I wish I knew about the Bitcoin hacking incidents.
Why would Bitcoin be stolen?
Hackers targeting Bitcoin and other virtual currencies are active worldwide, and Japanese exchanges and users have also fallen victim to hacking.
To protect your Bitcoin, it's crucial to understand the hacking incidents and methods that have occurred in the past.
In this article, I'll explain why Bitcoin hacking happens and review past virtual currency hacking incidents at Japanese exchanges.
This article was written in Japanese and converted to English using a translation tool.
Date of writing (Japanese version): December 2023
Why Bitcoin Hacking Happens?
Why do Bitcoin hacks happen?
Is there something wrong with Bitcoin itself?
Bitcoin hacks occur mainly due to security issues with the virtual currency exchanges and wallets that store bitcoins.
Security of Exchanges and Wallets is Breached
Bitcoin hacking occurs when the security of a virtual currency exchange or personal wallet is compromised.
Hackers often target "hot wallets" connected to the Internet to execute their attacks.
They exploit security weaknesses and system vulnerabilities to steal Bitcoin and other virtual currencies.
| Hot Wallets | Cold Wallets | |
|---|---|---|
| Management | Online management | Offline management |
| Convenience | Immediately available for transactions | Transactions take time |
| Personal Wallets | Many are free | Device purchases are common |
| Security | High hacking risk | Low hacking risk |
About Cold Wallets on Exchanges
- Developing a cold wallet is not straightforward and requires specialized development work for each type of virtual currency.
- Periodic upgrades are needed, which requires significant resources.
- Storing virtual currency in cold wallets reduces the convenience of services for users (immediate transfers become more challenging), so increasing security often means reducing immediacy.
So, many hacks on exchanges occur when hot wallets are targeted…
Many exchanges keep the majority of their assets (80%+) in cold wallets.
The portion expected to be used for daily transactions is kept in hot wallets, balancing smooth transactions with security.
Targeting Users with Low Security Awareness
Personal virtual currency wallets can also be targeted by hackers, and if security measures are inadequate, assets are at risk of being stolen.
In addition to wallet vulnerabilities, a lack of personal security awareness is another factor that can lead to hacking incidents.
Hacking of Personal Wallets (Examples)
- Phishing Scams
→Hackers pose as legitimate sources to direct users to fraudulent URLs, aiming to steal personal information and assets. - Malware
→Devices are infected with malicious software to hijack and control them. - Wallet Weaknesses are Exploited
Exchanges are likely to be targeted by hackers because they hold large amounts of assets, but there are many incidents where personal wallets are targeted as well…
It is very important to manage your bitcoins in your own wallet, but if you manage it improperly, you can fall victim to hacking.
You should never disclose your wallet's private key or passphrase to anyone under any circumstances.
Bitcoin Itself is Not the Problem
When Bitcoin hacking occurs, the cause is often related to storage methods, not the technology of Bitcoin itself.
Bitcoin uses a combination of decentralized mechanisms and encryption technology, making it extremely difficult to falsify transaction records.
*Decentralized…the opposite of centralized, where functions are distributed across multiple computers, enhancing security and reliability.
So, Bitcoin itself is not being hacked.
To use an analogy, it's like saying that the money in the bank was stolen because there was a problem with the bank's vault, not the money itself.
Or that the vault was left unlocked.
Exactly. It's a very dangerous situation when exchanges store large amounts of money in one place without proper security measures.
Bitcoin & Virtual Currency Hacking Incidents at Japanese Exchanges
I wish I knew about all the Bitcoin hacking incidents that happened on Japanese exchanges.
I've compiled a list of major virtual currency hacking incidents in Japan.
| Exchange | Amount of Damage (Rate at the Time) | Year of Occurrence |
|---|---|---|
| Mt.GOX | 47 billion yen | February 2014 |
| Coincheck | 58 billion yen | January 2018 |
| Zaif | 6.7 billion yen | September 2018 |
| BITPOINT | 3.5 billion yen | July 2019 |
| Liquid | 6.9 billion yen | August 2021 |
| DMM Bitcoin | 48.2 billion yen | May 2024 |
Mt. Gox
| Mt. Gox hack | |
|---|---|
| Date | February 2014 |
| Amount of damage | Approx. 47 billion yen (rate at the time) |
| Outflowed assets | Outflowed assets held by customers: Approx. 750,000 BTC Company-owned assets: Approx. 100,000 BTC |
| Security at the time | ・Online management of assets. ・Customer assets and company assets are not managed separately. |
| Compensation situation | Repayment due date extended to the end of October 2024 |
Mt. Gox, one of the largest exchanges in the world at the time, was massively hacked and collapsed shortly after.
