8 Biggest Cyber Heists Ever Pulled Off

in the digital age you can rob a bank. over the internet from the other side of, the world and in fact this has resulted, in some of the largest bank robberies, ever not only that crypto exchanges are a constant target for wannabe thieves in. this video we'll cover the top eight. biggest cyber heists ever oh and if you like stories like this you'll love the podcast darknet diaries it goes in depth on some of these stories and you really, should check it out number eight operation high roller, 2012 an international network of cyber. criminals coordinated a series of bank. account robberies they did it all from, far away on their computers at some. point before the thefts began the, criminals gained access to banking networks in europe us and latin america by fishing bank employees credentials, through this access the group planted a variety of malware that allowed them to. manipulate financial transactions and began looking for high value accounts, such as big companies and government, accounts to target according to. researchers the criminals didn't focus on any accounts holding less than one. million dollars which earned the, investigation the name operation high, roller once their targets were picked. hackers used a series of servers in albania russia and the us to control as, many as 10 individual types of malware, and approved money transfers at atm, withdrawals and at banks in multiple, countries by switching between servers. attackers were able to avoid detection for quite a while as they manipulated, high-capacity bank accounts, while security researchers at mcafee. found the group attempted to transfer, and withdraw as much as 2.5 billion. dollars they only got away with 80. million dollars in cash through wire transfers and atm withdrawals to this. day no arrests have been made following the attacks despite it being one of the. most lucrative bank robberies ever. pulled off, number seven the bangladesh bank heist. april 2016 bangladesh criminals pulled off a massive bank robbery by infiltrating the network of the central, bank of bangladesh to get the money attackers fished bank employees and planted highly specific malware designed, just for the swift banking protocol this, is the communication platform used by thousands of banks around the world to, approve transfers between financial. institutions ultimately the attackers accessed computers that were authorized, to make large bank transfers and they, initiated multiple transfers draining, the money which belonged to the bangladesh bank itself. the robbery required more than just, hackers though people involved with the heist open bank accounts around the. world for the money to be transferred to, the theory was if they transferred all, of this to one account and that one transfer failed then the whole operation would fail so the heist was broken up into multiple smaller transfers into, other bank accounts controlled by the, thieves then people who owned those accounts would withdraw the money in. total they attempted to transfer, 951 million dollars almost 1 billion dollars were stolen. but due to some errors and typos not all the money made it into thieves accounts only 81 million dollars was stolen which, is still a lot the thieves quickly transferred that money from their bank account to a casino and once at the casino they gambled for a short while as, a way to launder the money and then they. cashed out their chips and left after the heist researchers connected this to the well-known north korean, lazarus group a group of. military-trained hackers that work for the north korean government and it, appears they got away with it the us has. indicted park jin hyuk as being. responsible for this but no arrests have. been made and it's likely none ever will number six the big grail bug. february 2018 italy a crypto exchange. called bitgrail claimed it was attacked. and suffered a major loss of a certain. cryptocurrency a leaked chat gives us clues as to what happened supposedly there was a bug in. the blockchain or this exchange and they. found a user sending the nano cryptocurrency from one wallet to another which is normal but the transfer. was exploiting the bug and instead of the money transferring into the wallet. as it should twice as much of what was. sent was arriving in the wallet what's worse is that the amount on the, blockchain did not show that twice as, much was received so whoever was exploiting this bug was doing it under, the radar but bitgrill saw some anomalies and as, soon as they figured out what was going, on they shut down all nano transactions. and reported the loss to the police but. the damage was already done the attacker was able to generate and withdraw 17. million nano coins to an outside wallet. which was worth. 175 million dollars at the time. because big grail lost that much money, it caused them to shut down perhaps forever, they were not transparent about the, details of this incident which leaves it, open to speculation about what really. went on there some even suggesting that this might have been an exit scam it's, been three years now and the site still has not come back up few details are, actually known but when. 175 million dollars is stolen in. cryptocurrency. makes this one of the largest heists in history. number five kucoin september 2020, seychelles this attack focused on a popular crypto exchange called kucoin. who claims to have over 8 million users. somehow somewhere the private key to, their hot wallet was leaked, see crypto exchanges have a hot and cold wallet to keep their users money in, think of the hot wallet like a cash. register inside a store you only need

