This article has multiple issues. Please helpimprove it or discuss these issues on thetalk page.(Learn how and when to remove these messages) This articleprovides insufficient context for those unfamiliar with the subject. Please helpimprove the article byproviding more context for the reader, especially: background information on wallet cryptography and central exchange vulnerabilities related to security of blockchain assets.(July 2021) (Learn how and when to remove this message) This articlemay containexcessive orirrelevant examples. Please helpimprove it by removingless pertinent examples andelaborating on existing ones.(December 2022) (Learn how and when to remove this message) This article needs to beupdated. Please help update this article to reflect recent events or newly available information.(July 2024) (Learn how and when to remove this message)

Cryptocurrency and crime describe notable examples ofcybercrime related to theft (or the otherwise illegal acquisition) ofcryptocurrencies and some methods orsecurity vulnerabilities commonly exploited.Cryptojacking is a form of cybercrime specific to cryptocurrencies used on websites to hijack a victim's resources and use them for hashing and mining cryptocurrency.^[1]

According toblockchain analysis companyChainalysis, around US$2.5 billion was laundered through Bitcoin between 2009 and 2018, and the fraction of cryptocurrency transactions linked to illicit activities has been on the rise since early 2019.^[2] In 2021, 0.15% of known cryptocurrency transactions conducted were involved in illicit activities like cybercrime,money laundering andterrorism financing, representing a total of $14 billion.^[3] The FBI estimated that crypto fraud costs American investors $4.8 billion in 2023.^[4]

There are various types ofcryptocurrency wallets available, with different layers of security, including devices, software for different operating systems or browsers, and offline wallets.

Novel exploits unique to blockchain transactions exist, and aim to generate unintended outcomes for those involved. One of the more well-known issues that open the possibility for exploits onBitcoin is thetransaction malleability problem.^[5]

The Immunefi Crypto Losses 2022 Report lists industry losses from frauds and hacking as a combined total ofUS$3.9 billion for the year, andUS$8 billion for 2021.^[6]

Despite increasingly strict regulations in the US and Europe, Crypto Crime continues to rise, with losses in early 2025 already exceeding $502 million, according to Bitrace’s Crypto Crime Report 2025. Hacks account for 63% of these losses, with phishing and rug pulls also contributing significantly, particularly on decentralized exchanges likeUniswap andTornado Cash. Criminals are using ever more sophisticated methods, including smart contract attacks and deepfake scams. While some crypto exchanges are strengthening compliance and transparency, such asCoinbase andPayPal’s collaboration on stablecoins, others still overlook suspicious transactions. New regulations are pushing companies to tighten Know-Your-Customer (KYC) and Anti-Money Laundering (AML) procedures, but criminals keep exploiting loopholes. For investors, vigilance remains crucial. Thorough research, secure wallets, and skepticism toward offers that seem too good to be true are essential as crypto crime becomes increasingly professionalized.^[7]

In 2018, around US$1.7 billion in cryptocurrency was lost to scams, theft and fraud. In the first quarter of 2019, such losses rose to US$1.2 billion.^[8] 2022 was a record year for cryptocurrency theft, according toChainalysis, withUS$3.8 billion^[9] stolen worldwide during 125 system hacks,^[10] includingUS$1.7 billion stolen by "North Korea-linked hackers".^[9]

Notable cryptocurrency exchange compromises resulting in the loss of cryptocurrencies include:

