Header Background

Famous Bitcoin Heist and Hacks

It certainly seems that anything that calls itself “secure” still has its vulnerabilities. Secured buildings have break-ins, secured websites are compromised, and even data like credit information has been stolen from seemingly secure systems.

Bitcoin launched with the principle of being safer than traditional banks and financial institutions. It uses , the same premise as the SHA-2 that the NSA (United States National Security Agency) uses.

The blockchain technology and lengthy wallet keys should provide a higher measure of safety, but hackers and thieves are getting much savvier as time passes. Additionally, there’s due diligence needed on the part of the wallet holder, as well as the exchanges. Updates and individual security measures are still required to deter potential theft.

Regardless of the level of security, you can be sure that someone is out there trying to bypass it and will look for any available open door. Throughout the past eight years, Bitcoin theft has occurred as a result of hacking, coding overwrites, compromised computers, and even gunpoint.

Once the Bitcoin has changed hands by moving from wallet to wallet, it’s not that hard for these thieves to launder it. They use the Bitcoin tumbler to give them some time to manipulate small amounts that wouldn’t catch anyone’s attention, at least for a short time anyway. From there, they can sell off more reasonable, unnoticeable sums or even find a buyer who’s willing to pay for a large chunk at a time. The anonymity is retained from seller to buyer, so it’s not as challenging as getting caught with a stolen credit card in hand.

The following are some of the more notable Bitcoin heists and hacks. As many people say, “If they would only put their talents to good, positive use…”

The Mt. Gox Hack: Or Was It?

If you know anything about the history of Bitcoin, you’re probably familiar with the name Mt. Gox. It was the preeminent Bitcoin exchange based out of Japan, established in 2010 by Jed McCaleb, who is also the founder of Ripple.

In 2013, Mt. Gox became the most significant global exchange, but starting in 2011, it was the victim of ongoing hacks. Or at least that’s the story that’s shared most often.

The Mt. Gox story reads more like a mystery novel with different players and many unknowns.

In 2011, the company changed hands from McCaleb to French developer Mark Karpelés, but there’s still question as to whether the “hacking” began before the change or after.

And was it a hack? There have been accusations from employees of mismanagement, and there’ve also been allegations of inside theft. Perhaps the Bitcoin were never even (virtually) real at all.

The first reported theft was in 2011, with 2,000 BTC transferred from customer accounts and another 650 purchased at an artificial low directly from the exchange. A compromised computer was blamed for the incident and security was increased that involved moving a good chunk of the Bitcoin from online to offline storage.

That was just the beginning, though.

In February of 2014, an internal memo was leaked to the public that announced the theft via hacking of 844,408 Bitcoin. 744,408 were customer-owned, and the remaining 100,000 were company assets.

Now, the consensus is that the 2014 incident was the result of private keys being stolen before 2011 when they were initially stored in unencrypted wallets. Even after new security protocols, the thieves would still have access to information that would allow them to move funds around while virtually undetected by Mt. Gox.

The entire situation came to a head after the US government had already seized $5 million from Mt. Gox for unlicensed trading in 2013. Mt. Gox was closed to trades for three months during that time and dropped from number one to the 3rd largest global exchange. But after the 2014 hacking, it was forced to declare bankruptcy in both Japan and the United States.

There were just too many hits to take, and Mt. Gox did liquidate its assets and closed its doors in 2014.

The story doesn’t end there. Not only did Mt. Gox report that it had found 200,000 BTC in the old format digital wallets, but Mark Karpelés was arrested the following year on charges of fraud and embezzlement. There are undisclosed details, but the arrest was said to be unrelated to the Mt. Gox theft.

To date, 650,000 BTC are still unaccounted for, and the 200,000 BTC are held in trust until the bankruptcy proceedings are finalized. So, Mt. Gox’s customers are still victims of this mystery.

The Individual Hack: Gmail and Coinbase

Back in the early days of cryptocurrency, Mt. Gox was the leading exchange. These days, investors turn to . It’s the number-one Bitcoin exchange in the world and is one of the simplest services for new investors.

