Crypto hacks and scams have been the most plaguing issue in the industry. Many believe that the relentless hacks and the staggering amount of assets stolen from the industry every year are the key reasons behind crypto’s failure to achieve mainstream adoption.
The amount of cryptocurrency stolen more than doubled in the first half of 2024 compared with the previous year. By June 2024, hackers had stolen more than $1.38billion worth of tokens, which included attacks on exchanges, DeFi protocols, smart contract exploits, and rug pull scams.
It seems that hackers are setting records every year, and the industry is struggling to make fundamental changes to stop these thefts. Here’s an analysis of some of the biggest crypto hacks we saw this year, including the most recent Radiant Capital breach that shocked the industry.
Key takeaways
- The biggest crypto hacks of this year include the Radiant Capital breach, BingX exchange hacks, WazirX hack, PlayDapp breach, and a Bitcoin Whale’s wallet compromise.
- The crypto and DeFi industry lost more $1.5billion this year as of October.
- Users should prioritize private key security and leverage cold wallets to ensure their funds are safe.
1. Radiant Capital Hack – $50m
Radiant Capital suffered a significant cyberattack recently, resulting in the loss of over $50m. This event marked the second exploit the DeFi platform has experienced this year, following a $4.5m breach in January. The attack was highly sophisticated, targeting the protocol’s multi-signature (multisig) wallet, which requires a consensus from 11 signers to authorize changes. Here’s a breakdown of the attack:
What happened?
On 24 October, attackers gained control of Radiant Capital’s smart contracts by compromising three out of the 11 private keys controlling the protocol. This breach allowed them to alter the platform’s smart contracts, ultimately leading to a large-scale theft of user funds.
The stolen assets, initially held on the Binance BNB Chain and Ethereum layer-2 network Arbitrum, have since been moved to the Ethereum network, making asset recovery more challenging.
How the Radiant Capital hack took place
The hackers compromised the hardware wallets of at least three of Radiant’s developers, injecting malware to manipulate transaction data at the device level. This allowed the attackers to generate ‘poisoned signatures’ that appeared legitimate to the multi-signature wallet used by Radiant.
By presenting these seemingly legitimate transactions, they bypassed multiple layers of verification, including Web3 tools like Tenderly and other auditing platforms.
Using this method, the hackers were able to gain approval for the multi-signature transactions and subsequently transferred the funds to wallets they controlled. This attack was unprecedented due to the complexity of the malware used and the multiple verification steps it overcame, making it one of the most sophisticated DeFi hacks to date.
Radiant Capital is actively collaborating with U.S. law enforcement and the Web3 cybersecurity firm ZeroShadow to track and freeze the stolen assets.
2. BingX Exchange Hack – $52m
In September 2024, BingX, a Singapore-based cryptocurrency exchange, suffered a significant breach, resulting in the theft of over $52m. This hack targeted BingX’s hot wallets, affecting multiple blockchains including Ethereum, Binance Smart Chain, and Avalanche. Initially, the estimated loss was around $26m.
However, further investigation by blockchain security firms PeckShield and Cyvers revealed a total of $52m across various assets like Ethereum (ETH), Binance Coin (BNB), USDT, and USDC.
Details of the attack
The hacker accessed BingX’s hot wallets, which are used for liquidity purposes to enable user withdrawals. Once inside, they moved assets to multiple exploit addresses before swapping the stolen funds into ETH and BNB, which makes tracking and recovering the assets more difficult.
Approximately 5,300 ETH, 4,100 BNB, and over 17 million USDT were stolen, alongside other stablecoins like USDC. The hacker rapidly converted these funds across multiple blockchains, leveraging decentralized exchanges to obscure the trail.
BingX has assured that all affected users will be fully compensated from the exchange’s reserves, and $1m of the stolen funds have already been frozen. Withdrawals resumed after a security inspection, and improvements to their wallet services were implemented.
3. WazirX hack – $230m
WazirX, one of India’s largest crypto exchanges, was hacked in July 2024. This resulted in the theft of over $230m in cryptocurrencies. This was one of the largest hacks in the crypto space that year. The attackers exploited a vulnerability in WazirX’s multi-signature wallet, which required approvals from three WazirX team members and one representative from Liminal, the custody service provider.
Despite this seemingly strong security setup, the attackers manipulated a discrepancy between the transaction data and Liminal’s interface, tricking the system into approving malicious transactions.