• Between 2011 and 2014,US$350 million worth of bitcoin was stolen fromMt. Gox.^[11]
• In 2016,US$72 millionwas stolen through exploitingBitfinex's exchange wallet, users were refunded.^[12]
• On December 7, 2017, Slovenian cryptocurrency exchangeNiceHash reported that hackers had stolen over $70 million using a hijacked company computer.^[13][14]
• On December 19, 2017, Yapian, the owner of South Korean exchange Youbit, filed for bankruptcy after suffering two hacks that year.^[15][16] Customers were still granted access to 75% of their assets.^[17]
• In 2018, cryptocurrencies worthUS$400 million were stolen fromCoincheck.^[18]
• In May 2018,Bitcoin Gold had its transactions hijacked and abused by unknown hackers.^[19] Exchanges lost an estimated $18 m and Bitcoin Gold was delisted from Bittrex after it refused to pay its share of the damages.
• In June 2018, South Korean exchange Coinrail was hacked, losing over $37M worth of crypto.^[20] The hack worsened an already ongoing cryptocurrency selloff by an additional $42 billion.^[21]
• On July 9, 2018, the exchange Bancor, whose code and fundraising had been subjects of controversy, had $23.5 million in cryptocurrency stolen.^[22][23]
• ZaifUS$60 million in Bitcoin,Bitcoin Cash andMonacoin was stolen in September 2018^[24]
• Binance In 2019 cryptocurrencies worthUS$40 million were stolen.^[18][25]
• Africrypt founders are suspected of absconding in June 2021 with US$3.6 billion worth of Bitcoin^[26]
• PolyNetwork (DeFi) suffered a loss of US$611 million in a theft in August 2021.^[27]
• Japanese cryptocurrency exchange Liquid was compromised in August 2021 resulting in a loss of US$97 million worth of digital coins^[28]
• Cream Finance was subject to a US$29 million theft in August 2021^[29] and $130 million on October 28, 2021.^[30]
• On December 2, 2021, users of the BadgerDAO DeFi lost around $118,500,000 worth of bitcoin and $679,000 worth of ethereum tokens in a front-end attack. A compromised API key of theCloudflare content delivery network account allowed the injecting of a malicious script into the web interface. BadgerDAO "paused" allsmart contracts due to user complaints.^[31]
• On December 6, 2021, the cryptocurrency exchangeBitmart lost around $135M worth of Ethereum and an estimated $46 million in other cryptocurrencies due to a breach of two of its wallets.^[32] Although BitMart stated that it would reimburse its clients, many BitMart clients have not received any money from the exchange as of January 2022.^[33]
• On December 12, 2021, users of VulcanForge lost around $135M worth of PYR due to breaches of multiple wallets. Partnering centralized exchanges had been notified of the hack and they have pledged to seize any stolen funds upon deposit.^[34]
• On January 27, 2022, Qubit Finance (DeFi) lost around $80M worth of Binance Coin due to a flaw in the smart contract that enabled the withdrawal of the said amount in exchange for a deposit of 0 ETH.^[35]
• In March 2022,^[36] the largest cryptocurrency theft of the year,US$625 million in ether and USD coin was stolen from theRonin Network. Hacked nodes were finally discovered when a user reported being unable to withdraw funds. The heist was later linked toLazarus Group, aNorth Korean state-backed hacking collective, by theU.S. Treasury Department.^[10]
• On September 20, 2022, Wintermute was hacked resulting in theft ofUS$160 million. The company attributed the vulnerability to a service used by the platform that generates vanity addresses for digital accounts.^[10]
• On September 25, 2023, it was reported that $200 million was stolen by hackers from Hong Kong-based crypto firm Mixin Network. The company suspended deposits and withdrawals, stating that the database of its network's cloud service provider was attacked by hackers resulting in the loss of the assets.^[37][38]
• On February 21, 2025 the exchangeBybit reported the theft of $1.5 billion in ether, estimated at the time to be the largest crypto heist in history. A blockchain analysis firm linked the attack to theLazarus Group which exploited security features transferring the money to multiply unidentified addresses^[39]
• On June 17, 2025 it was reported that there was cyberattack on Iran's biggest cryptocurrency exchange, Nobitex. The attack was done during theIran–Israel War. The attack, blamed on the Israel-linked hacker groupGonjeshke Darande (also called "Predatory Sparrow"), led to the theft of more than $90 million in digital assets, mostly Tether (USDT) on the Tron network.^[40]

TheParity Wallet has had two security incidents amounting to 666,773ETH lost or stolen.^[41] In July 2017, due to a bug in themulti-signature code, 153,037 ETH (approximatelyUS$32 million at the time) were stolen.^[42][43] In November 2017, a subsequent multisignature^{[clarification needed]} flaw inParity made 513,774 ETH (aboutUS$150 million) unreachable;^[44][45] as of March 2019, the funds were still frozen.^[46]

Notable cases of electricity theft to mine proof-of-work cryptocurrencies include:

