Top 10 Crypto Security Incidents That Will Teach You How to Protect Your Assets

This series of security incidents has further exacerbated the already sluggish crypto market, exposing the lack of rigor in asset security management

Author: Huo Huo, Baihua Blockchain

Last Saturday, the world's second-largest CEX Bybit was hacked, with a total of $1.46 billion in ETH stolen, setting a record for the highest amount stolen in a single token theft case in history.

This incident occurred shortly after crypto financial card service provider Infini was also hacked, with approximately $49.5 million in funds being stolen from its Ethereum address on February 24.

This series of security incidents has further exacerbated the already sluggish crypto market, exposing the lack of rigor in asset security management on crypto platforms and furthering weakening market liquidity, making security issues once again the focus of industry attention.

According to blockchain analysis company Chainalysis, hackers stole approximately $2.2 billion in crypto assets in 2024, and to date, the total amount stolen exceeds $5 billion (equivalent to over 36 billion RMB).

Today, we will review the top ten crypto security incidents from the past (including the Bybit theft incident in February 2025). The 36 billion RMB in assets lost in these ten security incidents serves as a "bloody lesson" for the owners. What important tips can individuals glean from these incidents to protect their crypto assets?

Top 10 Crypto Security Incidents

The following image ranks the top ten crypto security incidents by the amount lost, covering various complex attack methods from smart contract vulnerabilities to private key leaks and database attacks.

Through analysis, we can see that these theft incidents not only expose specific security vulnerabilities but also reflect the weaknesses in technical protection and risk management within the crypto industry.

Next, we will categorize and analyze these incidents based on their causes and the lessons learned, to better understand the underlying security risks and provide references for future prevention.

1) Wallet Private Key or Security Issues

Ronin Network Theft Incident (March 2022): $625 million

The Ronin Network is a scaling solution designed for blockchain games and NFTs, created by the Axie Infinity development team Sky Mavis to address Ethereum's limitations in transaction fees and processing speed.

In March 2022, the Ronin Network was attacked by the North Korea-supported hacker group Lazarus Group, resulting in a loss of approximately $625 million in Ethereum and USDC. The hackers successfully controlled five nodes by attacking the network's validation nodes, enabling them to create and sign malicious transactions, ultimately transferring funds to addresses they controlled.

Coincheck Theft Incident (January 2018): $534 million

Coincheck is one of the more well-known CEXs in the Japanese crypto market, having been established in 2012 and focusing on providing secure and convenient trading services.

In January 2018, Coincheck suffered a hacker attack due to security issues with its hot wallet, resulting in a loss of approximately $534 million in NEM tokens.

DMM Bitcoin Theft Incident (May 2024): $305 million

DMM Bitcoin is also a crypto CEX based in Japan, having been established in 2018.

In May 2024, DMM Bitcoin was attacked by hackers, leading to the theft of approximately 4,500 bitcoins (valued at about $305 million at the time). Although the specific method of attack is still under investigation, reports suggest that leaked private keys may have been a key factor in the hackers' intrusion.

KuCoin Theft Incident (September 2020): $275 million

KuCoin is a well-known CEX based in Singapore, having been established in 2017.

In September 2020, KuCoin suffered a hacker attack, resulting in a loss of approximately $275 million in various crypto tokens. The hackers successfully stole a large amount of assets by obtaining the private keys of the CEX's hot wallet.

Summarizing these four theft incidents, it is evident that they all resulted from insufficient security of hot wallets or nodes. Validation nodes and hot wallets, due to their internet connectivity and convenience, are easy targets for hacker attacks. Hackers employ various methods, including malware, phishing attacks, or exploiting internal platform vulnerabilities to obtain private keys. Once an attack is successful, hackers can quickly transfer assets, leading to irreparable losses. In contrast, cold wallets and other storage options that are not connected to the internet can effectively avoid the risks of online attacks, making them a relatively safer choice for storing crypto assets.

Additionally, for CEXs, ensuring strict management and secure storage of private keys is key to preventing large-scale theft of funds, while for individual users, properly safeguarding private keys is equally crucial for asset security. Once a private key is lost or leaked, users will completely lose control over their assets, and no third party can help recover the funds. Therefore, both CEXs and individuals need to establish more robust