Crypto Guide: 5 Biggest Crypto Hacks So Far (2025)
BBC reports that the ByBit hackers, the Lazarus Group, have successfully converted at least $300m of their record $1.5bn heist into "unrecoverable funds." The ByBit hacking on February 21st primarily targeted Ethereum tokens and now stands as the largest crypto exploit on record. ByBit's hacking, which officially surpassed previous high-profile breaches and thefts, raised serious questions about the increasing boldness and sophistication of hackers, and the future of crypto security.
Hacking remains a serious and costly challenge for the crypto industry. ByBit's February 21st hack illustrates the growing problem and how it's undermining the crypto and even traditional financial industry. Last February 21st, ByBit reported a breach in its platform, resulting in a loss exceeding $1.5 billion.
According to ByBit CEO Ben Zhou, the stolen cryptocurrencies, mostly Ether, were taken from the exchange's "cold wallet", which was supposedly more secure since it's not connected to the internet.
According to blockchain analysis firms, including Arkham Intelligence and Elliptic, the stolen funds were moved into different accounts and immediately offloaded so that they could become untraceable. Similar to traditional money laundering, the hackers, which were later identified as the Lazarus Group by Elliptic, transferred the crypto into different accounts, using sophisticated laundering methods to obscure the transfer of funds.
ByBit immediately released a statement, with its CEO Ben Zhou assuring its customers and investors that the exchange's other cold wallets are safe, and withdrawals are back to normal.
Elliptic's analysis reveals that roughly 20% of stolen funds have "gone dark"
However, Elliptic's latest analysis, as reported by the BBC, paints a bleak picture for the industry—around 20% of the stolen funds have "gone dark," meaning they are "unlikely to ever be recovered." According to global authorities, the Lazarus Group works at the behest of the North Korean regime.
In an Elliptic blog, the popular analytics firm blamed North Korea-based Lazarus Group. This hacker group has amassed over $6 billion in cryptocurrency assets since 2017, and the Federal Bureau of Investigation confirmed that the majority of the stolen funds were used to finance the country's ballistic missile program.
Biggest crypto hacks, next to ByBit
Elliptic further explained that the ByBit hacking was more than double the size of the last biggest crypto heist and now stands as the biggest hack of all time. The next five hacks on the list are nothing to sneeze at—they boast a combined $2.7 billion in lost funds. Let's take a look at some of the biggest cryptocurrency hacks to date.
Poly-Network, August 2021 ($611m)
On August 12th, the token-swapping platform Poly-Network reported a hacking of its platform, causing it to lose more than $600 million in digital assets. But what's more interesting about this case is that the stolen funds were promptly returned less than 48 hours later. According to reports, the hackers stole 12 cryptos, including Ether and a type of Bitcoin.
One of the hackers who claimed responsibility for the hacking shared that they had found a bug that exposed the platform's vulnerability. According to Coindesk, the hackers initially tried transferring some of the digital assets into the liquidity pool Curve.fi, but this was rejected. Then, around $100 million was moved out and transferred to Ellipsis Finance.
Less than 48 hours after the incident, the hackers returned the assets to the Poly Network. According to Poly Network, the 'heist' was pulled off by an ethical hacker named "Mr White Hat", who works to identify and expose vulnerabilities in crypto platforms.
BSC Token Hub, October 2022 ($582 million)
Binance, the world's biggest crypto exchange, was the subject of a costly hack on October 22nd. According to the company's blog, the hackers stole 2 million BNB tokens from the exchange on October 6th, valued at $528 million during that time. Binance CEO Changpeng Zhao shared that the hack was on its cross-chain bridge, the BSC Token Hub, which resulted in the minting of additional BNB tokens "out of thin air".
Binance immediately stopped its operations on its Binance Smart Chain, and Zhao also stated that the users' funds were safe. The BNB token's price dropped by 3.5% hours after the exploit made the news.
According to a Twitter/X user (@FrankResearcher), the hackers found a way to forge the proof for block 110217401, confirmed in 202o.
Ronin Network, March 2022 ($540 million)
Ronin Network, an EVM blockchain for gaming, lost around $540 million during the March 2022 hacking. According to the company's representatives, unidentified hackers stole 25.5 million USD coin tokens and 173,600 Ether tokens on March 2nd, 2022, which was valued at $540 million at the time of the hacking.
Elliptic reported that Ronin's network breach was the second-biggest cryptocurrency theft at the reporting time. Ronin is a popular blockchain that powers the Axie Infinity, which relies on non-fungible tokens (NFTs).
In a blog post released after the incident, Ronin shared that the hackers used stolen private keys to access their digital assets. The company immediately cooperated with the authorities to find the hackers. Immediately after the hack, Ronin users have difficulty depositing or withdrawing their funds on the network.
Coincheck, January 2018 ($532 million)
Coincheck, a Tokyo-based crypto exchange, lost $532 million (¥58 billion) to hacking in January 2018. The Coincheck hack eclipsed the notorious Mt. Gox fiasco of 2014. Coincheck Inc, a leading Japanese crypto exchange, discovered the breach after noting a substantial drop in its NEM virtual currency holdings.
After confirming the hack through a blog post, the company immediately stopped all its services, including trading, deposits and withdrawals for most cryptocurrencies, except Bitcoin. According to reports, around 260,000 users were affected by the breach. NEM, a crypto designed to help businesses manage data digitally, briefly dropped by more than 20% hours after the incident. The hack also impacted the broader crypto market, with Bitcoin's price dipping by 5% on January 26th, 2018.
