{"id":34354,"date":"2021-01-05T09:00:20","date_gmt":"2021-01-05T07:00:20","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=34354"},"modified":"2025-08-28T20:05:23","modified_gmt":"2025-08-28T17:05:23","slug":"the-major-hacks-of-2020-defi-exchanges-and-defi-again","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/the-major-hacks-of-2020-defi-exchanges-and-defi-again\/","title":{"rendered":"The Major Hacks of 2020: DeFi, Exchanges, and DeFi Again"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The year 2020 changed the world. After the initial shock from the pandemic and the ensuing market crash, people adapted to a new &#8216;isolation reality&#8217;. One of the most significant changes in daily life was the widespread shift to remote work.<\/span><\/p>\n<p><!--more--><\/p>\n<p><span style=\"font-weight: 400;\">Against this backdrop, cybercrime rose significantly. <a href=\"https:\/\/forklog.com\/en\/news\/experts-reveal-how-much-money-hackers-stole-from-cryptocurrency-users-over-nine-years\"><span style=\"font-weight: 400;\">As researchers forecast<\/span><\/a>, the number of attacks will continue to rise.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The cryptocurrency community and companies have long been in hackers&#8217; crosshairs. <a href=\"https:\/\/forklog.com\/en\/news\/atlas-vpn-study-finds-blockchain-industry-has-lost-13-6-billion-to-hacker-attacks\"><span style=\"font-weight: 400;\">analysts&#8217; data<\/span><\/a>, as of October the blockchain industry had lost more than $13.6 billion to attacks since 2012.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Unfortunately, hacks of Bitcoin exchanges and wallets are far from new for the industry. <a href=\"https:\/\/forklog.com\/en\/news\/ciphertrace-defi-protocol-hacks-surpass-99-million-since-the-start-of-the-year\"><span style=\"font-weight: 400;\">CipherTrace estimates<\/span><\/a>, by November attackers had stolen almost $100 million from DeFi protocols.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We recount the major hacks of 2020, in which users lost millions of dollars, and some firms even shut down.<\/span><\/p>\n<div class=\"wp-block-text-wrappers-keypoints article_keypoints\">\n<ul class=\"wp-block-list\">\n<li>The largest hack of the year was the attack on the cryptocurrency exchange KuCoin.<\/li>\n<li>Most often in 2020, DeFi protocols faced attacks, with several subjected to flash loan exploits.<\/li>\n<li>Beyond protocol and platform hacks, cybercriminals actively traded user data.<\/li>\n<\/ul>\n<\/div>\n<h3 class=\"wp-block-heading\"><b>KuCoin \u2014 one of the biggest hacks in industry history (loss \u2014 $280 million)<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The September attack on the KuCoin cryptocurrency exchange was <\/span><a href=\"https:\/\/www.theblockcrypto.com\/genesis\/78961\/a-look-at-the-third-largest-exchange-hack-and-its-aftermath\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">one of the biggest hacks in industry history<\/span><\/a><span style=\"font-weight: 400;\"><\/span><\/p>\n<p><span style=\"font-weight: 400;\">Initially the loss was estimated at <a href=\"https:\/\/forklog.com\/en\/news\/kucoin-bitcoin-exchange-hacked-losses-estimated-at-150-million\"><span style=\"font-weight: 400;\">$150 million<\/span><\/a><span style=\"font-weight: 400;\">, but analysts later revised it to <\/span><a href=\"https:\/\/forklog.com\/en\/news\/analyst-estimates-kucoin-hack-damage-at-280-million\"><span style=\"font-weight: 400;\">$280 million<\/span><\/a><span style=\"font-weight: 400;\">. The KuCoin hackers laundered funds through mixers <\/span><a href=\"https:\/\/forklog.com\/en\/news\/kucoin-stolen-bitcoins-pass-through-chipmixer\"><span style=\"font-weight: 400;\">through mixers<\/span><\/a><span style=\"font-weight: 400;\"> and the decentralized exchange <\/span><a href=\"https:\/\/forklog.com\/en\/news\/hackers-used-uniswap-to-launder-150m-siphoned-from-kucoin\"><span style=\"font-weight: 400;\">Uniswap<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By November KuCoin had returned a large portion of the stolen funds to users and restored deposits and withdrawals of assets.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>The ill\u2011fated hacker and dForce (loss \u2014 $25 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In April, a hacker attacked the DeFi protocol dForce. At the time of the theft, the amount stood at almost $25 million.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It turned out he exploited a vulnerability in the imBTC token of the ERC-777 standard and a critical vulnerability in the Lendf.me smart contracts responsible for updating user balances. In addition to the damage to dForce, the hacker drained all tokens from Lendf.me (291 imBTC or $2 million at the time of the attack).<\/span><\/p>\n<p><span style=\"font-weight: 400;\">However, the attacker made a fatal (for him) mistake \u2014 carelessly exposing his identifying details by directly contacting decentralized exchanges without using IPFS.