Most of the bitcoins were managed in hot wallets, but it was later discovered that about 140,000 BTC remained in cold wallets and is expected to be used to reimburse users in the future.
The representatives of Mt. Gox have been arrested and acquitted. I'm wondering how the reimbursement will be made to the victims of the hack.
Coincheck
| Coincheck hacking | |
|---|---|
| Date | January 26, 2018 |
| Amount of damage | approximately 58 billion yen (rate at the time) |
| Outflowed assets | 526.3 million NEM (XEM) |
| Security at the time | ・All NEMs were managed in a hot wallet for security at the time. ・Multisig was not implemented (a technology requiring multiple signatures for money transfers). ・An employee's terminal was infected with malware, and the private key of XEM was stolen by remote control. |
| Compensation situation | refunded to the customer's wallet at Coincheck in Japanese yen. Compensation amount: 88.549 yen x number of holdings as of 23:59:59 on January 26, 2018. |
Of all the hacking incidents in Japan, the Coincheck incident was the most damaging, affecting 260,000 holders.
The fact that all NEMs were managed in hot wallets led to the massive outflow.
Many people were disadvantaged by the taxation system because compensation was made in Japanese yen, which is treated as profit-making…
Zaif
| Zaif hacking | |
|---|---|
| Date | September 14, 2018 |
| Amount of damage | approximately 6.7 billion yen (rate at the time) |
| Outflowed assets | Bitcoin: 2,723.4 BTC Monacoin: 5,911,859.3 MONA Bitcoin Cash: 40,360.0 BCH |
| Security at the time | ・Hot wallets for security deposits and withdrawals at the time were affected. ・Compensation for fraud detection took 3 days. |
| Compensation situation | BTC and BCH were compensated in virtual currency. 60% of MONA was compensated in MONA and 40% was compensated in Japanese yen. |
Less than a year after the Coincheck hack, another Japanese exchange was hacked…
Just as the FSA issued business improvement orders to a number of exchanges and the virtual currency industry was about to emerge from its stagnation, there's another hacking incident.
Zaif had received business improvement orders in March and June 2018, but that still didn't prevent the incident.
BITPOINT
| BITPOINT hacking | |
|---|---|
| Date | July 12, 2019 |
| Amount of damage | approximately 3.5 billion yen (rate at the time) |
| Outflowed assets | Bitcoin Bitcoin Cash Ethereum Litecoin XRP |
| Security at the time | ・About 20% of the portion managed by hot wallets at the time was hacked. ・Hacking into the maintenance servers resulted in the leakage of private keys? |
| Compensation situation | Compensation in virtual currency occurred. |
Almost half of the 110,000 account holders (about 50,000) have been affected…
It seems they followed the industry's self-regulation rules and kept the hot wallet managed portion below 20%.
However, it appears that most of the assets in the hot wallets have been leaked.
Liquid
| Liquid Hack | |
|---|---|
| Date | August 2021 |
| Amount of damage | About 6.9 billion yen (at the rate at the time) |
| Outflowed assets | The wallet of the company's Singapore subsidiary was compromised. 69 types of crypto assets were transferred outside the company. |
| Security at the time | Hot wallets for security and deposits/withdrawals at the time were damaged. |
| Compensation situation | No customer assets were damaged. |
Liquid Global's Singapore subsidiary, QUOINE PTE, was compromised, right?
Liquid was acquired by FTX and became "FTX Japan", but after FTX's bankruptcy, they are shutting down their service.
DMM Bitcoin
| DMMビットコインのハッキング | |
|---|---|
| 発生日 | 2024年5月31日 |
| 被害額 | 約482億円(当時レート) |
| 流出資産 | 4,502.9BTC |
| 当時のセキュリティ | 原因究明中※2024年6月24日時点 |
| 補償状況 | BTCでの補償を発表 |
| DMM Bitcoin hack | |
|---|---|
| Date | May 31, 2024 |
| Amount of damage | Approximately 48.2 billion yen (at the time of the incident) |
| Outflowed assets | 4,502.9 BTC |
| Security at the time | Security issues are still being investigated as of June 24, 2024. |
| Compensation situation | Compensation in BTC has been announced. |
So another massive outflow in Japan!
