Billions of dollars’ worth of crypto has been swiped from exchanges and networks via hacks and exploits. These are the five biggest heists.
Even as cryptocurrency has evolved into a multi-trillion-dollar asset class, it remains highly susceptible to hacks and scams, with the most severe incident occurring recently.
Malicious actors continue to exploit vulnerabilities in crypto protocols and the inexperience of users, draining over $10 billion in funds over the past five years, as reported by Chainalysis. In six of the last 11 years, losses from hacks and exploits have exceeded $1 billion annually, reaching a high of $3.7 billion in 2022.
The year 2025 has begun on a troubling note, with stolen funds already approaching the total for all of 2024, driven by a single, unprecedented hack of a centralized exchange. This attack now tops the list of the most significant crypto hacks in history, measured by the value of assets stolen at the time of the breach.
1) Bybit – $1.4 billion
The largest crypto hack of all time saw more than 400,000 Ethereum—valued at $1.4 billion at the time of the hack—and other Ethereum-based tokens swiped from a cold wallet from Dubai-based centralized exchange Bybit in February 2025.
The attack was confirmed by Bybit co-founder and CEO Ben Zhou, who indicated that a planned transfer was manipulated, resulting in the exchange unknowingly handing funds over to an attacker’s wallet.
The largest crypto hack of all time saw more than 400,000 Ethereum—valued at $1.4 billion at the time of the hack—and other Ethereum-based tokens swiped from a cold wallet from Dubai-based centralized exchange Bybit in February 2025.
The attack was confirmed by Bybit co-founder and CEO Ben Zhou, who indicated that a planned transfer was manipulated, resulting in the exchange unknowingly handing funds over to an attacker’s wallet.
The hack was quickly linked by on-chain sleuths to North Korea’s state-sponsored Lazarus Group, an entity responsible for taking more than $1.3 billion in crypto funds via hacks in 2024 alone. The FBI later confirmed that evidence points to Lazarus.
Despite the enormity of the hack, Bybit was able to process all withdrawals and filled its Ethereum gap quickly via a combination of loans, deposits, and purchases of the second-largest crypto asset.
In preliminary reports issued days after the attack, cybersecurity experts concluded that the issue arose when North Korean hackers planted malicious code into the infrastructure of Safe, the wallet provider utilized by Bybit.
2) Poly Network – $611 million
Poly Network, a multi-chain interoperability protocol, experienced the second-largest crypto hack of all time in 2021, losing roughly $611 million worth of various crypto assets across three separate chains.
The network’s developers confirmed the hack on August 10, 2021, asking miners or validators of Ethereum, Polygon, and BNB Chain (formerly Binance Smart Chain), as well as centralized exchanges, to blacklist addresses associated with the hack.
After immense pressure from the crypto community, the hackers began returning funds to Poly Network within a day of the hack, ultimately returning nearly all of the funds within 2 weeks of the exploit. The perpetrators said the attack was “just for fun” in a wild saga that involved numerous back-and-forth messages between the hacker, Poly Network, and the crypto community.