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As a result, Singaporean authorities took an interest in the hacker, and he had to return all the stolen funds.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Harvest Finance: \u201cengineering error\u201d costing almost $20 million (loss \u2014 $19.8 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In October, the attacker stole $19.8 million from Harvest Finance. It took seven minutes to move the funds. The hacker later returned $2.47 million. The developers pledged to distribute them among users and offered a $1 million reward for help recovering the funds.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The project representatives attributed the attack to an \u201cengineering error.\u201d<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>The end of Pickle Finance\u2019s standalone life (loss \u2014 $19.7 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">A major loss resulted from an attack on another DeFi project, Pickle Finance. Hackers stole more than $19 million. The project\u2019s token collapsed and shortly after the hack Pickle Finance announced a merger with yEarn.Finance.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Eminence: another Andr\u00e9 Cronje project in the spotlight (loss \u2014 $15 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In September, a hacker withdrew $15 million from the unfinished DeFi project Eminence. Its launch was led by the well-known DeFi developer Andr\u00e9 Cronje.<\/span><\/p>\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\">\n<div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Andr\u00e9 Cronje: the man who outpaced Bitcoin\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/c9q2SBhYX6E?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div>\n<\/figure>\n<p><span style=\"font-weight: 400;\">Subsequently the hacker returned $8 million to Cronje.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Serial attacks on bZx (loss \u2014 $11.6 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The DeFi platform bZx suffered multiple hacks over the year. In February, attackers withdrew 1193 ETH. A few days later, bZx was hacked again and another 2388 ETH was stolen.<\/span><\/p>\n<p><a href=\"https:\/\/forklog.com\/en\/news\/defi-platform-bzx-loses-8-million-in-another-attack\"><span style=\"font-weight: 400;\">Another attack<\/span><\/a><span style=\"font-weight: 400;\"> occurred in September. The total damage amounted to more than $11.6 million at the time of writing.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>EXMO loses 6% of funds (loss \u2014 $10.5 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In late December, hackers breached the cryptocurrency exchange EXMO. Initially it was reported that about 5% of total assets were lost, but the exchange later clarified that 6% had been lost.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Estimated losses totaled $10.5 million.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Hacker-blackmailer and Nexus Mutual founder Hugh Karp (loss \u2014 $8 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Beyond exchanges and DeFi projects, individuals also attracted hackers&#8217; attention. In December, the attacker drained more than $8 million in NXM tokens from the personal wallet of Nexus Mutual founder Hugh Karp.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Karp reached out to the hacker via Twitter offering a $300 000 reward and a stop to the investigation in exchange for the return of funds. The latter replied. However, he did not agree to return the funds for nothing. The hacker said he would not sell the tokens until the price rose or until Karp transferred 4500 ETH to his address.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>\u201cBlack Thursday\u201d for MakerDAO (loss \u2014 $8 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Against the backdrop of the March market crash, attackers drained more than $8 million from MakerDAO.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Investors filed a class action lawsuit against Maker Foundation and several affiliated entities. The Maker Foundation published a report on the incident, but MKR holders declined to compensate losses to collateral holders in MakerDAO.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In September, the class action was forwarded to arbitration.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Origin Dollar attack (loss \u2014 $7 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In the night of 17 November, the hacker breached the Origin Dollar stablecoin network and moved more than $7 million.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To launder and move the funds he used the Tornado Cash mixer and renBTC.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By December, the Origin Protocol team presented a plan to compensate users for losses.<\/span><\/p>\n<blockquote class=\"wp-block-quote twitter-tweet is-layout-flow wp-block-quote-is-layout-flow\">\n<p dir=\"ltr\" lang=\"en\">Here\u2019s our detailed compensation plan for <a href=\"https:\/\/twitter.com\/search?q=%24OUSD&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$OUSD<\/a> holders. We appreciate everyone\u2019s patience as we worked to develop a detailed plan for providing compensation equal to 100% of the value deposited to OUSD at the time of the exploit.