In the cryptocurrency world, $1 billion was lost in hacks alone in 2018. That’s a staggering figure. And it’s only going to get bigger.
Poor exchange security, bad education and savvy scammers have all contributed to this phenomenon. But what will it really take to stop them from happening? Coinbase believes education will work. Blockchain analytics companies say they can track the bad guys. And exchanges, well, they clearly don’t seem to have the answer.
While we don’t claim to know the answers, it’s always interesting to take a look back at the biggest Bitcoin-related scams and hacks to gain an understanding of how bad the problem really is. Let’s take a look, from the oldest to the most recent.
And remember folks, if it looks like a scam and smells like a scam, don’t throw all your money at it.
A bug leads to the creation of an extra 184 billion Bitcoin
The one thing most prized about Bitcoin is its beloved 21 million Bitcoin cap. Due to the way it was coded, the amount of newly mined Bitcoin will decrease gradually until this limit. While much of the way Bitcoin operates has been open to discussion, the supply cap is an integral part of its economics, and one that few are willing to even consider changing.
But, in August, 2010, someone had another idea. At the time, there was no code checking the validity of excessively large transactions. So, a hacker broadcasted a transaction sending 184,467,440,737 Bitcoin and splitting it between two addresses, with an extra 0.01 Bitcoin going to the miner.
However, the hacker did not get away with it. Satoshi Nakamoto noticed the excess Bitcoin and performed a hard fork to change the record so it no longer existed. Had this not been fixed, it would have undermined Bitcoin's ability to operate, perhaps fatally. Luckily, it was an easy fix.
Date: August 15, 2010
Media: Charlie Shrem covered it on Hacker Noon here.
Amount involved: 184 billion Bitcoin
Bitcoin Savings and Trust collapses
Would you trust a pirate with your money? What if he offered you a weekly return of seven percent? This was the offer at Bitcoin Savings and Trust, an investment program run by a man called "pirate." Who could ever believe it turned out to be a Ponzi scheme?
Pirate—his real name was Trendon Shavers—claimed he was able to offer such a high rate of return by successfully trading the Bitcoin that was deposited with the “trust.” Yet he appeared unable to deliver on this promise and tried lowering the interest rate to stay afloat. In August, 2012, he defaulted on the money, which it turned out, had been spent on rent, casinos and assorted purchases.
Pirate was later fined $40 million for running the scheme which took in 700,000 Bitcoin, worth $4.5 million.
Date: August 28, 2012
Media: Inside Bitcoins reported on it here.
Amount involved: 700,000 Bitcoin
Be the first to get Decrypt Members. A new type of account built on blockchain.
Experience Web 3.0.
Be the first to get Decrypt Members. A new type of account built on blockchain.Early access
Mt Gox is hacked for $350 million in 2014
The granddaddy of all hacks, Mt. Gox, was a hard lesson that the crypto world needed to be taught. When Bitcoin first started becoming valuable, there were few places to trade it. To solve this problem, Jed McCaleb—who would later help create cryptocurrencies Ripple and Stellar—created the Mt. Gox exchange. It was later bought by Mark Karpeles.
Mt. Gox wasn’t a sophisticated Bitcoin exchange. It was rudimentary and transactions were made through PayPal. But, since there were few options, it became the place to store and trade Bitcoin, and by 2014, accounted for over 70 percent of all Bitcoin trades. And yet, while this was happening, a hacker was slowly siphoning off money from Mt. Gox.
Withdrawal problems started on February 7, 2014, a sign the exchange was having problems. The exchange shut down just weeks later. It was stated at the time that 850,000 Bitcoin was stolen but 200,000 Bitcoin was later found on the exchange. The collapse of Mt. Gox exaggerated the first market crash, as the price of Bitcoin slid from $800 to $400.
Date: February 24, 2014
Media: Wired took a look at it here.
