mineracks/multisig-hsm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
multisig-hsm/docs/exchange-hot-wallet-hacks.md
mineracks 96510e7494 Add hot-wallet-hack research + real-hardware photo 
- docs/exchange-hot-wallet-hacks.md: itemised, adversarially-verified history of
  exchange hot-wallet/server compromises (the threat this defends against)
- README: hero photo (Coldcard in HSM mode in the rack) + link to the research

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-26 15:10:15 +10:00

112 lines
8.2 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# The recurring tax — exchange hot-wallet & server-compromise hacks (2011present)
*An itemized, multi-source, fact-checked history of incidents where a cryptocurrency exchange's
internet-connected **hot wallet — on a server that was compromised — was drained** of customer funds. This
is the specific failure mode the mineracks multisig HSM is designed to remove.*
> **Why this document exists.** "Run the hot wallet on a server" is a bet that the server won't be
> compromised — and it has been lost, on a roughly annual cadence, for more than a decade. Below is the
> catalogue, with the unrelated failure modes (fraud, exit scams, signer-UI manipulation) deliberately kept
> separate, and disputed figures flagged rather than asserted.
## Scope
**In scope:** an internet-connected *hot wallet* on a *compromised server* was drained — the attacker
obtained the online signing keys, leaked a key file, or pushed unauthorized withdrawals. This is exactly
what an automated cold→hot **multisig HSM** defends against: the signing keys never leave tamper-resistant
hardware, and no single compromised host (or operator) can move funds.
**Out of scope — and why it would be dishonest to lump them in:**
- **Fraud / exit scams** — QuadrigaCX, FTX, Africrypt. Funds were misappropriated by insiders, not stolen by
an external server breach. No HSM stops an owner stealing from themselves.
- **Signer-process / social-engineering compromise** — e.g. **Bybit** (Feb 2025, ~$1.46B, the largest crypto
theft ever): attackers injected malicious JavaScript into the multisig signing UI to trick *legitimate*
signers during a routine transfer, bypassing cold-wallet controls at the signing step. A different (and
growing) threat than a remote hot-wallet drain.
- **Non-Bitcoin headline losses** — Coincheck (Jan 2018, ~$530M) was **NEM**, not BTC.
## The incidents
| Date | Exchange | Attack vector (server / hot wallet) | BTC lost (approx.) | ≈USD at the time | Outcome |
|---|---|---|---|---|---|
| Mar 2012 | **Bitcoinica** | Linode web-host server breach → hot wallet drained | **43,000 BTC** | ~$220K | Customers repaid; folded later. Motivated the Trezor hardware wallet. |
| Sep 2012 | **BitFloor** | Server hacked; unencrypted wallet-key backup left on disk | **24,000 BTC** | ~$250K | **Not made whole** (partial only); ceased Apr 2013 |
| (late 2011 →) Feb 2014 | **Mt. Gox** | Hot wallet quietly drained over ~2 years | **~750,000 customer BTC** (≈850k total) | ~$450500M | **Bankrupt**; ~200,000 BTC later recovered |
| Jan 2015 | **Bitstamp** | Staff phishing → operational/hot-wallet credentials | **~18,866 BTC** | ~$5M | Survived |
| Aug 2016 | **Bitfinex** | Online BitGo multisig hot wallet; unauthorized withdrawals bypassing limits | **119,756 BTC** | ~$72M | Survived; users issued BFX tokens, redeemed at 100% within ~8 months |
| Jun 2018 | **Bithumb** | Hot wallet compromised (mixed assets) | **~2,016 BTC** (1,993 traced) + others | ~$30M | Covered from reserves; survived |
| Sep 2018 | **Zaif** | Hot-wallet compromise | **5,966 BTC** | ~$60M | Parent company covered losses |
| May 2019 | **Binance** | Phishing/malware harvested API keys + 2FA → single hot wallet (~2% of BTC) | **7,000 BTC** | ~$40M | Made whole in full via the SAFU insurance fund |
| Sep 2020 | **KuCoin** | Hot-wallet private-key leak (APT); mixed assets | **~1,008 BTC** (of ~$275285M total) | ~$280M | ~84% recovered; users made whole |
| Jun 2024 | **DMM Bitcoin** | Wallet/key compromise (FBI-attributed to DPRK/Lazarus) | **4,503 BTC** | ~$300M | Parent group covered; wound down |
*Borderline:* **Cryptsy** (Jul 2014, ~13,000 BTC) was an IRC backdoor planted in the exchange's wallet code,
but the founder was later indicted for fraud — so it straddles "hack" and "insider," and is excluded from
the in-scope counts.
## What the numbers say
- **Cadence.** There is at least one well-documented hot-wallet/server drain in nearly every year from 2012
onward — roughly **13 per year**.
