# The recurring tax — exchange hot-wallet & server-compromise hacks (2011–present)
*An itemized, multi-source, fact-checked history of incidents where a cryptocurrency exchange's
internet-connected **hot wallet — on a server that was compromised — was drained** of customer funds. This
is the specific failure mode the mineracks multisig HSM is designed to remove.*
> **Why this document exists.** "Run the hot wallet on a server" is a bet that the server won't be
> compromised — and it has been lost, on a roughly annual cadence, for more than a decade. Below is the
> catalogue, with the unrelated failure modes (fraud, exit scams, signer-UI manipulation) deliberately kept
> separate, and disputed figures flagged rather than asserted.
## Scope
**In scope:** an internet-connected *hot wallet* on a *compromised server* was drained — the attacker
obtained the online signing keys, leaked a key file, or pushed unauthorized withdrawals. This is exactly
what an automated cold→hot **multisig HSM** defends against: the signing keys never leave tamper-resistant
hardware, and no single compromised host (or operator) can move funds.
**Out of scope — and why it would be dishonest to lump them in:**
- **Fraud / exit scams** — QuadrigaCX, FTX, Africrypt. Funds were misappropriated by insiders, not stolen by
an external server breach. No HSM stops an owner stealing from themselves.
- **Signer-process / social-engineering compromise** — e.g. **Bybit** (Feb 2025, ~$1.46B, the largest crypto
theft ever): attackers injected malicious JavaScript into the multisig signing UI to trick *legitimate*
signers during a routine transfer, bypassing cold-wallet controls at the signing step. A different (and
growing) threat than a remote hot-wallet drain.
- **Non-Bitcoin headline losses** — Coincheck (Jan 2018, ~$530M) was **NEM**, not BTC.
## The incidents
| Date | Exchange | Attack vector (server / hot wallet) | BTC lost (approx.) | ≈USD at the time | Outcome |
|---|---|---|---|---|---|
| Mar 2012 | **Bitcoinica** | Linode web-host server breach → hot wallet drained | **43,000 BTC** | ~$220K | Customers repaid; folded later. Motivated the Trezor hardware wallet. |
| Sep 2012 | **BitFloor** | Server hacked; unencrypted wallet-key backup left on disk | **24,000 BTC** | ~$250K | **Not made whole** (partial only); ceased Apr 2013 |
| (late 2011 →) Feb 2014 | **Mt. Gox** | Hot wallet quietly drained over ~2 years | **~750,000 customer BTC** (≈850k total) | ~$450–500M | **Bankrupt**; ~200,000 BTC later recovered |
| Jan 2015 | **Bitstamp** | Staff phishing → operational/hot-wallet credentials | **~18,866 BTC** | ~$5M | Survived |
| Aug 2016 | **Bitfinex** | Online BitGo multisig hot wallet; unauthorized withdrawals bypassing limits | **119,756 BTC** | ~$72M | Survived; users issued BFX tokens, redeemed at 100% within ~8 months |
| Jun 2018 | **Bithumb** | Hot wallet compromised (mixed assets) | **~2,016 BTC** (1,993 traced) + others | ~$30M | Covered from reserves; survived |
| Sep 2018 | **Zaif** | Hot-wallet compromise | **5,966 BTC** | ~$60M | Parent company covered losses |
| May 2019 | **Binance** | Phishing/malware harvested API keys + 2FA → single hot wallet (~2% of BTC) | **7,000 BTC** | ~$40M | Made whole in full via the SAFU insurance fund |
| Sep 2020 | **KuCoin** | Hot-wallet private-key leak (APT); mixed assets | **~1,008 BTC** (of ~$275–285M total) | ~$280M | ~84% recovered; users made whole |
| Jun 2024 | **DMM Bitcoin** | Wallet/key compromise (FBI-attributed to DPRK/Lazarus) | **4,503 BTC** | ~$300M | Parent group covered; wound down |
*Borderline:* **Cryptsy** (Jul 2014, ~13,000 BTC) was an IRC backdoor planted in the exchange's wallet code,
but the founder was later indicted for fraud — so it straddles "hack" and "insider," and is excluded from
the in-scope counts.
