mineracks/multisig-hsm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
multisig-hsm/docs/exchange-hot-wallet-hacks.md
mineracks 96510e7494 Add hot-wallet-hack research + real-hardware photo 
- docs/exchange-hot-wallet-hacks.md: itemised, adversarially-verified history of
  exchange hot-wallet/server compromises (the threat this defends against)
- README: hero photo (Coldcard in HSM mode in the rack) + link to the research

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-26 15:10:15 +10:00

8.2 KiB
Raw Permalink Blame History

The recurring tax — exchange hot-wallet & server-compromise hacks (2011present)

An itemized, multi-source, fact-checked history of incidents where a cryptocurrency exchange's internet-connected hot wallet — on a server that was compromised — was drained of customer funds. This is the specific failure mode the mineracks multisig HSM is designed to remove.

Why this document exists. "Run the hot wallet on a server" is a bet that the server won't be compromised — and it has been lost, on a roughly annual cadence, for more than a decade. Below is the catalogue, with the unrelated failure modes (fraud, exit scams, signer-UI manipulation) deliberately kept separate, and disputed figures flagged rather than asserted.

Scope

In scope: an internet-connected hot wallet on a compromised server was drained — the attacker obtained the online signing keys, leaked a key file, or pushed unauthorized withdrawals. This is exactly what an automated cold→hot multisig HSM defends against: the signing keys never leave tamper-resistant hardware, and no single compromised host (or operator) can move funds.

Out of scope — and why it would be dishonest to lump them in:

  • Fraud / exit scams — QuadrigaCX, FTX, Africrypt. Funds were misappropriated by insiders, not stolen by an external server breach. No HSM stops an owner stealing from themselves.
  • Signer-process / social-engineering compromise — e.g. Bybit (Feb 2025, ~$1.46B, the largest crypto theft ever): attackers injected malicious JavaScript into the multisig signing UI to trick legitimate signers during a routine transfer, bypassing cold-wallet controls at the signing step. A different (and growing) threat than a remote hot-wallet drain.
  • Non-Bitcoin headline losses — Coincheck (Jan 2018, ~$530M) was NEM, not BTC.

The incidents

Date Exchange Attack vector (server / hot wallet) BTC lost (approx.) ≈USD at the time Outcome
Mar 2012 Bitcoinica Linode web-host server breach → hot wallet drained 43,000 BTC ~$220K Customers repaid; folded later. Motivated the Trezor hardware wallet.
Sep 2012 BitFloor Server hacked; unencrypted wallet-key backup left on disk 24,000 BTC ~$250K Not made whole (partial only); ceased Apr 2013
(late 2011 →) Feb 2014 Mt. Gox Hot wallet quietly drained over ~2 years ~750,000 customer BTC (≈850k total) ~$450500M Bankrupt; ~200,000 BTC later recovered
Jan 2015 Bitstamp Staff phishing → operational/hot-wallet credentials ~18,866 BTC ~$5M Survived
Aug 2016 Bitfinex Online BitGo multisig hot wallet; unauthorized withdrawals bypassing limits 119,756 BTC ~$72M Survived; users issued BFX tokens, redeemed at 100% within ~8 months
Jun 2018 Bithumb Hot wallet compromised (mixed assets) ~2,016 BTC (1,993 traced) + others ~$30M Covered from reserves; survived
Sep 2018 Zaif Hot-wallet compromise 5,966 BTC ~$60M Parent company covered losses
May 2019 Binance Phishing/malware harvested API keys + 2FA → single hot wallet (~2% of BTC) 7,000 BTC ~$40M Made whole in full via the SAFU insurance fund
Sep 2020 KuCoin Hot-wallet private-key leak (APT); mixed assets ~1,008 BTC (of ~$275285M total) ~$280M ~84% recovered; users made whole
Jun 2024 DMM Bitcoin Wallet/key compromise (FBI-attributed to DPRK/Lazarus) 4,503 BTC ~$300M Parent group covered; wound down

Borderline: Cryptsy (Jul 2014, ~13,000 BTC) was an IRC backdoor planted in the exchange's wallet code, but the founder was later indicted for fraud — so it straddles "hack" and "insider," and is excluded from the in-scope counts.

What the numbers say

  • Cadence. There is at least one well-documented hot-wallet/server drain in nearly every year from 2012 onward — roughly 13 per year.
  • Most common cause. The peer-reviewed dataset of 220 exchange incidents 20092024 (Bello/Olushola et al., Frontiers in Blockchain, 2025) finds hot-wallet / unauthorized-key access is the single most frequent centralized-exchange attack vector — 39 incidents (~$1.21B) — ahead of system/server exploits (10), insider theft (7), and data leaks (6).
  • Total Bitcoin. The in-scope losses sum to on the order of ~1,000,000 BTC, overwhelmingly concentrated in Mt. Gox (~750,000+) and Bitfinex (~120,000), with a ~100,000-BTC tail across the rest.
  • Who survived. The exchanges that survived (Bitfinex, Binance, Bitstamp, KuCoin) generally had the reserves or insurance to absorb the loss. Those that didn't (Mt. Gox, BitFloor) collapsed — and their customers were not made whole.

The lesson the data points to

Every incident above shares one root cause: a private key that could sign was reachable from a compromised, internet-connected machine. The defenses that actually work are the ones that (1) keep the signing key on tamper-resistant hardware it can never leave, and (2) require more than one such device, on more than one host, to agree — so owning a single server, or coercing a single operator, moves nothing. That is precisely a 2-of-3, policy-enforced multisig HSM.

It does not replace a high-throughput hot-wallet engine — see the operator manual (§1.2). It secures the cold and warm tiers and the cold→hot refill pipe: low-throughput, high-stakes, and exactly where the incidents above happened.

Disputed / imprecise figures (flagged honestly)

  • Mt. Gox — sources range from ~750,000 BTC (customer) to ~850,000 BTC (incl. company coins); ~200,000 BTC were later recovered; USD ~$450500M at the Feb 2014 filing. (One widely-copied list states "$45M" — a tenfold transcription error.)
  • Bitfinex — precisely 119,756 BTC; contemporaneous value ~$72M, not the ~$623M figure some lists quote (that is a later, higher valuation).
  • Bithumb — 1,993 BTC traced on-chain vs ~2,016 BTC officially reported.
  • KuCoin / DMM / Zaif / Bithumb — mixed-asset thefts; the BTC portion is shown where it could be pinned down (KuCoin's bulk was ETH/ERC-20).

Method & sources

Compiled via a fan-out research process: five parallel search angles, 21 sources fetched, 101 candidate claims extracted, and the leading claims adversarially verified — three independent skeptics per claim, each trying to refute it; a claim had to survive a majority refutation attempt to be kept. 22 of 25 verified claims were confirmed; 3 were killed (including the inflated "Bitfinex ~$350M via BitGo" and "Mt. Gox 840k BTC via stolen credentials" framings).

Primary and secondary sources include: Chainalysis (2025 crypto-theft report), TRM Labs (2026 crypto-crime report), Elliptic (Bithumb on-chain tracing), the Frontiers in Blockchain 2025 academic dataset, exchange post-mortems (Binance SAFU update; the 2016 Bitfinex disclosures), and contemporaneous reporting (CoinDesk, Wikipedia, Fortune, The Register, Bitcoin Magazine, NPR). Key links:

Compiled 2026-06-26 for the mineracks multisig HSM project. Figures are best-available estimates priced at the time of each incident; where disputed, a range is given rather than a single number. Corrections welcome via the repository.