5 Devastating Hacks That Show How Vulnerable Online Wallets Really Are

These hot wallet hacks show why cold wallets are a must-have tool

Read the latest articles in the new NGRAVE Blog.

Crypto wallets are an essential mechanism for sending and receiving digital coins. They come in different forms and those that connect to the internet and are accessed through smartphones, tablets, laptops, and other electronic devices are known as hot wallets.

They’re easy to set up and can be used to move funds quickly, which is especially important to traders and other frequent users. Crypto exchanges that store your funds in their digital infrastructure can also be considered as hot wallet providers.

But constant connectivity is also a major risk factor. As your hot wallet goes online, it becomes susceptible to hacks and many devastating breaches have highlighted just how vulnerable this crypto storage option is.

1. BINANCE — Even The Biggest Get Hacked

Amount: Over 7,000 bitcoin, worth roughly $41 million at the time of the attack ($84M today)

Period: May 7, 2019

Even the largest do not remain unharmed. In May 2019, an unknown hacker group breached a hot wallet from one of the world’s largest cryptocurrency exchanges, Binance. Malicious actors stole API keys, two-factor codes, and over 7,000 bitcoin, worth around $41 million at the time. The company immediately suspended all withdrawals and deposits. The attack affected about 2% of Binance’s bitcoin holdings and the platform announced it will cover user losses with its own set up emergency insurance pool called SAFU (“Safe Asset Fund for Users”). CEO Changpeng Zhao said that his team will introduce significant changes to security protocols and withdrawal validation processes to prevent similar attacks from happening.

Binance notification on the platform regarding the hack in 2019.

2. BITPOINT — A Fifth of the Company’s Value Wiped Out

Amount: 1,225 bitcoin, 1,985 bitcoin cash, 11,169 ether, and 5,108 litecoin, worth around $28 — $32 million at the time of the attack

Period: July 11, 2019

Bitpoint, a crypto exchange run by the Japanese company Remixpoint, was hacked in July 2019. Vast amounts of bitcoin, litecoin, ripple, and ether were found missing from its hot wallet. The loss amounted to $32 million with more than half of it being customer funds. Cryptocurrencies stored in the company’s cold wallets were not affected. Remixpoint promised that it would compensate customers for these losses, and its shares plunged 20% after the hack was revealed.

Immediate 20% drop of Remixpoint’s stock price on the news of the $32M hack

3. BITHUMB — 3rd Time’s The Charm

Amount: 3 million EOS, worth $13.4 million at the time of the hack, and another 20 million Ripple coins (XRP), worth another $6 million

Period: March 29, 2019

Bithumb is no stranger to being hacked. The South Korean crypto exchange was breached for the third time on March 29, 2019, as hackers stole 3 million EOS, worth $13.4 million at the time of the hack, and another 20 million Ripple coins (XRP), worth another $6 million. The funds were taken from the platform’s hot wallets. Fortunately, all the stolen coins were owned by the company and members’ assets were protected in a cold wallet.

ZDNet headline on Bithumb’s third hack in less than 24 months.

4. ELECTRUM — A Months-Long Siege

Amount: 771 bitcoins, worth around $4 million at the time of the attack

Period: Late December 2018 — March 2019

Electrum, a popular bitcoin wallet, was under siege from late 2018 until March next year. Hackers launched a series of phishing attacks that tricked victims into downloading a malicious version of the wallet. Then, they stole wallet keys and seed data. Over 770 stolen bitcoins, worth around $4 million at the time of the attack, were broken down into smaller amounts and moved to several public addresses controlled by the scammers. The developers behind Electrum turned to an unusual tactic to protect users. They exploited the same flaw in their software the hackers did and redirected users to download the patched version of the wallet. After noticing this, attackers launched distributed denial of service (DDoS) attacks before developers eventually took control of the situation.

At the height of the Electrum Bitcoin Wallet malware campaign, more than 70% of the entire network was being controlled by attackers.

5. IOTA — Shutting Down The Entire Network

Amount: An undisclosed amount of IOTA coins, worth around $1.6 million at the time of the hack

Period: February 12, 2020

IOTA Foundation, the nonprofit organization behind the IOTA cryptocurrency, was also a victim of a cyber-attack on February 12, 2020. Hackers used an exploit in IOTA’s Trinity hot wallet app to steal coins worth around $1.6 million from at least 10 high-value accounts. The foundation had to shut down its entire crypto network to stop the attack and enable developers to find and patch the vulnerability criminals exploited. Law enforcement officials are involved in tracking down the attackers, while the IOTA price fell on the market once the news of the hack was announced.

IOTA breach causes 10 high value accounts to lose a significant amount of funds.

Protect your funds in a cold wallet

Hot wallets are convenient tools for real-time transactions but are far from being a secure storage option. Ideally, users should use them for trading small funds, while most of their coins are safely stored in cold wallets.

To that end, NGRAVE ZERO is of great help, as it’s one of the — if not THE — coldest wallets on the market. Our Indiegogo crowdfunding campaign was the most successful in this category as 1.225 backers from 72 countries purchased 1.317 ZEROs for a total of $431,772.

If you want to become part of this huge family and have your crypto assets secured, then get your own ZERO here!

Read the latest articles in the new NGRAVE Blog.

How secure are you? Take the test!

The NGRAVE team recently created a test where you finally face yourself: how secure do you think you are versus how secure you really are. Not only versus yourself, but also in comparison with your peers and much more.

You can take the test here, all information is treated confidential and with respect to data privacy regulation.

Interested in reading more? Here are the top 10 biggest heists that shocked the entire crypto industry:

The History of Crypto Hacks — Top 10 Biggest Heists That Shocked The Crypto Industry

ABOUT NGRAVE

NGRAVE is a blockchain security provider offering a user-friendly end-to-end solution for the self-sovereign management of individuals’ and businesses’ digital assets and cryptocurrencies. The NGRAVE product suite consists of hardware wallet NGRAVE ZERO, backup solution NGRAVE GRAPHENE, and mobile application NGRAVE LIQUID. Developed with world leaders in nanoelectronics, hardware security and applied cryptography, NGRAVE ZERO’s advanced features make it the most secure and easy to use crypto hardware wallet in the world. NGRAVE will support over 20 coins in its first shipped devices including Bitcoin, Ethereum (and ERC20 tokens), Ripple, Bitcoin Cash, Litecoin, EOS, and many others.