Amount involved: $460 million
Bitfinex loses $73 million in a second hack
There have been many questions raised over the years about the Honk Kong-based crypto exchange Bitfinex, which has a team that’s largely anonymous and appears to be behind Tether—a controversial stablecoin. One perennial questions is, how safe it is to use Bitfinex? It's been hacked twice so far. In 2015, customers lost $400,00; in 2016, a second hack netted nearly $73 million.
The hack was due to a technical issue in the way Bitfinex processed transactions with multiple inputs—known as multisig. Once it was discovered, the price of Bitcoin dropped by almost 20 percent.
On the other hand, Bitfinex has managed to repay most of its investors by issuing tokens to affected customers. It was ordered to pay a $75,000 fine by the U.S. CFTC. Today, Bitfinex still operates as an exchange, though much of it is clouded in mystery.
Date: August 2, 2016
Media: Coindesk covered it here.
Amount involved: $72 million
BitConnect Ponzi scheme collapses
While many have asserted that Bitcoin is nothing more than a Ponzi scheme, BitConnect actually was one. The cryptocurrency-investment program offered average daily returns of one percent, which, supposedly through the miracle of compound interest and a magic trading bot, would turn $1,000 into $36,000 in a year.
Looking back at BitConnect, it's hard to see how so many people failed to see it was a Ponzi scheme. It literally used a pyramid with separate levels to explain how it worked and rewarded you—based on the number of people you brought into the scheme. Remarkably, its own cryptocurrency token, called BCC, was one of the 20 most valuable coins, and had a market cap of over $2.6 billion at its peak.
Was this not a little suspicious? Photo Credit: BitConnect
The scam was short lived, however. Once the pyramid started collapsing (perhaps the miracle trading bot was having a hard time?) the price of the token plummeted from nearly $500 to under 50 cents.
Date: January 16, 2018
Media: The Next Web has a good round up here.
Amount lost: The BitConnect token market cap fell by $2.6 billion
Floyd Mayweather Jr.-backed Centra ICO pulls exit-scam
This was perhaps more damaging to the reputation of Bitcoin that anything. After a series of celebrity endorsements by the boxer, Floyd Mayweather, and rapper DJ Khaled, the Centra card was promoted as a secure way to store and spend Bitcoin, Ethereum and other cryptocurrencies. This added legitimacy to a new form of money that people had been reluctant to try out.
However, Centra had made a number of claims—including a partnership with VISA—that were shown to be false. The New York Times exposed these and the celebrity endorsements (which hadn’t been disclosed as paid promotion) in October 2017. Nearly a year later, the two founders were arrested on federal charges including securities fraud.
Centra had raised $32 million from investors in an ICO. But after the founders were arrested, its cryptocurrency quickly became worthless. Mayweather and Khaled both paid fines totalng more than $700,000.
Date: April 2, 2018
Media: The New York Times reported on it here.
Amount involved: $32 million
QuadrigaCX CEO dies "losing" Bitcoin worth $190 million
Call it a convenient truth: The CEO of Canada’s largest crypto exchange QuadrigaCX— the only person with access to $190 million of customer funds—suddenly, and mysteriously, drops dead. Game over, what a shame? Except the plot thickens: It turned out that during the previous year, QuadrigaCX was to in massive financial trouble and those funds didn't seem to even exist.
Currently a number of class-action lawsuits by QuadrigaCX creditors have been joined into one, now represented by a committee appointed by law firms Miller Thomson and Cox & Palmer. The court appointed monitor, Ernst and Young, has been tasked with safeguarding what money remains on the exchange.
So, what really went on? Kraken CEO Jesse Powell ruminated on what happened in an interview with Decrypt. He provided a number of reasons why an investigation was so badly needed into the QuadrigaCX affair. If that’s not enough, Decrypt laid out the entire story which you can read here. What do you think happened?
Date: February 5, 2019
Media: Decrypt wrote a complete guide here.
Amount involved: $190 million