The stolen assets included over 5.43 trillion Shiba Inu (SHIB), 15,298 ETH, and millions in other tokens like Polygon (MATIC). The hack was sophisticated, with indications that the attackers had detailed knowledge of WazirX’s infrastructure, suggesting possible insider involvement or advanced reconnaissance.
In response, WazirX suspended all withdrawals to prevent further losses and launched a bounty program to track the stolen funds. They also committed to compensating users for their losses and worked with blockchain analytics firms to trace the stolen assets.
There is speculation that the attackers may be linked to North Korea’s Lazarus Group, a notorious state-sponsored hacking organization.
4. PlayDapp breach – $290m
The PlayDapp breach in February 2024 was a significant security incident that led to the loss of $290m in PLA tokens. The attack occurred in two phases, on 9 and 12 February, due to a private key compromise.
The hacker was able to add their wallet as a minter to the PlayDapp smart contract, allowing them to mint a total of 1.79 billion PLA tokens. In the first attack, 200 million PLA tokens worth $36.5m were minted, followed by a second attack that created an additional 1.59 billion PLA tokens, valued at $253.9m.
Despite this massive minting, the hacker faced challenges converting the stolen tokens. With only 577 million PLA tokens in circulation before the breach, dumping such a large volume on the market would cause the token’s value to plummet, limiting the hacker’s ability to liquidate their gains at market value.
In response, PlayDapp paused its smart contract, contacted law enforcement, and worked with blockchain analytics firms and exchanges to track and freeze the stolen tokens. The team also offered the hacker a $1m white hat reward in exchange for the return of the funds, but the offer was not accepted.
The PLA token’s value fell by over 15% following the breach, and trading was suspended on several platforms. As of October 2024, PLA is down by over 75% in a year.
5. Bitcoin Whale Wallet Compromise – $238m
In August 2024, a major Bitcoin whale holding 4,064 BTC worth approximately $238m fell victim to a highly sophisticated hack. Crypto investigator ZachXBT uncovered this incident, which involved a suspicious transfer from the whale’s wallet.
The funds were quickly distributed across multiple platforms, including THORChain, KuCoin, and privacy protocol Railgun, likely to obscure the trail of the stolen assets.
The wallet, speculated to belong to a Genesis Trading bankruptcy claimant, had received a large amount of Bitcoin (about $37.7m) from a Genesis creditor distribution shortly before the hack. This theft adds to a growing list of major crypto heists in 2024, marking it as one of the largest breaches in the crypto sector this year.
The attack involved transferring the whale’s Bitcoin across different platforms, likely to facilitate laundering, and blockchain security experts are investigating further details.
How to stay safe from crypto hacks?
It seems that hacks and scams have become a constant reality in the crypto space. However, there are precautions that users can take to safeguard funds from hacks like those seen in 2024.
- Use cold storage: Store the majority of your assets in cold wallets (offline wallets), which are not connected to the internet, making them less vulnerable to online attacks. Hot wallets (connected online) should only hold the minimal amount required for regular transactions.
- Enable multi-signature wallets: Multi-signature wallets require multiple keys to authorize a transaction. This adds a layer of security by ensuring no single individual can transfer funds without others’ approval.
- Use hardware wallets: Hardware wallets like Ledger or Trezor provide additional security by storing private keys offline. These wallets reduce the risk of phishing attacks and keylogging malware.
- Be aware of phishing attacks: Hackers often use phishing techniques to trick users into revealing their private keys or signing malicious transactions. Always verify the authenticity of websites, wallets, and emails before interacting with them.
- Regular audits and monitoring: Regularly audit your smart contracts and wallet activities using blockchain security tools. Implement real-time alerts for any suspicious activity or unauthorized access.
- Use privacy tools cautiously: Privacy protocols like Railgun and ThorChain, while useful, can also obscure hacker activities. Users should monitor their funds closely if using privacy tools and ensure they are interacting with reputable services.
A common pattern across the discussed hacks revolves around private key or access control vulnerabilities. Whether through private key compromises, multi-signature wallet exploitation, or phishing attacks, attackers consistently target the control mechanisms that authorize fund transfers.
So, users must prioritize private key security by using hardware wallets for cold storage and ensuring keys are never exposed online. Multi-signature wallets should be configured properly, with trusted signers, to reduce single points of failure. One should always carefully scrutinize all transactions and avoid suspicious links or communications.