Centralized Exchange Security Incident Review: Historical Lessons and Future Prevention

In recent years, several well-known Centralized Exchanges have suffered significant losses due to hacker attacks or internal issues. Some exchanges have had user assets stolen due to external intrusions, while others have collapsed due to poor internal management. Even industry giants face pressure from regulatory agencies. In contrast, decentralized exchange (DEX) has a natural advantage in dealing with threats such as hacker attacks, fraud, and excessive regulation.

This article will review the 10 most serious security incidents of centralized exchanges, discussing the lessons and insights learned from them.

1. Bithumb: Repeatedly Attacked by Hackers

Bithumb, as one of the largest cryptocurrency exchanges in South Korea, has suffered multiple hacker attacks since 2017:

• February 2017: lost 7 million dollars
• June 2018: Nearly $32 million in cryptocurrency was stolen
• March 2019: Approximately $20 million worth of EOS and XRP were stolen
• June 2019: Attacked again, losing 30 million USD in digital tokens.

The South Korean Ministry of Science and Technology has found deficiencies in Bithumb's network isolation, monitoring systems, and key management. These incidents underscore the urgency of strengthening security measures at exchanges.

2. WazirX: Serious wallet vulnerabilities lead to huge losses

In July 2024, the Indian exchange WazirX suffered a major security incident, with over $230 million in crypto assets being illegally transferred. The attackers targeted WazirX's multi-signature wallet on Ethereum, stealing a large amount of tokens such as SHIB, MATIC, and PEPE.

Despite the adoption of security measures such as hardware wallets and address whitelists, WazirX still failed to withstand this complex attack. This incident highlights the risks of centralized management of private keys and the necessity for continuous improvement of asset protection measures.

3. A well-known exchange: API key theft results in financial loss

In May 2019, a global leading cryptocurrency exchange suffered a hacker attack. The attackers stole users' two-factor authentication codes and API keys through phishing and other means, stealing 7,074 bitcoins from the exchange's hot wallet, worth over 40 million dollars at the time.

Afterwards, the platform announced the establishment of a user security asset fund to cope with extreme situations. However, in October 2022, the platform faced another major security challenge, as hackers illegally generated and stole tokens worth $570 million by exploiting a cross-chain bridge vulnerability.

4. KuCoin: Hollywood-style Digital Heist

In September 2020, KuCoin experienced a dramatic hacker attack. The attackers stole various cryptocurrencies, including BTC, ETH, LTC, and XRP, by stealing the private keys of hot wallets, totaling approximately $281 million.

KuCoin quickly took action, transferring the remaining funds to a new wallet and suspending trading. After weeks of effort, KuCoin recovered approximately $204 million of the stolen funds. Investigations indicate that this attack may be related to a North Korean hacking group.

5. BitGrail: Insiders Suspected of Involvement

The Italian exchange BitGrail suffered a theft incident involving 120 million euros (, approximately 147 million US dollars ). The police suspect that the exchange's head, Firano, may have been involved or failed to promptly strengthen security measures after discovering the vulnerability.

About 230,000 users were affected. The court announced the bankruptcy of Firano and BitGrail, and requested the return of stolen assets as much as possible. This incident highlights the risks that insiders in a Centralized Exchange may pose.

6. Poloniex: Two Major Security Vulnerabilities

Poloniex has experienced two serious security incidents:

• March 2014: Hackers exploited software vulnerabilities to steal 97 bitcoins, accounting for 12.3% of the total bitcoin amount at the time on the exchange.
• November 2023: A suspected North Korean hacker group infiltrated hot wallets, stealing approximately $126 million in cryptocurrency assets.

These two incidents exposed vulnerabilities in the exchange's software security and private key management, emphasizing the importance of continuously upgrading security measures.

7. Bitstamp: Social Engineering Attack

In 2015, hackers attacked the Bitstamp system administrator through social engineering, implanting malware to obtain critical files and passwords. This ultimately led to the theft of 18,866 bitcoins, worth approximately $5 million at the time.

Afterwards, Bitstamp completely rebuilt its trading platform, migrated to a more secure cloud server, and implemented measures such as multi-signature wallets. This incident highlights the importance of employee security awareness training.

8. Some exchange: Vulnerability in the multi-signature system

In August 2016, a well-known exchange suffered a cyber attack. Hackers exploited a vulnerability in the platform's multi-signature system to illegally withdraw 120,000 bitcoins from the hot wallet.

To mitigate losses, the platform issues tokens to affected users, which can be exchanged for US dollars or company stock. This incident reminds us that even advanced security systems may have vulnerabilities.

9. Coincheck: Improper Management of Hot Wallets

In January 2018, the Japanese exchange Coincheck suffered one of the largest-scale hacker attacks at that time. The attackers infiltrated the hot wallet and stole 523 million NEM tokens, worth approximately 534 million dollars.

Coincheck has shortcomings in hot wallet management and multi-signature protection. This incident has prompted the cryptocurrency community to take joint action to prevent the liquidation of stolen assets.

10. Mt. Gox: The Most Infamous Hacking Incident in Cryptocurrency History

The Mt. Gox incident is the most well-known security incident in the history of cryptocurrency:

• 2011: First encountered a major security vulnerability, losing 25,000 bitcoins.
• 2014: Catastrophic hacking attack, approximately 850,000 Bitcoins stolen.

This event severely impacted the price of Bitcoin and the trust in the entire cryptocurrency industry, causing significant losses for many individual investors.

Exchange Security Precautions

To enhance security, the exchange can take various measures:

• Cold and hot wallet separation: Store the majority of assets in an offline cold wallet.
• Multi-signature: Requires multiple key holders to jointly authorize a transaction
• Regular security audits: promptly identify and fix potential vulnerabilities
• Employee Training: Enhance internal personnel's security awareness
• Insurance mechanism: provides additional protection for users' assets

With the development of technology and the accumulation of experience, the security measures of exchanges will continue to improve. However, users' own security awareness and risk management are equally important.