Coinbase is set up similarly to an online bank account, and you can use your conventional financial services account to transfer fiat currency to Bitcoin, Bitcoin Cash, or Ethereum.

The premise of Coinbase is to make buying and selling easier for its users. It stores the 64-digit pass keys where, previously, customers had to keep track of them.

To make a trade, users need to log in with a username and password, but they also need to verify their identity each month by receiving a text message and inputting a one-time code.

You may see where we’re going with this already.

In 2017, a customer who had recently converted a few thousand US dollars in assets to Bitcoin stored in his Coinbase account received a confusing message from his mobile carrier. The message was a confirmation that he was moving his phone number to another device. Panicked, he tried to stop the transfer but was too late.

Within seconds, his Gmail account was hacked, and his phone number transferred over to an outside device, thereby allowing the thieves the ability to confirm “his” identity and empty his Coinbase account.

Coinbase prides itself on its high-level of security and has never been directly hacked to date. However, this is just one instance of individuals being targeted as burglary victims.

A Ponzi Scheme: Bitcoin Savings and Trust

The Bitcoin Savings and Trust may sound like your community bank down the street. But in actuality, it was a virtual investment scheme run by Trendon Shavers, aka pirateat40, of Prosper, Texas.

Back in 2012, Shavers offered his 100 investors a 7% weekly return if they deposited more than 25,000 BTC, worth over $275,000 at the time.

No one knew how Shavers was turning the profits, but for a while, it worked. He was trading with the then Mt. Gox exchange and customers were being paid. In August of 2012, though, pirateat40 publicly posted in the Bitcoin Forum that he was shutting down his operation. The investment scheme became too much, and he lost the balance of the investments.

Of the 100 customers, 48 experienced losses totaling $1.23 million.

In 2013, the Securities and Exchange Commission charged Shavers with running an illegal Ponzi scheme and ordered him to pay a $40 million penalty and $150,000 civil penalty.

The book doesn’t close in 2013, though. Remember, this is the time of Bernie Madoff and Silk Road, so Shavers was an ideal candidate to use to make a statement. In 2014, the Southern District of New York charged him with Criminal Wire and Securities Fraud.

Trendon Shavers ran a Bitcoin Ponzi scheme.

In 2016, Shavers was eventually given an 18-month sentence and ordered to pay back the $1.23 million.

The moral of the story: when it seems too good to be true, it probably is, so be careful where you invest your money, whether it’s fiat currency or cryptocurrency.

Stolen Credentials-Stolen Money: NiceHash

We’ve been talking about Bitcoin traders, exchanges, and investors so far. But NiceHash is the largest marketplace for digital mining currency. It’s not a trading site. It’s a service-oriented website where you can “Sell or Buy Computing Power on Demand.”

Miners are the ones who work on sealing off blockchains. New mathematical solutions are needed consistently, and miners get paid for successful providing them. It’s big business these days, especially with over 1,000 altcoins in circulation as well. In fact, NiceHash has paid out $1 billion in just four years.

That’s pretty significant coin (Bitcoin, that is) that’s being circulated, so you have to figure that they’re a prime target for thieves.

In December 2017, when the news was focused on the skyrocketing value of Bitcoin, someone (or a group) breached the NiceHash system using the credentials of one of the company’s engineers.

The thief (or thieves) managed to siphon out 4,700 BTC worth $75 million at the time.

In a quick response to NiceHash’s users, many of whom kept their Bitcoin payments in the accounts that were emptied, NiceHash addressed all of the concerns and provided thorough explanations and next steps. The company was able to pull together the funds to replenish the emptied wallets and has since initiated new security protocols and changes to all of the wallet passwords.

An Attack from the Back: Bitcoinica

Bitcoinica was one of the earlier Bitcoin exchanges. It built its business by using Mt. Gox to help facilitate and store its transactions.

In 2012, Bitcoinica experienced not one hack, but two. The first, amounting to over 46,000 Bitcoins worth more than $200,000, was a crippling blow. But the company attempted to bounce back until it was hit again in May for another 18,000-Bitcoin loss.