• In February 2021 Malaysian police arrested six men involved in a Bitcoin mining operation which had stolen US$2 million in electricity^[47]
• Ukraine authorities shut down an underground gaming and cryptocurrency farm in July 2021, accused of stealing $259,300 of electricity each month^[48]
• In July 2021 Malaysian authorities destroyed 1,069 cryptocurrency mining systems accused of stealing electricity from the grid^[49]
• In May 2021 UK authorities closed a suspected bitcoin mine afterWestern Power Distribution found an illegal connection to the electricity supply^[50]

There have been many cases of bitcoin theft.^[51] As of December 2017^[update], around 980,000 bitcoins—over five percent of all bitcoin in circulation^[a]—had been lost oncryptocurrency exchanges.^[52]

One type of theft involves a third party accessing theprivate key to a victim's bitcoin address,^[53] or anonline wallet.^[54] If the private key is stolen, all the bitcoins from the compromised address can be transferred. In that case, the network does not have any provisions to identify the thief, block further transactions of those stolen bitcoins, or return them to the legitimate owner.^[55]

Theft also occurs at sites where bitcoins are used to purchase illicit goods. In late November 2013, an estimatedUS$100 million in bitcoins were allegedly stolen from the online illicit goods marketplaceSheep Marketplace, which immediately closed.^[56] Users tracked the coins as they were processed and converted to cash, but no funds were recovered and no culprits were identified.^[56] A different black market,Silk Road 2, stated that during a February 2014 hack, bitcoins valued at $2.7 million were taken fromescrow accounts.^[57]

Sites where users exchange bitcoins for cash or store them in "wallets" are also targets for theft. Inputs.io, an Australian wallet service, was hacked twice in October 2013 and lost more than $1 million in bitcoins.^[58] GBL, a Chinese bitcoin trading platform, suddenly shut down on 26 October 2013; subscribers, unable to log in, lost up to $5 million worth of bitcoin.^[59] In late February 2014Mt. Gox, one of the largest virtual currency exchanges, filed for bankruptcy in Tokyo amid reports that bitcoins worthUS$350 million had been stolen.^[60]Flexcoin, a bitcoin storage specialist based inAlberta, Canada, shut down in March 2014 after saying it discovered a theft of about $650,000 in bitcoins.^[61] Poloniex, a digital currency exchange, reported in March 2014 that it lost bitcoins valued at around $50,000.^[62] In January 2015 UK-basedbitstamp, the third busiest bitcoin exchange globally was hacked andUS$5 million in bitcoins were stolen.^[63] In February 2015, a Chinese exchange named BTER lost bitcoins worth nearly $2 million to hackers.^[64]

A major bitcoin exchange,Bitfinex, was compromised by the2016 Bitfinex hack, when nearly 120,000 bitcoins (aroundUS$71 million) were stolen in 2016.^[65] Bitfinex was forced to suspend its trading. The theft was the second-largest bitcoin heist ever, dwarfed only by the Mt. Gox theft in 2014. According toForbes, "All of Bitfinex's customers... will stand to lose money. The company has announced a cut of 36.067% across the board."^[66] Following the hack the company failed to refund customers, though efforts are continuing.^[67] In 2022, the US government recovered 94,636 bitcoin (worth approximately $3.6 billion at the time of recovery) from the 2016 thefts of the Bitfinex exchange, reported as the "largest financial seizure" in U.S. history.^[68] By February 2022, the amount of bitcoin stolen in 2016 had increased in value to $4.5 billion. Two people were arrested for the thefts^[69] in 2022; married couple Ilya “Dutch” Lichtenstein and rapperHeather "Razzlekhan" Morgan were charged with conspiracy to commit money laundering and conspiracy to defraud the United States.^[68]

On May 7, 2019, hackers stole over 7000 Bitcoins from the Binance Cryptocurrency Exchange, at a value of over 40 million US dollars. Binance CEO Zhao Changpeng stated: "The hackers used a variety of techniques, including phishing, viruses, and other attacks... The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time."^[70]

Thefts have raised safety concerns. Charles Hayter, founder of the digital currency comparison website CryptoCompare said, "It's a reminder of the fragility of the infrastructure in such a nascent industry."^[71] According to the hearing of the U.S. House of Representatives Committee on Small Business on April 2, 2014, "these vendors lack regulatory oversight, minimum capital standards and don't provide consumer protection against loss or theft."^[72]