<\/p>\n<p>\ud83d\udc49 <a href=\"https:\/\/t.co\/x0NLrBduFP\">https:\/\/t.co\/x0NLrBduFP<\/a> <a href=\"https:\/\/t.co\/64tcRUcnk2\">pic.twitter.com\/64tcRUcnk2<\/a><\/p>\n<p>\u2014 Origin Protocol (@OriginProtocol) <a href=\"https:\/\/twitter.com\/OriginProtocol\/status\/1337570928931299328?ref_src=twsrc%5Etfw\">December 12, 2020<\/a><\/p>\n<\/blockquote>\n<p><script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2 class=\"wp-block-heading\"><b>Value DeFi and the conscientious hacker (loss \u2014 $6 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">As a result of the attack on MultiStables storage, an unknown person withdrew $6 million in stablecoins DAI and USDC from Value DeFi. He used a flash loan. Attacks of this kind affected DeFi projects Akropolis, Cheese Bank and warp.finance this year.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Developers proposed that the hacker keep $1 million and return the rest. The attacker ignored the offer, but partially reimbursed users.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For instance, the hacker returned 50,000 DAI to a nurse who said she had lost all her savings.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Hacked Eterbase (loss \u2014 $5.3 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In early September, hackers breached the Slovak cryptocurrency exchange Eterbase. The platform reported losses of user funds in BTC, Ethereum, Tron, XRP, Tezos and Algorand totaling more than $5.3 million.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Most of the funds were transferred to Binance, Huobi and HitBTC.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Bitcoin wallets under threat \u2014 attack on Cashaa (loss \u2014 $3.1 million)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">One of Cashaa&#8217;s bitcoin wallets was hacked in July. The hacker withdrew 336 BTC. At the time of the breach the loss was estimated at $3.1 million, which by December 2020 stood at more than $7.5 million.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">***<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This is not a complete list of hacks that occurred in 2020.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In February, the cryptocurrency exchange Altsbit was hacked. And although the stated loss seems relatively small ($285,000), the exchange was forced to shut down.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In the summer, Balancer and Opyn were subjected to hacks. Hackers also attacked crypto platforms hosted on GoDaddy, stole 1400 BTC from an investor, using an old version of the Electrum wallet and, according to media reports, hacked 2000 accounts of a Robinhood-friendly platform.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The attackers actively traded user data \u2014 by year-end, data on millions of Ledger wallet users was publicly exposed. Before that, Ledger users had suffered phishing attacks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Will cybercriminals intensify attacks on the crypto industry in 2021? Experts say yes. Yet leading crypto projects are not waiting passively for hacks \u2014 they are devoting more time to security, and researchers publish reports and recommendations on protection and countermeasures.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Ultimately, those that prioritise protecting funds and user data will capture a larger market share.<\/span><\/p>\n<p>Subscribe to ForkLog&#8217;s news on Telegram: <a href=\"https:\/\/t.me\/forklogfeed\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">ForkLog Feed<\/a> \u2014 the full news stream, <a href=\"https:\/\/telegram.me\/forklog\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The year 2020 changed the world. After the initial shock from the pandemic and the ensuing market crash, people adapted to a new &#8216;isolation reality&#8217;. One of the most significant changes in daily life was the widespread shift to remote work.<\/p>\n","protected":false},"author":1,"featured_media":34355,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[1144],"tags":[2076,1154],"class_list":["post-34354","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-longreads","tag-bitcoin-2020","tag-crimes"],"aioseo_notices":[],"amp_enabled":true,"views":"24","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/34354","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=34354"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/34354\/revisions"}],"predecessor-version":[{"id":34356,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/34354\/revisions\/34356"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/34355"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=34354"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=34354"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=34354"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}