seems to be a new candidate for addition to your list:

https://exchange.thecoin.pw/

TheCoin.pw

Important Message

TheCoin.pw exchange has been a target of a serious breach and a number of coins have been stolen. Unfortunately due to this upsetting incident TheCoin.pw has decided to discontinue the operation of the exchange and the mining pools.

The exchange and mining pools have been taken offline to prevent any further damage from occurring.

TheCoin.pw will attempt to distribute remaining coins as best as possible, it is recommended that exchange users raise a support request by going to https://support.thecoin.pw and requesting balances be paid out.

We are extremely sorry it has come to this and we are extremely sorry for any inconvenience caused.

Regards

TheCoin.pw Team

[bitbunnny]

With this long lists of hacked exchanges and probably even more to come, it can't be overruled that exchanges are not secured mostly centralized exchanges; although some were able to manage it, a good number weren't which lead to terrible losses. Moreover, so far exchanges will continue existing, hackers will always see them as a potential place to steal from. Thus, as many have said and will continue saying, if one cares for the safety of his assets then the only line of security is keeping those huge assets off exchanges.

Well, exchanges were never ment to be wallets and people very often use them to.stores their coins there.
Of course they are attractive to hackers, usually they are easy money and until recently exchanges didn't care too much about security.
I have a feeling that situation has slightly improved but still you shouldn't store your coins there, except the amount you wish to trade.
Exchanges will always be hacker's targets as well as banks will be always robbed by robbers. The only question is how much we can do to protect ourselves and customer policy that each exchange.has is also very important.

[Subbir]

Most of the exchange sites within the crypto market are new and therefore the number of hackers is increasing That's why I exploit the Trusted Wallet to secure my crypto. No hacker can steal using the 2fa code to guard his wallet. this may keep our assets safe and make transactions much easier KYC sites are hacked more when exchanging. Hack exchange sites invite KYC and keep exchanging new links in order that they don't steal all our data Banks work for his or her own benefit.

[fillippone]

Hello,
You might find interesting that GS, in his infamous last presentation, added a list of hacked exchanges to demonstrate Bitcoin is subject to hacks. (Logic fallacy here)



The rationale to use such an argumentation is intellectually embarassing, but maybe you want to add to your thread.

Have a look here for the orginal slides:

Re: @GoldmanSachs:“Implications of Current Policies for Inflation, Gold and Bitcoin"