Cryptocurrencies attract the attention of some of the world’s most opportunistic hackers. Here are five occasions when hackers were successfully able to break into some of the largest accounts in cryptocurrency.

The DAO

In 2016 the Decentralized Autonomous Organization (The DAO) was created to operate like a venture capital fund for decentralized cryptocurrency projects. The DAO was built as a smart contract on the Ethereum blockchain and ran a crowdfuding campaign that attracted approximately $150M worth of Ether. This made it the most successful token sale up until that point.

On June 18th 2016, funds were noticed to be leaving the DAO and around 3.6 million ether worth approximately $70 million were drained by a hacker in just a few hours. The hacker took advantage of a flaw that allowed the DAO smart contract to return Ether multiple times before it updated its internal balance. The hack resulted in the hard fork of the Ethereum protocol that resulted in both reimbursements and the creation of Ethereum Classic (ETC). We covered this hack in more detail in this article.

Mt. Gox

Mt. Gox was able to reach the top of the exchange business in just a short space of time. The increase in status also led to an increase in the number of attempted hacks on its system. The first one took place in June 2011 causing the service to go offline for several days. A hacker was able to access the Mt. Gox auditor machine and use the stolen credentials to transfer thousands of Bitcoins. He used the exchange's software to sell Bitcoin for a nominal amount and a number of accounts containing approximately $8,750,000 were affected.

Mt. Gox tried to prove ownership of the coins and moved 424,242 bitcoins from cold storage to a Mt. Gox address; this was executed in Block 132749. In October 2011, a number of transactions appeared in the block chain at Block 150951 that sent a total of 2,609 BTC to invalid addresses. These Bitcoin were lost, however, as no private key could be assigned to them.

A second hack took place in February 2014 and caused the company to declare bankruptcy. After a period of complaints by users, Mt. Gox halted all withdrawals and closed its service after discovering a latent hack that had been ongoing for years. The hack had gone undetected by the Mt. Gox security team and as a result, the company lost almost 750,000 of its customers' Bitcoin, and approximately 100,000 of its own. This amounted to 7% of all Bitcoin in circulation and was worth around $473 million at the time.

Parity Wallet

In July earlier this year a flaw in the Parity Ethereum client resulted in the theft of over 150,000 ether (ETH), worth an approximate $30 million. An unknown hacker accessed funds from Parity multi-sig wallets created with the Parity client 1.5 and carried out the second largest hack in the history of the Ethereum network. By utilizing a zero-day exploit, coins were removed from a number of Ethereum multi-sig wallets without any authorization. The attacker drained 153,037 ETH from a number of high-profile multi-signature contracts that were used to store funds from the token sales of previous ICOs.

The attacker sent two transactions to each of the affected contracts; one to obtain exclusive ownership of the multi-sig, and a second to move all of its funds. The hack resulted in The White Hat Group moving the rest of the Ether stored in other Parity wallets to another Ethereum wallet. This wallet currently holds approximately 377,105 Ether.

Bitfinex

In August 2016 another of the world’s largest Bitcoin exchanges was hacked. This time the Bitfinex Company lost 119,756 Bitcoins, worth approximately $72 million.

In this case, the attacker took advantage of vulnerability in the multi-signature system used for signing Bitcoin withdrawals. The source of the vulnerability was related to how Bitfinex structured its accounts in league with the Bitcoin wallet provider BitGo. Bitfinex owned two secret keys, while BitGo owned one key. Bitfinex looked to incorporate the multi-signature system and safeguard against potential breaches by engaging several parties to authorize transactions. It’s still unclear exactly how the system was breached and this hack remains the second-biggest breach of a Bitcoin exchange platform.

Bitcoinica

Bitcoinica was yet another popular Bitcoin trading platform to suffer security breaches. The platform which was owned and run by Zhou Tong, suffered two attacks in 2012. In the first, the attacker gained access to the Bitcoinica customer service portal and proceeded to drain the substantial Bitcoin wallets of eight customers. This breach in security resulted in the loss of 46,703 Bitcoins

Just a few months after the first attack a second breach took place, this time the attacker successfully hacked the company’s production servers and made away with 18,547 Bitcoin. Four Bitcoinica customers would eventually file a lawsuit and demand approximately $460,457 in compensation.

In the aftermath, it was revealed that Bitcoinica stored large amounts of digital currency online as opposed to in offline, cold storage format.