- **Most common cause.** The peer-reviewed dataset of 220 exchange incidents 20092024 (Bello/Olushola et
al., *Frontiers in Blockchain*, 2025) finds **hot-wallet / unauthorized-key access is the single most
frequent centralized-exchange attack vector — 39 incidents (~$1.21B)** — ahead of system/server exploits
(10), insider theft (7), and data leaks (6).
- **Total Bitcoin.** The in-scope losses sum to on the order of **~1,000,000 BTC**, overwhelmingly
concentrated in **Mt. Gox (~750,000+)** and **Bitfinex (~120,000)**, with a ~100,000-BTC tail across the
rest.
- **Who survived.** The exchanges that survived (Bitfinex, Binance, Bitstamp, KuCoin) generally had the
reserves or insurance to absorb the loss. Those that didn't (Mt. Gox, BitFloor) collapsed — and their
customers were not made whole.
## The lesson the data points to
Every incident above shares one root cause: **a private key that could sign was reachable from a
compromised, internet-connected machine.** The defenses that actually work are the ones that (1) keep the
signing key on tamper-resistant hardware it can *never* leave, and (2) require **more than one** such device,
on **more than one** host, to agree — so owning a single server, or coercing a single operator, moves
nothing. That is precisely a **2-of-3, policy-enforced multisig HSM**.
It does *not* replace a high-throughput hot-wallet engine — see the operator manual (§1.2). It secures the
**cold and warm tiers and the cold→hot refill pipe**: low-throughput, high-stakes, and exactly where the
incidents above happened.
## Disputed / imprecise figures (flagged honestly)
- **Mt. Gox** — sources range from ~750,000 BTC (customer) to ~850,000 BTC (incl. company coins); ~200,000
BTC were later recovered; USD ~$450500M at the Feb 2014 filing. (One widely-copied list states "$45M" — a
tenfold transcription error.)
- **Bitfinex** — precisely **119,756 BTC**; contemporaneous value **~$72M**, *not* the ~$623M figure some
lists quote (that is a later, higher valuation).
- **Bithumb** — 1,993 BTC traced on-chain vs ~2,016 BTC officially reported.
- **KuCoin / DMM / Zaif / Bithumb** — mixed-asset thefts; the BTC portion is shown where it could be pinned
down (KuCoin's bulk was ETH/ERC-20).
## Method & sources
Compiled via a fan-out research process: five parallel search angles, 21 sources fetched, 101 candidate
claims extracted, and the leading claims **adversarially verified** — three independent skeptics per claim,
each trying to refute it; a claim had to survive a majority refutation attempt to be kept. 22 of 25 verified
claims were confirmed; 3 were killed (including the inflated "Bitfinex ~$350M via BitGo" and "Mt. Gox 840k
BTC via stolen credentials" framings).
Primary and secondary sources include: Chainalysis (2025 crypto-theft report), TRM Labs (2026 crypto-crime
report), Elliptic (Bithumb on-chain tracing), the *Frontiers in Blockchain* 2025 academic dataset, exchange
post-mortems (Binance SAFU update; the 2016 Bitfinex disclosures), and contemporaneous reporting (CoinDesk,
Wikipedia, Fortune, *The Register*, *Bitcoin Magazine*, NPR). Key links:
- Chainalysis 2025 stolen-funds report — <https://www.chainalysis.com/blog/crypto-hacking-stolen-funds-2026/>
- TRM Labs 2026 crypto-crime report — <https://www.trmlabs.com/reports-and-whitepapers/2026-crypto-crime-report>
- Frontiers in Blockchain (Bello et al., 2025), 220-incident dataset — <https://www.frontiersin.org/journals/blockchain/articles/10.3389/fbloc.2025.1713637/full>
- Elliptic — following the money from the Bithumb hack — <https://www.elliptic.co/blog/following-money-from-bithumb-hack>
- 2016 Bitfinex hack (Wikipedia) — <https://en.wikipedia.org/wiki/2016_Bitfinex_hack>
- Bitstamp $5M hot-wallet hack (CoinDesk) — <https://www.coindesk.com/markets/2015/01/05/bitstamp-claims-5-million-lost-in-hot-wallet-hack>
- Mt. Gox (Gemini Cryptopedia) — <https://www.gemini.com/cryptopedia/mt-gox-bitcoin-exchange-hacked>
- Unchained — crypto hacks timeline — <https://www.unchained.com/resources/hacks>
---
*Compiled 2026-06-26 for the [mineracks multisig HSM](https://multisighsm.com) project. Figures are
best-available estimates priced at the time of each incident; where disputed, a range is given rather than a
single number. Corrections welcome via the repository.*
Reference in New Issue View Git Blame Copy Permalink