Project | Date of Exploit | Exploit Amount (USD) | Blockchain | Nature of Exploit | Contract Type | Exploited Contract Address |
DMM Exchange | May 31, 2024 | 304,529,100 | Bitcoin | Private Key Breach | ||
Gala Games | May 20, 2024 | 22,300,000 | Ethereum | Private Key Breach | 0x8D92A6812b3dA2346883F0631910c96Cb9c5a5f9 | |
Pump.fun | May 15, 2024 | 2,055,145 | Solana | Smart Contract Vulnerability, Private Key Breach | ||
Alex Lab | May 13, 2024 | 4,300,000 | BNB Chain | Private Key Breach | ||
Grand Base | April 15, 2024 | 1,700,000 | Base | Private Key Breach | ||
Moziac Finance | March 15, 2024 | 2,000,000 | Private Key Breach | DeFi | ||
PolyhederaZk | March 13, 2024 | 760,000 | Private Key Breach | |||
DuelBits | February 13, 2024 | 4,600,000 | BNB Chain | Private Key Breach | ||
Play Dapp | February 12, 2024 | 31,000,000 | Ethereum | Private Key Breach | https://etherscan.io/address/0x3a4f40631a4f906c2bad353ed06de7a5d3fcb430 | |
Chris Larsen Wallet | January 31, 2024 | 115,000,000 | Private Key Breach | |||
Concentric Finance | January 22, 2024 | 1,600,000 | Arbitrum | Smart Contract Vulnerability, Private Key Breach | DeFi | |
Locus Finance | December 30, 2023 | 321,000 | Ethereum, Arbitrum | Private Key Breach | ||
Private Key Breach 0x896 | December 22, 2023 | 2,500,000 | Ethereum | Private Key Breach | ||
OKX DEX | December 13, 2023 | 424,000 | Ethereum | Private Key Breach | ||
Nobitex Exchange | November 30, 2023 | 12,500,000 | Ethereum | Private Key Breach | https://etherscan.io/address/0x8d56f551b44a6da6072a9608d63d664ce67681a5 | |
HECO Bridge | November 22, 2023 | 86,600,000 | Private Key Breach | |||
Huobi | November 22, 2023 | 26,400,000 | Ethereum | Private Key Breach | ||
Poloniex | November 10, 2023 | 126,000,000 | Tron, Ethereum, Bitcoin | Private Key Breach | ||
CoinSpot Hot Wallet | November 9, 2023 | 2,000,000 | Private Key Breach | |||
burgel.eth | October 6, 2023 | 3,000,000 | Ethereum | Private Key Breach | ||
HTX | September 25, 2023 | 8,000,000 | Ethereum | Private Key Breach | ||
Remitano | September 15, 2023 | 2,700,000 | Ethereum, Tron, BitcoinCash | Private Key Breach | ||
CoinEx | September 12, 2023 | 55,000,000 | Ethereum, BSC, Bitcoin, Tron, Kadena, Solana, Dagger, XRP, BitcoinCash, Polygon, Stellar, Arbitrum | Private Key Breach (Unknown Method) | ||
Stake | September 4, 2023 | 40,000,000 | Ethereum | Private Key Breach | Games | https://etherscan.io/address/0x974caa59e49682cda0ad2bbe82983419a2ecc400 |
RocketSwap | August 15, 2023 | 869,000 | Ethereum | Private Key Breach | DEX | https://basescan.org/address/0xe20d24cf9faf458b98b6f34e5346361e6492aa5f |
Multichain | July 7, 2023 | 126,000,000 | Moonriver, BSC, Fantom | Private Key Breach | ||
Poly Network | July 3, 2023 | 4,400,000 | BNB Chain | Private Key Breach | Cross Chain | https://etherscan.io/address/0x14413419452aaf089762a0c5e95ed2a13bbc488c#code |
Keep3r Network | June 12, 2023 | 200,000 | Ethereum | Private Key Breach | ||
Atomic Wallet | June 3, 2023 | 100,000,000 | Ethereum, Tron, BSC, Bitcoin, Polkadot, Avalanche | Private Key Breach | ||
unshETH | May 31, 2023 | 375,000 | Arbitrum | Private Key Breach | DeFi | |
Bitrue | April 14, 2023 | 21,882,489 | Ethereum | Private Key Breach | CeFi | |
Algodex | March 6, 2023 | 55,000 | Algorand | Private Key Breach | DEX | |
FarmApp | February 12, 2023 | 93,000 | BNB Chain | Private Key Breach | Tokens | |
Liango Protocol | February 8, 2023 | 1,600,000 | BNB Chain | Private Key Breach | DeFi | |
PECO Token (AMUN) | December 26, 2022 | 300,000 | Polygon | Private Key Breach | DeFi | |
Raydium Protocol | December 17, 2022 | 5,500,000 | Solana | Private Key Breach | DEX | |
Room (ROOM) | December 6, 2022 | 225,000 | BNB Chain | Private Key Breach | Tokens | 0x3c45a24d36ab6fc1925533c1f57bc7e1b6fba8a4 |
Ratio Finance | December 3, 2022 | Solana | Private Key Breach | |||
Ankr Protocol | December 2, 2022 | 7,000,000 | BNB Chain | Private Key Breach | DeFi | 0x1bD5dF997c8612652886723406131F582ab93DEf |
Deribit Exchange | November 2, 2022 | 28,311,804 | Private Key Breach | DEX | ||
Rubic Exchange | November 2, 2022 | 2,800,000 | BNB Chain | Private Key Breach | DEX | |
Fries DAO | October 28, 2022 | 2,300,000 | Ethereum | Private Key Breach | Upgradable Contract | |
The Layer2DAO | October 23, 2022 | 49,950,000 L2DAO | Optimism | Private Key Breach | MultiSig Wallet | |
FTX | October 12, 2022 | 45,000,000 | Ethereum | Private Key Breach | CeFi | |
