Security Briefing: The top 5 bitcoin hacks of all time
How do today's hacks measure up to the biggest hacks of all time? Depends on if you use fiat or BTC. Here's a look back...
A few weeks ago, a victim lost about 4,000 BTC when hackers drained the private keys to their Bitcoin Core wallet. At the time, the hack was valued at $243 million, but that incident doesn't come close to previous hacks if you measure them in bitcoin.
Usually when you hear about hacks, they're valued in fiat, but where's the fun in that? Here's a rundown of hacks in BTC terms.
5. Bitstamp: ~19,000 BTC (2015)
A handful of employees at this bitcoin exchange were hit in a phishing attack, resulting in a loss of funds from a hot wallet. Bitstamp survived and is still in operation today.
💸 USD value: ~$5 million
4. Bitfloor ~24,000 BTC (2012)
Bitfloor reportedly had a hot wallet with keys encrypted, but they also had an unencrypted backup on a disk partition which a thief obtained. Oof. The exchange shut down a year later.
💸 USD value: ~$250,000.
3. Bitcoinica ~101,000 BTC (2012)
This company lost bitcoin in three incidents: a third-party server hack, another third-party server hack a month later, and finally, an account drain from Mt. Gox due to poor password hygiene three months later.
💸 USD value: ~$607,000
2. Bitfinex ~120,000 BTC (2016)
A hacker made 2,000 unauthorized transactions out of this exchange. The problem? They had trouble getting other exchanges to accept the funds. In 2022, a married couple was arrested and pleaded guilty to theft and money laundering charges. Bitfinex remains in operation today.
💸 USD value: ~$72 million.
1. Mt. Gox: ~850,000 BTC (2014)
Okay, this was "the big one." This now-defunct exchange lost 850,000 BTC after hackers breached the keys and slowly siphoned the funds. The company filed for bankruptcy in Feb. 2014 but it recovered 200,000 BTC shortly thereafter.
Since then, creditors have waited years for their claims to be paid, and the repayment deadline was just pushed back another year to 2025.
💸 USD value: ~$470 million
8/ Bitcoin was worth about $549 when Mt. Gox collapsed in 2014.
— Nick Neuman (@Nneuman) May 31, 2024
If you had $10,000 in BTC in self-custody, it would be worth $1.2 million today. Instead, Mt. Gox creditors are receiving a fraction of what they held.
Self-custody keeps your assets safe and your options open.
🔑 Key Insight: Bitcoin's price appreciation has resulted in today's hacks being a lot smaller in BTC terms, but we'll see what happens in an age where hundreds of thousands of BTC is housed with ETF custodians.
If you would prefer to sidestep third-party custodians entirely, Casa gives you an easy path to self-custody with your own multisig vault. Explore our vaults here.
Jameson's take: Slow block validation attacks
Could an adversarial miner sandbag bitcoin with difficult to verify blocks in order to secure more transaction fees? Here's a investigation into that attack vector on a technical level to see how it could play out. It's an intriguing look at some of the game theory behind bitcoin blocks.
Lightning Round: Your self-custody questions answered in less than two minutes
Our Casa Advisors get a lot of questions about self-custody, and there are some common themes. We asked Zach, one of our advisors to give us a fast rundown, and he was up to the test.
Get quick insights on bitcoin inheritance, hardware wallets, key replacement, and Casa memberships.
Don't miss out on future updates
Leading-edge security is always changing. Our weekly Security Briefing can help you stay in the know on security, bitcoin, and other digital assets. Sign up for free and get future editions delivered straight to your inbox.