enough for a day to be in there and you. should sweep out any extra whenever you, have a chance and put that in a bank. vault or a cold storage account well. early in the morning of september 26 2020 kucoin's team received an alert, from their risk management system when their security team looked into it they noticed suspicious activity of some of. the exchange's hot wallets used for. handling transactions the team immediately shut down the servers but still saw some transactions happening. from their accounts to wallets outside. the exchange, over the next several minutes kucoin. security watched as someone transferred. large numbers of bitcoin ethereum and. other cryptocurrencies to several accounts outside their exchange, once crypto coins are transferred to, another wallet there's no way to undo it and get your money back it's gone forever but the kucoin team was able to. take control of their wallets before the. thieves could empty them completely. the thieves were able to take, 275 million dollars worth of. cryptocurrencies from crew coin but surprisingly enough kucoin did not. go out of business from this they fixed, the problem and came back online shortly after, an investigation by a company called chain analysis found evidence that the. thieves were from north korea and it was the lazarus group again the same hacking. team that robbed the bangladesh bank the exchange was able to minimize the damage. and protect its users from the impacts, but if it was the lazarus group it. remained safe and protected inside the, secluded north korea, 4. mount cox february 2014 tokyo mount gox the leader in bitcoin exchanges at the time. files for bankruptcy protection it somehow lost its users money mount gox. was a bitcoin exchange ran by mark carpolis in the early 2010s in fact it. was one of the first bitcoin exchanges, and i say bitcoin exchange not crypto. exchange because bitcoin was the only cryptocurrency back then and that's all. they traded so when this newfangled digital money showed up and attracted a, lot of thieves it still does attract a lot of thieves so mount gox faced. constant web attacks database attacks attempted wallet snatching and so much more on top of that mark carpolis was trying to run the whole site by himself, and he made a lot of mistakes along the. way, mount gox suffered a series of bitcoin, thefts while it was up one of the first, big losses was when someone hacked into, mark's personal computer and found a. bitcoin wallet there with 300 000 of. mount gox's bitcoin in it the thief was. able to steal all 300 000 bitcoins but that thief got nervous and returned. 99 of the bitcoins back to mark keeping, 3 000 for themselves there was another, attack when someone hacked into the, database of mount cox and was able to, steal 80 000 bitcoin but the biggest theft at mount cox was when someone got. into the network and found the hot, wallet for the site and was able to siphon off any bitcoin coming into this, wallet, this lasted for months in 2013 and by, the time mark saw what was going on the, thief had already taken over 500 000 bitcoins, this ultimately caused the site to fold up and go under which meant that the, users who thought they had bitcoin on the site were no longer to get into, their accounts on mount docs and get their money back in total there were over 750 000, bitcoins stolen from mount gox while it was up that's seven percent of all the bitcoin, in circulation at the time which was worth about. 450 million us dollars number three coin. check. january 2018 tokyo japan coin check one of the world's leading, cryptocurrency exchanges at the time was targeted in what would be one of the, world's largest cyber heists coin check, was founded in 2014. over the years the. platform grew to become one of the leading exchanges for a variety of cryptocurrencies including bitcoin. ethereum and nem nem, four years after its founding users of. the exchange got suspicious when coin. checks suddenly suspended deposits and. withdrawals of nem cryptocurrency rumors. began to circulate that the exchange had been hacked but the owners assured users, that they hadn't noticed any technical, issues at the exchange a short time. later on january 26th coinchecks president and ceo along with the company's coo held a press conference and announced that approximately 500, million nem had been stolen from coin. check and transferred to wallets outside, the exchange, and how much was one nem worth at the time about one us dollar so in total the, thieves made off with over 500 million. dollars worth of cryptocurrency well the company never disclosed exactly how it happened but we do know is that. the attackers somehow accessed the exchange's hot wallet and were able to, take millions of nem tokens out of it in, their announcement about the attack the. ceo admitted that the exchange failed to use multi-signature authentication a. security measure they touted as a, cornerstone of their platform's safety, features this combined with a lack of regulatory oversight is what made the attack possible. so who stole this 530 million dollars worth of nem. a report by the ib group says it was done by, yeah you guessed it the lazarus group in north korea the north korean government. has been blamed for stealing almost two, billion dollars from banks and crypto. exchanges in recent years and as far as, i know the north korean government is the only government in the world that, hacks for financial gain, number two the pali network heist august, 2021 a hacker exploited the poly network,