DMM Bitcoin immediately announced compensation in BTC and also announced the completion of BTC procurement equivalent to the outflow.
As of June 24, 2024, the details of the cause of the unauthorized outflow have not yet been revealed, so it will be interesting to see what happens next.
What happened after the Bitcoin theft?
What happened after the Bitcoin theft?
Some exchanges haven't made any progress on restitution, while others have implemented compensation.
Compensation for the Mt. Gox Incident
In the Mt. Gox hack in 2014, approximately 140,000 BTC were to be returned to victims.
However, there have been delays in the compensation plan, and the deadline has been extended by another year from the original compensation deadline of October 31, 2023.
One reason for the long post-bankruptcy process is that it is taking a long time because the company is dealing with an asset called "virtual currency," which has never existed before.
Nine years after Mt. Gox's bankruptcy, the prospects for debt collection are gradually improving…
About 140,000 bitcoins were later discovered from Mt. Gox, and they will be used to compensate victims…
Leakage to North Korea
Hacking Damage in the Virtual Currency Business (2016-2022)
Hacking damage is on the rise worldwide, with a record number of damages occurring in 2022.
In addition, a group of North Korean hackers reportedly stole $721 million (about 98 billion yen) worth of virtual currency from Japan. It is estimated that 30% of the total global damage between 2017 and 2022 was from hacks in Japan.
Reference:北朝鮮、日本から仮想通貨980億円奪取 世界被害額の3割
North Korea's hacking techniques are becoming more sophisticated every year, and in recent years, they appear to be expanding their attacks on Ethereum-based platforms.
It would be very scary to think if the hacked virtual currency was cashed in and used to fund missile development…
Hackers are getting more sophisticated every year.
In recent years, many Ethereum-based virtual currencies have been targeted, and less secure DeFi platforms have been affected.
DeFi hacking (pink) spikes in 2021 and 2022
A Question and Answer on Bitcoin Hacking
I wish I knew more about bitcoin hacking.
I'll answer your questions about bitcoin hacking in a Q&A format.
If my bitcoin gets hacked, do I have a guarantee?
Unlike brokerage firms that trade stocks, virtual currency exchanges do not yet have a well-developed guarantee system.
The stock market is strictly monitored by the government and regulatory authorities. In Japan, there is a system to compensate up to 10 million yen in the event of a securities firm's bankruptcy or other contingency.
On the other hand, virtual currency exchanges are not obligated to compensate users for losses caused by hacking, so there is no guarantee that they will be compensated.
Virtual currency is still a new market, so you have some concerns about the guarantee system compared to other investments.
It's dangerous to place too much trust in virtual currency exchanges.
The once very popular foreign exchange "FTX" collapsed after a few days of turmoil, and many people are suffering because their assets have not been refunded.
No matter which exchange you use, be aware of contingency plans.
What if I receive an email requesting bitcoin?
If you receive an email asking you to send Bitcoin, don't comply with the request and ignore it.
Fictitious billing e-mails with content such as "We hacked your computer, send us bitcoin if you want us to delete the data we acquired" are circulating nationwide.
Source:福岡県警察
Also, do not respond to requests to send bitcoin via DMs on social networking sites.
If you get a message that makes you uneasy, you should not be in a hurry to go through with it.
In the virtual currency industry, hijacking and spoofing of social networking sites is a daily occurrence, so don't send bitcoins even if someone you know asks for them.
[Summary] Bitcoin hacking incidents
Key Points
- Hacking happens because the security of the exchange or wallet is breached.
- Bitcoin itself is not the problem, but theft occurs due to lax storage methods.
- Large-scale hacking incidents have also occurred at Japanese exchanges, such as Mt. Gox and Coincheck.
Bitcoins are invisible data, and I somehow always thought that bitcoins themselves might be hacked.
I guess the cause of theft is due to the way bitcoins are stored, and if you store them in the wrong way, they can be easily stolen by hackers.
It's really dangerous to manage a lot of funds in a hot wallet.
As a beginner, you can manage it on an exchange, but if you are getting used to bitcoin or dealing with large amounts, you should keep it in your own wallet.
I was kind of nervous about bitcoin because it sounds kind of difficult and I don't really know what it is, but I wanted to know more about it.
I want to know more about Bitcoin!
Recommended Articles:What is Bitcoin?
Writer:Sigeru Minami
Creator of "Bitcoin-zukan.com."
Active as a handmade craftsman of Bitcoin goods.