A Review of the Five Largest Cryptocurrency Hacking Incidents in History, Second Only to the Funds Stolen from Bybit

On February 21st, the cryptocurrency exchange Bybit encountered a major crisis. Over $1.4 billion was stolen, setting the highest record for losses in a single cryptocurrency hacking incident in the 15-year history of the cryptocurrency industry. According to data from Cyvers, the amount stolen in this incident accounted for more than 60% of the total cryptocurrency funds stolen throughout 2024.
Hacking attacks and scams are common occurrences in the cryptocurrency field. These incidents have brought a serious legitimacy crisis to the cryptocurrency industry, which has long been criticized by many for "facilitating criminal activities." However, data from Chainalysis shows that the growth rate of legitimate applications of cryptocurrencies far exceeds their use in illegal activities.
Even so, the hacker economy remains active in the cryptocurrency market, especially when cryptocurrency prices are rising. Data from Crystal Intelligence indicates that as of the middle of 2024, the cumulative losses caused by cryptocurrency hacking attacks have reached $19 billion.
Below, we will review several major cryptocurrency hacking incidents in history. By comparison, we can see how they measure up against the latest hacking incident involving Bybit.
Before the Bybit incident, Ronin Network was the victim of the largest cryptocurrency hacking incident in history in terms of losses. In March 2022, Ronin Network, an Ethereum sidechain built for the play-to-earn game Axie Infinity, was hacked, and over $600 million worth of Ethereum and USDC were stolen. After the incident, Ronin Network was only able to recover a small portion of the stolen funds.
This attack was believed to be carried out by the Lazarus Group, which is suspected to have ties to the North Korean government. It is estimated that in 2024 alone, this mysterious organization stole cryptocurrency worth $1.34 billion. Since 2020, the group has been suspected of being involved in money laundering activities involving hundreds of millions of dollars' worth of digital assets.
In 2021, the cross-chain protocol Poly Network was hacked, and hackers stole funds worth over $600 million. The cybersecurity firm SlowMist stated that this was a "carefully planned and organized" attack.
The hackers stole $273 million from the Ethereum network, $253 million from the BNB Smart Chain, and $85 million from the Polygon network. At that time, this attack was regarded as the largest decentralized finance vulnerability incident in history.
According to Poly Network, the attackers eventually returned almost all of the stolen funds, leaving only $33 million unreturned.
In October 2022, the BNB Chain was hacked, resulting in losses of approximately $568 million. According to Cointelegraph’s report at that time, the attackers exploited a vulnerability in the cross-chain bridge BSC Token Hub to issue an additional 2 million BNB tokens and quickly transferred $100 million worth of the stolen tokens to other networks.
Changpeng Zhao, the former CEO of Binance, confirmed that the vulnerability "led to the generation of additional BNB tokens" and subsequently announced the suspension of the BNB Smart Chain.
In early 2018, a major theft occurred at the Japanese cryptocurrency exchange Coincheck, with $534 million worth of NEM tokens stolen. NEM is a token launched by the New Economy Movement (NEM) in 2015.
The hackers attacked the hot wallet and carried out several unauthorized transactions, stealing all the funds belonging to the exchange’s users. Later reports suggested that this attack might be related to a hacker group that had implanted a virus on the computers of Coincheck employees.
After the incident, Coincheck promised to compensate all 260,000 victims.
In November 2022, when the FTX exchange collapsed, a series of unauthorized transactions led to losses of $477 million for the cryptocurrency exchange.

By January 2024, U.S. federal prosecutors had identified and charged three suspects alleged to be involved in this attack.