## What the numbers say
- **Cadence.** There is at least one well-documented hot-wallet/server drain in nearly every year from 2012
onward — roughly **1–3 per year**.
- **Most common cause.** The peer-reviewed dataset of 220 exchange incidents 2009–2024 (Bello/Olushola et
al., *Frontiers in Blockchain*, 2025) finds **hot-wallet / unauthorized-key access is the single most
frequent centralized-exchange attack vector — 39 incidents (~$1.21B)** — ahead of system/server exploits
(10), insider theft (7), and data leaks (6).
- **Total Bitcoin.** The in-scope losses sum to on the order of **~1,000,000 BTC**, overwhelmingly
concentrated in **Mt. Gox (~750,000+)** and **Bitfinex (~120,000)**, with a ~100,000-BTC tail across the
rest.
- **Who survived.** The exchanges that survived (Bitfinex, Binance, Bitstamp, KuCoin) generally had the
reserves or insurance to absorb the loss. Those that didn't (Mt. Gox, BitFloor) collapsed — and their
customers were not made whole.
## The lesson the data points to
Every incident above shares one root cause: **a private key that could sign was reachable from a
compromised, internet-connected machine.** The defenses that actually work are the ones that (1) keep the
signing key on tamper-resistant hardware it can *never* leave, and (2) require **more than one** such device,
on **more than one** host, to agree — so owning a single server, or coercing a single operator, moves
nothing. That is precisely a **2-of-3, policy-enforced multisig HSM**.
It does *not* replace a high-throughput hot-wallet engine — see the operator manual (§1.2). It secures the
**cold and warm tiers and the cold→hot refill pipe**: low-throughput, high-stakes, and exactly where the
incidents above happened.
## Disputed / imprecise figures (flagged honestly)
- **Mt. Gox** — sources range from ~750,000 BTC (customer) to ~850,000 BTC (incl. company coins); ~200,000
BTC were later recovered; USD ~$450–500M at the Feb 2014 filing. (One widely-copied list states "$45M" — a
tenfold transcription error.)
- **Bitfinex** — precisely **119,756 BTC**; contemporaneous value **~$72M**, *not* the ~$623M figure some
lists quote (that is a later, higher valuation).
- **Bithumb** — 1,993 BTC traced on-chain vs ~2,016 BTC officially reported.
- **KuCoin / DMM / Zaif / Bithumb** — mixed-asset thefts; the BTC portion is shown where it could be pinned
down (KuCoin's bulk was ETH/ERC-20).
## Method & sources
Compiled via a fan-out research process: five parallel search angles, 21 sources fetched, 101 candidate
claims extracted, and the leading claims **adversarially verified** — three independent skeptics per claim,
each trying to refute it; a claim had to survive a majority refutation attempt to be kept. 22 of 25 verified
claims were confirmed; 3 were killed (including the inflated "Bitfinex ~$350M via BitGo" and "Mt. Gox 840k
BTC via stolen credentials" framings).
Primary and secondary sources include: Chainalysis (2025 crypto-theft report), TRM Labs (2026 crypto-crime
report), Elliptic (Bithumb on-chain tracing), the *Frontiers in Blockchain* 2025 academic dataset, exchange
post-mortems (Binance SAFU update; the 2016 Bitfinex disclosures), and contemporaneous reporting (CoinDesk,
Wikipedia, Fortune, *The Register*, *Bitcoin Magazine*, NPR). Key links:
- Chainalysis 2025 stolen-funds report —
- TRM Labs 2026 crypto-crime report —
- Frontiers in Blockchain (Bello et al., 2025), 220-incident dataset —
- Elliptic — following the money from the Bithumb hack —
- 2016 Bitfinex hack (Wikipedia) —
- Bitstamp $5M hot-wallet hack (CoinDesk) —
- Mt. Gox (Gemini Cryptopedia) —
- Unchained — crypto hacks timeline —
---
*Compiled 2026-06-26 for the [mineracks multisig HSM](https://multisighsm.com) project. Figures are
best-available estimates priced at the time of each incident; where disputed, a range is given rather than a
single number. Corrections welcome via the repository.*