Stolen passwords weren’t the cause in this case. Instead, the hackers were able to get in through the shared web host, Linode. In case you’re not familiar with Linode or even with what a web host is, let us provide a bit of illumination: it’s a service that provides companies with server space. It takes away the need for a business to have their own server.

Neither Bitcoinica’s computers or their site were hacked directly. All the hacking took place within the Linode server space.

So, instead of entering Bitcoinica’s computers or site directly, it was hacked from within the Linode server space.

This wasn’t the only incident involving Linode’s system, as accessed its servers in 2013, exposing a vulnerability that prompted Linode to introduce two-step authentication. In 2015, Linode experienced consistent DDoS attacks with the intent to cause significant damage or even a complete failure of Linode’s entire business.

Unfortunately for Bitcoinica, though, the double hit was enough to sink the ship for good. As its assets were tied into Mt. Gox, they were lost in the Mt. Gox heist.

One Computer – One Wallet Holder - $500,000

You don’t have to be a company that provides Bitcoin services to be a victim of theft. Individuals are also at risk, and maybe even more so than the big players, as they’re vulnerable to intrusion.

In 2011, a BitcoinTalk forum member, Allinvain, was given the unfortunate distinction of becoming the first victim of a significant Bitcoin hack. It wasn’t stolen from an exchange, nor any outside service. Instead, the hackers directly compromised Allinvain’s Windows computer.

The theft was more than six years ago, so Bitcoin didn’t have today’s value, but Allinvain was an investor and lost 25,000 BTC that can’t be recovered. With the 2017 boom, that’s millions of dollars in the hands of those thieves.

A Real-World Robbery of Virtual Currency: Armed Intruders

You may recognize the small village of Moulsford in South Oxfordshire, the United Kingdom, from the popular television show . The show has been filmed there on occasion in a converted barn on some private property.

The village of Moulsford was the scene of an armed robbery of Bitcoin.

This quiet village in rural England is instantly recognizable to fans of Midsomer Murders.

Moulsford became the site of its own story with . Four men carrying weapons forced their way into the home of digital currency traders, tying up the female resident and forcing the man to transfer an undisclosed amount of Bitcoin.

This particular home had to have been targeted, as the men knew just what they were looking for – Bitcoin was the sole objective.

Both residents are directors of Aston Digital Currencies Limited, as well as Butler Hosting, a company that provides data processing, hosting, and related activities.

We would assume it was for the privacy and protection of the businesses that most of the details remain undisclosed about the incident. The amount of Bitcoin that was stolen wasn’t even listed in the news article. But it’s an unfortunate example of how thieves can operate both online and offline to get their hands on something that isn’t theirs.

Silk Road and Tony76: The Most Unusual Bitcoin Theft

If the Mt. Gox hack we started out with is worthy of a TV movie, this one should have a place on the big screen.

Silk Road is a story that goes well beyond the quarter million in stolen Bitcoin. It includes illegal drugs and murder for hire. How’s that for a lead-in, huh?

Let’s start with a quick introduction to Silk Road in case you’re not familiar with it.

Silk Road functioned as an online marketplace for illegal drugs from 2011 to 2013. Customers put Bitcoin payments in escrow and released them when their packages were delivered. To give you an idea of the impact that Silk Road made, it processed $15 million in transactions in just two years.

The FBI finally caught up with Silk Road in October of 2013. The dark website founder, Ross William Ulbricht, was tried and convicted on eight counts. He is currently in prison with no possibility of parole.

Ross William Ulbricht, the founder of Silk Road.

Ross William Ulbricht - also commonly known by his pseudonym “Dread Pirate Roberts.”

Silk Road is a famous case and demonstrates the dark side of Bitcoin. The site wanted to remain faceless and traceless, and Bitcoin helped to accomplish that.

Let’s back up a bit, though, and focus on April 20th, 2012, also known as 4/20, a popular day in the Cannabis community. As you can imagine, Silk Road was booming on that day. And one vendor in particular, Tony76, wanted to cash in even more.

