Updated January 30, 2026
Key Takeaways
The 10 biggest crypto exchange hacks have stolen over $4.3 billion, with attacks growing from $8.75 million in 2011 to $1.4 billion in 2025.
- Bybit’s 2025 breach set the record at $1.4 billion stolen in minutes
- North Korean groups linked to at least 3 of the top 10 hacks
- Hot wallet vulnerabilities caused 80% of major breaches
- KuCoin recovered $204 million through a rapid response; most exchanges recovered nothing
- Shift from reactive clean-up to proactive defense with real-time monitoring and cross-exchange intelligence sharing
In this updated edition of our most-read blog, we revisit the top 10 most devastating CEX hacks in crypto history, now including major breaches up to 2026. These events don’t just reflect losses—they reveal patterns, vulnerabilities, and the urgent need for coordinated, intelligence-led defense.
Let’s dive into the most notorious heists ever to hit the centralized crypto world—and what the industry can learn from them.
1. Bybit: $1.4 billion of ETH stolen in 2025 hack
The Bybit hack took place on February 21, 2025. It was the largest single theft of cryptocurrencies in the industry’s history. The Dubai-based crypto exchange lost 400,000 ETH worth $1.4B within minutes when the hackers exploited a private key leak in Bybit’s hot wallet system to siphon off the funds.
In response, Bybit’s CEO acknowledged the attack straight away, and announced a bounty program to retrieve the funds the following day. By February 26, the US FBI officially charged North Korean hackers with the heist.
2. Coincheck: $534 million in NEM (XEM) stolen in 2018 hack
In January 2018, hackers managed to break into the exchange and steal crypto worth $534m. This was, at the time, the largest crypto attack in history. As soon as the breach took place, Coincheck froze all deposits and withdrawals.
However, the damage was already done and the exchange admitted that it may not be able to cover the losses suffered by its users. The attack was followed by a thorough investigation led by Japanese authorities. The hackers had used a phishing attack to access hot wallets. They were then able to spread malware and siphon off the funds.
Further details about the attack were revealed in early 2021 when authorities stated that most individuals involved in the attack were in the high-income group.
3. FTX: $477 million of multiple cryptocurrencies stolen in 2022 post-collapse hack
The FTX CEX, founded in 2019 by Sam Bankman-Fried (SBF) and Gary Wang, collapsed in November 2022, wiping out a grand total of $8.9 billion of its customers’ savings and investments, both fiat and crypto. The collapse was rooted in gross mismanagement and misappropriation of funds.
In the fallout, $477 million in various cryptocurrencies were drained in a suspected hack on November 11, as FTX filed for bankruptcy. The suspected hack was likely an inside job.
Although Wang avoided a jail term, SBF received a 25-year prison sentence in March 2024, and must forfeit $11 billion to compensate victims of the scam.
4. Mt. Gox: $460 million in BTC stolen in 2014 hack
Mt. Gox was a Japan-based crypto exchange launched in 2010, which was at one stage the largest in the world. In 2011, the exchange was hacked and bitcoin worth $8.75m was stolen.
Although the exchange vowed to improve its security mechanisms, it suffered from another attack in 2014. This time, it was carried out on a much larger scale. About $460 million in Bitcoins were siphoned off. They achieved this by flooding the exchange with many fake bitcoins.
This hack was among the first major ones in the Bitcoin world. The breach resulted in several lawsuits being filed against the company, from customers, vendors, as well as partners. The CEO of the exchange, Mark Karpeles, was a central figure in many of these since he didn’t use any version control software for the site’s source code. Any coder could accidentally overwrite the site’s code, thereby leaving the entire system vulnerable. These lawsuits have not helped the exchange’s users till now. The exchange is looking to refund its users via a civil rehabilitation plan submitted to the Tokyo District Court.
5. DMM Bitcoin: $308 million in Bitcoin stolen in 2024 hack
The Japan-based crypto exchange was launched by DMM group in 2018. In May 2024, a massive hack resulted in the loss of 4,502.9 BTC, worth about $308 million at the time. Investigations into the attacks led to the North Korean Lazarus Group becoming suspects.
In the wake of the hack, the company leveraged almost $320 million in funding to shore up the business and protect its client base by purchasing more Bitcoin. However, it conceded in December 2025 that sustained restrictions on withdrawals and trading meant it would have to discontinue its operations in the interests of its customers.
In the same month, DMM Bitcoin announced that it would transfer its holdings and client accounts to another Japan-based CEX, SBI VC Trade, part of the financial conglomerate, SBI Group, by March 2025.