Japan and theUnited States have accused North Korean hackers of stealingcryptocurrency worth over $300 million from the Japan-based exchange DMM Bitcoin. The theft was attributed to the TraderTraitor group, believed to be part of the Lazarus Group, which is allegedly linked to North Korean authorities. The incident occurred in late May 2024, involving the theft of 4,502.9Bitcoin. The theft involved the hackers usingsocial engineering tactics to impersonate a recruiter onLinkedIn and send a malicious pre-employment test to an employee at acrypto wallet software company. This allowed them to compromise the employee's system and manipulate a legitimate transaction request from DMM, resulting in the loss of 4,502.9Bitcoin. TheFBI and Japan's National Police Agency are collaborating to combat North Korea's cybercrime activities, which date back to the mid-1990s and include a cyber-warfare unit known asBureau 121. The Lazarus Group has previously gained notoriety for its involvement in high-profile hacks, including the attack onSony Pictures in retaliation for the film "The Interview."

In June 2016, hackers exploited a vulnerability inThe DAO to stealUS$50 million. Subsequently, the currency was forked intoEthereum Classic, and Ethereum, with the latter continuing with the new blockchain without the exploited translations.^[73][74]

On November 21, 2017,Tether announced that it had been hacked, losing $31 million in USDT from its core treasury wallet.^[75] The company has 'tagged' the stolen currency, hoping to 'lock' them in the hacker's wallet (making them unspendable).^[76]

In 2022, hackers created a signature account on a blockchain bridge called "Wormhole" and stole more than $300 million worth of ether.^[77]

Mostexit scams (orrugpulls) as well as many ponzi schemes involving cryptocurrencies are performed throughInitial Coin Offerings (ICOs).^[78] As an example, according to a report bySatis Group, almost 80% of all projects launched through an ICO in 2017 were scams.^[79] These scams usually involve attracting investments from mostly retail investors, inflating the price and the perpetrators subsequently abandoning the project in question after selling off their own shares.^[80]

The novelty of ICOs accounts for the current lack of governmental regulation.^[81] This lack of regulatory measures as well as the pseudonymity of cryptocurrency transactions and their international nature across countless jurisdictions in many different countries can make it much more difficult to identify and take legal action against perpetrators involved in these scams.^[82][83] Since 2017 theSEC has been actively pursuing groups and individuals responsible for ICO-related scams.^[84]

• AriseCoin (AriseBank):AriseBank marketed itself as the world's firstdecentralized bank, falsely claiming to be able to offerFDIC-insured accounts,VISA cards as well as services related to cryptocurrency and making other false statements.^[85]AriseBank promoted itsAriseCoin through celebrity endorsement and social media in order to raise theUS$1 billion the company was aiming for.^[86] Their ICO was halted by the SEC in early 2018 with theirCEO andCOO receiving a fine ofUS$2.7 million.^[87]
• BitConnect: Bitconnect was among the highest-performing cryptocurrencies in 2017, promising investors enormous returns through a trading bot.^[88] At its height, it reached a market capitalization ofUS$3.4 billion.^[89] In early 2018 the exchanged ceased to operate with investors losing millions of dollars, amounting to a total ofUS$14.5 million.^[90] It later turned out that the initial profits were generated through a Ponzi scheme by paying earlier customers with money made through newer customers.^[91] Legal action against the perpetrators was taken on an international scale.^[92]
• Centra: Centra was a Miami-based company that claimed to offer a cryptocurrency-based debit card backed by a VISA andMastercard. The company raisedUS$32 million by October 2017 through an ICO and, f few months later, performed an exit scam. In April 2018 two of the founders were arrested. It was soon revealed that neither Mastercard nor VISA backed the company in their alleged efforts.^[90]
• Modern Tech (PinCoin/iFan): Based in Vietnam, Modern Tech hosted two separate ICOs forPinCoin as well asiFan promising monthly returns of 48%.^[90] After the initial success, the founders ran off with approximatelyUS$660 million raised from 32,000 investors.^[93] The founders are still at large and none of the funds have been retrieved.^[94]
• PlexCoin: After Dominic Lacroix and Sabrina Paradis-Rogers (the founders ofPlexCoin) had officially raised aroundUS$15 million through a fraudulent ICO in August 2017 while promising a return of 1,354 % within a month, the SEC filed a civil complaint in December of the same year against them and sought an injunction to cease those sales, freeze the assets involved, pay civil penalties and prohibit the ones responsible behind the token launch from participating in any future offerings of cryptocurrency.^[95] Shortly after Lacroix was sentenced to two months in prison and finedCA$110,000 by theQuebec Superior Court.^[96] The SEC's proceedings led to seven-figure fines for the defendants in 2019 and a retrieval of the investors' funds.^[97] During the proceedings, the SEC was able to prove that the success of the ICO was inflated by the founders who in fact had raisedUS$8.5 million instead of theUS$15 million they had announced.^[98]