WinterMute | September 20, 2022 | 160,000,000 | Ethereum | Private Key Breach | DeFi | |
Slope Wallet | August 2, 2022 | 5,300,000 | Solana | Private Key Breach | ||
ZB | August 1, 2022 | 4,800,000 | Private Key Breach | CeFi | ||
Impermax Finance | July 16, 2022 | 7,451,118 | Arbitrum | Private Key Breach | DeFi | |
BiFi Hack | July 10, 2022 | 2,300,000 | Ethereum | Private Key Breach | DeFi | |
Harmony Protocol | June 24, 2022 | 100,000,000 | Ethereum | Private Key Breach | DeFi | |
QAN Platform | May 18, 2022 | 633,100 | BNB Chain | Private Key Breach | Bridge | |
Phantasma Chain | April 2, 2022 | 437,443.1 | BNB Chain | Private Key Breach | DeFi | |
Ronin | March 23, 2022 | 624,000,000 | Ethereum | Private Key Breach | DeFi | |
Dego Finance | February 10, 2022 | 10,000,000 | Cronos | Private Key Breach | DeFi | |
BNS | February 1, 2022 | 7,500,000 | Private Key Breach | |||
Crypto.com | January 18, 2022 | 33,700,000 | Ethereum | Private Key Breach | CeFi | |
LCX | January 8, 2022 | 7,940,000 | Ethereum | Private Key Breach | DeFi | |
Vulcan Forged | December 13, 2021 | 140,000,000 | Ethereum | Private Key Breach | DeFi | |
8ight Finance | December 8, 2021 | 1,750,000 | Harmony | Private Key Breach | DeFi | |
Bitmart | December 4, 2021 | 196,000,000 | BNB Chain | Private Key Breach | CeFi | |
bZx | November 5, 2021 | 55,000,000 | Polygon, BSC | Private Key Breach | ||
DAO Maker | August 12, 2021 | 7,000,000 | Ethereum | Private Key Breach | DeFi | |
Levyathan | July 30, 2021 | 1,500,000 | BNB Chain | Private Key Breach | DeFi | |
Bondly | July 15, 2021 | 5,900,000 | Ethereum | Private Key Breach | DeFi | |
Anyswap | July 10, 2021 | 7,900,000 | BNB Chain | Private Key Breach | DeFi | |
EasyFi | April 19, 2021 | 59,000,000 | Ethereum | Private Key Breach | DeFi | |
Roll | March 14, 2021 | 5,800,000 | Ethereum | Private Key Breach | DeFi | |
Kucoin | September 29, 2020 | 45,000,000 | Ethereum | Private Key Breach | ||
Gate.io | April 21, 2018 | 235,000,000 | Private Key Breach |
A private key compromise hack in the cryptocurrency realm refers to unauthorized access obtained by an individual to a user’s private key, which is the cryptographic key that permits control over their cryptocurrency holdings. Such a compromise can result in the theft of cryptocurrency, as the private key provides complete access to the funds linked to the corresponding public key.
How Private Key Compromise Occurs
- Phishing Attacks: Fraudulent emails or sites that deceive users into sharing their private keys.
- Malware and Keyloggers: Malicious software that logs keystrokes or searches for private keys on a user’s device.
- Poor Security Practices: Utilizing easily guessable passwords, storing private keys in unencrypted formats, or opting for insecure storage methods.
- Exploits and Vulnerabilities: Weaknesses in software wallets, exchanges, or other platforms handling private keys.
- Social Engineering: Attackers trick individuals into revealing their private keys or credentials.
How to Prevent Private Key Compromise
By adopting the following practices, you can effectively mitigate the risk of your private key being compromised.
- Utilize Hardware Wallets: Store private keys in hardware wallets, which are physical devices built to secure private keys.
- Enable Two-Factor Authentication (2FA): Implement 2FA on all cryptocurrency-related accounts for an extra security layer.
- Create Strong, Unique Passwords: Develop complex passwords and use a password manager to organize them.
- Keep Software Updated: Regularly update all software, including wallets and antivirus programs, to guard against known vulnerabilities.
- Maintain Secure Backups: Store backups of private keys or seed phrases in a secure, offline place (e.g., a safe deposit box). Avoid digital backups.
- Steer Clear of Public Wi-Fi: Do not manage cryptocurrency accounts while using public Wi-Fi networks, which are prone to compromise.
- Watch Out for Phishing Scams: Always confirm the legitimacy of emails, websites, and other communications related to cryptocurrency. Refrain from sharing your private key or seed phrase.
- Use Cold Storage: For long-term asset retention, rely on cold storage solutions (offline storage) to shield private keys from internet-connected devices.
- Educate Yourself: Stay updated on common scams, best security practices, and the latest news in the cryptocurrency landscape.