6. KuCoin: $281 million in various cryptocurrencies stolen in 2020 hack
KuCoin is a crypto exchange based in Singapore. It was founded in 2013 and deals in several cryptocurrencies, including Bitcoin, Ethereum, Litecoin, and Ardor. In September 2020, it was targeted, and the criminals managed to steal over $281m$281m worth of coins and tokens.
In addition, hackers managed to obtain the keys to some of the hottest wallets on the exchange. Although KuCoin quickly blocked all transactions on its website, the damage had already been done. In the aftermath, the management team of KuCoin launched a thorough investigation. This swift move yielded positive results, as more than $204m worth of funds was recovered within weeks. The exchange has also made a key breakthrough in identifying the potential suspects.
It is alleged that a hacker group based in North Korea was responsible for the act. This case highlights the importance of moving quickly and having the ability to track transactions on a real-time basis.
7. Wazir X: $230 million of several cryptocurrencies stolen in 2024 hack
Wazir X was founded in 2018 to cater to the growing Indian cryptocurrency market. The company has gained a positive reputation for its pro-compliance and pro-regulatory stance.
On July 18, 2024, a significant security breach occurred at WazirX. India’s largest domestic cryptocurrency exchange had approximately 50% of its assets worth $230 million (INR 1900 crores) stolen from one of its main trading wallets by hackers, despite its robust security measures.
This incident is of great importance in the cryptocurrency industry, particularly within India.
8. BitMart: $196 million of several cryptocurrencies stolen in 2021 hack
BitMart, founded in 2017 by Sheldon Xia, is a global centralized cryptocurrency exchange that gained popularity for offering a wide range of digital assets and low trading fees.
In December 2021, hackers were able to drain $196 million of crypto by stealing a private key that opened two hot wallets, which consisted of $100 million in ETH and $96 million on the Binance Smart Chain.
The company assured customers that they would be compensated for their losses, a process that is still ongoing.
9. BitGrail: $170 million in Nano tokens stolen in 2018 hack
The Italy-based BitGrail CEX was founded by Francesco Firano in 2017, gaining traction as a primary exchange for trading the relatively self-sufficient Nano cryptocurrency, formerly called RaiBlocks.
BitGrail was hacked in February 2018, and 17 million Nano worth about $170 million was stolen. Spats between Firano and the Nano Foundation about who was accountable for the chinks in BitGrail’s cybersecurity armor, which abetted the successful attack and how it was carried out, ensued.
In January 2018, events culminated in the Italian Bankruptcy Court ruling that Firano should pay back his customers as much of their losses as possible, even seizing $1 million of his personal assets, which included his car.
10. CoinBene: $105 million in ETH stolen in the 2019 hack
CoinBene is a Singapore-based CEX that was once considered among the top 10 crypto exchanges in the world by trading volume. The exchange served the crypto community in over 192 countries.
In March 2019, CoinBene was attacked by cybercriminals who managed to walk away with over $105 million in cryptocurrencies. However, the exchange claimed it was closing to perform maintenance instead of acknowledging the hack.
The criminals, meanwhile, had managed to move the stolen coins to a wide range of exchanges, including Binance. It is not known if any of the lost coins have been recovered.
What these famous hacks reveal about the future of crypto security
The scale and frequency of these attacks paint a clear picture: the battle against financial crime in the crypto space is evolving fast—and the enemy is more organized, well-funded, and technically adept than ever before.
This compilation of famous hacks reveals a crucial truth: even the largest and most trusted exchanges face vulnerability when operational security, key management, and internal controls lack robustness. Attack methods vary from insider threats to sophisticated phishing campaigns and private key leaks. Yet the outcomes remain remarkably consistent: billions of dollars lost, trust eroded, and users exposed to risk.
However, the defensive response strengthens. The industry’s reaction to the record-breaking Bybit coin hack in 2025 represented a watershed moment: unprecedented cooperation among exchanges, blockchain intelligence firms, and global law enforcement proved that unified action delivers results. The swift dismantling of Garantex following the Bybit attack demonstrated how collaborative efforts can counter-strike effectively and decisively.
Moving forward, crypto security must extend beyond reactive forensics. Success requires predictive intelligence, real-time transaction monitoring, and cross-sector collaboration on a global scale. Exchanges must invest in advanced blockchain analytics, red-team penetration testing, and proactive risk mitigation strategies. Regulators need to match the pace with emerging threats while fostering innovation. Platforms like Crystal Intelligence are evolving from compliance tools into survival-critical infrastructure.