Ponzi schemes are another common form of utilizing blockchain-based technologies to commit fraud. Most schemes of this sort usemulti-level marketing schemes to encourage investors to conduct risky investments.^[99]Onecoin is one of the more notable examples of cryptocurrency-ponzi schemes: Founded in 2014 byRuja Ignatova, OneCoin is estimated to have generatedUS$4 billion in income.^[88] While at least in China some of the investors' funds have been recovered and several members of the organisation arrested in the U.S., Ignatova herself is still at large.^[100]

Due to the inability of third parties to de-pseudonymize crypto transactions criminal entities have often resorted to using cryptocurrency to conduct money laundering.^[101] Especially ICOs lackingKYC guidelines and anti-money laundering procedures are often used to launder illicit funds due to the pseudonymity they offer.^[86] By using ICOs criminals launder these funds by buying tokens off of legitimate investors and selling them. This issue is intensified by the lack of measures against money laundering implemented by centralized cryptocurrency exchanges.^[86]

A well-known early example of money laundering using cryptocurrencies isSilk Road. Shut down in 2013 with its founderRoss Ulbricht indicted for among other counts a money laundering conspiracy, the website was used for several illicit activities including money laundering solely using Bitcoin as a form of payment.^[102]

Apart from traditional cryptocurrencies,Non-Fungible Tokens (NFTs) are also commonly used in connection with money laundering activities.^[103] NFTs are often used to performWash Trading by creating several differentwallets for one individual, generating several fictitious sales and consequently selling the respective NFT to a third party.^[104] According to a report byChainalysis, these types of wash trades are becoming increasingly popular among money launderers especially due to the largely anonymous nature of transactions on NFT marketplaces.^[105][106] Auction platforms for NFT sales may face regulatory pressure to comply with anti-money laundering legislation.^[107]

Canada is generally regarded as the first state actor implementing regulatory measures dealing with money laundering conducted by the usage of cryptocurrencies.^[108] By 2013 theFinancial Crimes Enforcement Network (FinCEN) — in direct reference to the centralized exchangeMt. Gox — issued regulations making it clear that all crypto-to-fiat exchangers had to apply KYC- as well as anti-money laundering methods.^[109] Any suspicious transactions have therefore to be reported to the authorities.^[110] Centralized exchanges have to register as money transmitters, with the exact definition of who and what constitutes amoney transmitter in the crypto sphere being somewhat blurred and regulations differing between the different states of the U.S.^[111] An important exemption from these regulations isdecentralized exchanges due to the fact that they do not hold any fiat currency.^[112]

As part of theFifth Anti-Money Laundering Directive of 2018 and in an effort to combat money laundering and the financing of terrorism, theEuropean Union has issued a directive making all member-states have to make sure that crypto exchanges are licensed and registered.^[113] The EU is furthermore planning to take measures to ensure that all customers of cryptocurrency exchanges are to verify their identity as part of the registration process.^[114]

Auction platforms for NFT sales may face regulatory pressure to comply with anti-money laundering legislation. A February 2022 study from theUnited States Treasury assessed that there was "some evidence of money laundering risk in the high-value art market," including through "the emerging digital art market, such as the use of non-fungible tokens (NFTs)."^[115] The study considered how NFT transactions may be a simpler option for laundering money through art by avoiding transportation or insurance complications in trading physical art. Several NFT exchanges were labeled as virtual asset service providers that may be subject toFinancial Crimes Enforcement Network regulations.^[116]

TheEuropean Union has yet to establish specific regulations to combat money laundering through NFTs. TheEuropean Commission announced in July 2022 that it is planning to draw regulations regarding that issue by 2024.^[117][114]

A cryptocurrency giveaway scam involves scammers compromising or impersonating celebrities, influencers, or well-known companies to falsely claim they are multiplying cryptocurrency or giving away free cryptocurrency viaairdrop. A variety of methods are used to promote these scams, primarily through posts andlivestreams onsocial media.