and stole over 600 million dollars worth. of crypto coins which by the way should not be confused with the polygon mata, coin that's a different thing altogether if you're not up on all the newest tech, involved with cryptocurrencies it's okay. because things are updating and. innovating so fast that nobody can keep. up with it all what the poly network, does is it provides interoperability between two different blockchains some. of these blockchains have what's called, smart contracts on them which allows you to put little pieces of code that. executes when money is sent somewhere, and this code can tell the poly network. to do certain things like exchange one. coin for another without the need of a full-blown exchange, well this hacker was able to inject. their own code which allowed them to. convince the poly network to send the hacker tons of money this is one of the, inherent problems with innovation in the cryptocurrency space there are so many different currencies exchanges define, networks and technologies involved and they're all developing with new, functionalities at such an alarming rate that yeah some of this stuff isn't, tested all the way and has. vulnerabilities. this hacker found a major vulnerability in the poly network they were able to basically reroute money to their own, account and by doing this they were able. to steal, 270 million dollars worth of ethereum. 230 million dollars worth of finance smart chain tokens 83 million dollars, worth of polygon matic coins and some, other coins too now it sounds like this. was just done by one single person or a small group and not some sophisticated cyber criminal gang or a nation-state. actor and this person obviously knows a, lot about cryptocurrencies and could probably figure out a very clever way to. cash out on it all and live large for. the rest of their life, but in a strange twist of this story, they actually decided to pay the money back, it sounds like they just tried to do. this for fun and was surprised when it. worked but didn't actually want to steal, people's money, and yeah as of today this hacker has on their own accord returned all of the 600 million dollars to the rightful owners. the poly network has offered a 500 000, reward to this hacker as sort of a bug, bounty award for showing them this huge, flaw on top of that they invited the hacker to be their chief security, advisor to help them in the future and, so far it doesn't look like mr white hacker has taken any of the 500 000. or the job and i doubt they will since, they like staying anonymous and who, knows maybe an offer like that is just bait to catch the theme, number one carbonac august 2013 authorities in several countries started. to catch on to cashing rings or bands of. people who would go to atms and withdraw. cash on behalf of cyber criminals who, had transferred money to various. accounts what they uncovered was, ultimately the most successful bank robbery recorded to date in 2013 the cyber security firm, kaspersky released a report about the attack in it they said attackers. injected malware into financial. institutions around the world mostly through spear phishing emails sent to, low-level bank employees this malware. which is called carbonacc it exploited a windows vulnerability and it allowed, attackers to get into the bank transfer. software and move money around as they wished once there they were able to manipulate atms to dispense cash and. this was so well coordinated that the, person who would go to pick up the cash at the atm didn't even have to touch the atm as soon as they'd arrived the money. would just start spinning out of the atm. until it was empty over the course of. two years the cyber criminals gained, access to many banks and coordinated, with a team of cashiers to get a lot of, money withdrawn investigators tracked, the first carbonic infection into august of 2013 and found the height of the attacks to have taken place during the. summer of 2014 while the malware affected banks and institutions across. the world most of the victims are reported to be from china germany russia and the us, one of the reasons carbon act was so successful was the fact that it targeted. institutions themselves rather than individual customers this allowed the. attackers more access to larger sums of money and avoided setting off fraud. triggers meant to capture suspicious. activity in individual accounts that. combined with a highly organized team carrying out the operation made this, heist the most lucrative hack ever, reported it's hard to say how much they, took since so many banks were targeted by this but it's estimated that these. thieves got away with 900 million dollars, for the most part it looks like whoever. was behind this did not get caught there. have been a few arrests but it looks like low-level players in this operation. and not the mastermind or organizers, behind it all okay that does it for the top cyber, heist but you might be wondering what. about exit scams yeah you're right i think exit scams just deserves its own. video though because i consider those, internal attacks so that's what i plan. to do for the next video so make sure you click subscribe so you can be the, first to know when that video comes out. and if you'd like to know more about. these cyber heists check out the podcast. darknet diaries in that show i went in depth on carbonac mount gox and the, bangladesh bank heist and the details of those stories will surprise you i even interviewed someone from north korea to, learn more you'll find that show on any, podcast player on the planet or at. darknetdiaries.com, ,