Although Tony was a relative newcomer to Silk Road, he had built himself up to be a solid player in the illegal drug racket. He delivered packages on time and communicated with his customers along the way, earning their trust and admiration in just a short time.

So, on April 20th, Tony’s big sale day, it was easy for him to explain how he could expedite the packages if his customers would release the Bitcoin instead of holding it in escrow. After all, Tony was a stand-up guy, right?

Well, they complied, and Tony took in about a quarter million dollars in that one day, and then turned around and called it a day on Silk Road. He left his customers hanging and left Ulbricht enraged.

That’s the Bitcoin theft part of our story. Now, let’s get into the murder for hire.

Ulbricht didn’t like being cheated, nor did he appreciate the black mark on Silk Road. He sloppily left a virtual trail of correspondence with a user going by the name “redandwhite.” “User” isn’t an appropriate description, though, as “hitman” would be more apropos.

During Ulbricht’s investigation, the FBI uncovered the “murder for hire” correspondence, as well as $730,000 for a package of six kills, including Tony76.

So, while Tony76 is responsible for a quarter million in drug money theft, he’s also part of the evidence used to convict Ulbricht.

Are you curious about Tony76’s fate?

That’s uncertain. He is known to have lived in Canada, but investigators weren’t able to find a person or a body to fit into the Silk Road “hits” puzzle.

How Can You Avoid Being a Victim?

You’re not entirely at the mercy of those who want to take from you. There are things you can do to protect your cryptocurrency assets. Whether you opt for an exchange to retain your holdings or you maintain your wallet and have both the address and the key needed to manage it, you can still take some precautions.

Precautions to Take Using a Bitcoin Exchange

If you’re using a service like Coinbase, keep in mind the story of the gentleman who received the phone call about his phone number being transferred to another device. He was hacked through email, as well as his phone.

Don’t leave any login information on your computer. Use good old-fashioned paper and pen and lock up your credentials or keep it on an external device. Even a USB drive is safer than letting it sit for hackers to claim as their own.

Top Tip:

Make sure that your computer has top-notch security that’s always being updated. It’s wise to change your passwords often as well.

Coinbase texts you a code to verify your account every 30 days, but that’s upon request. You could make it mandatory to receive that code every time you log in. If you change your password often and you don’t have it online for a remote hacker to obtain, you’ve got another layer of security in place.

Additional Protection When You Manage Your Bitcoin Wallet

If you don’t use an exchange or a service that retains your personal wallet information and you keep it stored on your own, you have even more control.

Here are a few tips.

  • Split your cryptocurrency up amongst a few different wallets. It’s easier for a hacker to get one than to access several across the board. You’ll have to manage more addresses and keys, but it’s well worth it for peace of mind.
  • Use wallet encryption either through a service or by creating a passphrase. There’s a that’s highly rated.
  • You can also quickly create a passphrase through Bitcoin Core. Just be sure you know your passphrase, as it’s the key to unlocking your wallet. If you don’t have Bitcoin Core installed, you can go to to download.
  • Back up your wallet with an offline version and store an offline version as well, so you have an additional layer of protection.
  • Keep your wallet address and your key in different places. Better yet, keep them offline in different locations, so no one has remote access to them.
  • Be sure that your computer software and your wallet software are updated at all times. Software updates often include new security measures and bug fixes. It can be a little time-consuming, but worth it when you look at the big picture.

Please see the following page for more information and advice on protecting your cryptocurrency investment.

A Final Word

It’s inevitable that money, regardless of the currency, carries risks. There are always people out there trying to figure out ways to cheat the system and steal from others.

The stories we’ve included are just a few of the incidents that have involved Bitcoin but can help you to be more cautious in your financial dealings. Only choose the most reputable businesses with stellar reputations and do your own due diligence to make sure that you have safeguards in place for both your cryptocurrency and your fiat currency.

There will always be vulnerabilities, but awareness and planning can help to keep your property safe and protected.