YouTube is a platform commonly used to promote this scam. Popular accounts are hacked to stream pre-recorded videos of the impersonated figure, overlaid with fake giveaway announcements that often encourage viewers to visit the scammer’s website.^[118] In July 2020,Apple co-founderSteve Wozniak and 17 other victims filed a lawsuit against YouTube and its parent company,Google, alleging that the platform allowed scammers to use their name, image and likeness in cryptocurrency giveaway scams.^[119] After earlier dismissals based onSection 230, a 2024California Court of Appeal ruling allowed the case to proceed, finding that YouTube’s role may fall outside those legal protections, with the case now pending further proceedings in the lower court.^[120]

In the2020 Twitter account hijacking, 130 high-profile accounts, including those of multi-billionaireElon Musk and thenU.S. president Joe Biden, were used to promote a bitcoin giveaway scam. Within minutes of the initialtweets, more than 320 transactions had been sent to one of the wallet addresses, and over US$110,000 worth of bitcoin had been deposited before the scam messages were removed byTwitter.^[121]Coinbase blacklisted the bitcoin address and said they stopped over 1,000 transactions totaling over US$280,000 from being sent.^[122]

Paper wallet generators allow users to create a wallet address and corresponding private key. While not dubious in itself, fraudsters can create infected generators that secretly communicate the generated keys to the creator, giving them control of the wallet.^[123]

In August 2017, a bad actor began advertising an onlineIOTA wallet seed generator. To gain the victim's trust, they linked to a legitimateGitHub repository, claiming that their website used the same code. In reality, the website used an intentionally predictablerandom number generator, resulting in the same IOTA wallet seeds being generated. Each of these seeds was logged.^[124] On January 19, 2018, the attacker drained approximately US$3.94 million from wallets created during the six-month period. Profiles associated with the website on GitHub,Reddit, andQuora that had provided support to users were deleted, and the website was updated to display the message: “Taken down. Apologies.”^[125] In January 2019,Europol arrested a 36-year-old man fromOxford, England believed to be behind the attack.^[126]

Josh Garza, who founded the cryptocurrency startups GAW Miners and ZenMiner in 2014, acknowledged in aplea agreement that the companies were part of apyramid scheme, and pleaded guilty towire fraud in 2015. The U.S.Securities and Exchange Commission separately brought a civil enforcement action against Garza, who was eventually ordered to pay a judgment ofUS$9.1 million plus $700,000 in interest. The SEC's complaint stated that Garza, through his companies, had fraudulently sold "investment contracts representing shares in the profits they claimed would be generated" from mining.^[136] Garza was later found guilty of fraud and ordered to payUS$9 million and begin serving a 21-month sentence commencing January 2019 by the U.S. Attorney's Office District of Connecticut.^[137]

The cryptocurrency community refers to pre-mining, hidden launches,ICO or extreme rewards for the altcoin founders as deceptive practices.^[138] This is at times an inherent part of the cryptocurrency's design.^[139] Pre-mining refers to the practice of generating the currency before its released to the public.^[140]

FTX andAlameda Research founder andCEOSam Bankman-Fried was indicted by theU.S. District Court for the Southern District of New York in December 2022 and charged with commodities andwire fraud,securities fraud andmoney laundering, as well as with violatingcampaign finance laws.^[141][142]

In 2025, U.S. authorities led by the Department of Justice and the FBI’s San Diego Field Office have seized approximately $2.5 million in cryptocurrency linked to a series of sophisticated fraud schemes. The forfeiture, approved by U.S. District Court, targets criminals who exploited digital financial platforms to defraud victims, often through so-called "confidence schemes." The crackdown involved collaboration with various agencies and support from Tether, a crypto industry company, and aims to both compensate victims and deter future online fraud.^[143]

In February 2014, the Pony virus, which spread to between 100,000 and 200,000 computers through abotnet, was reported to have stolen up to US$220,000 in cryptocurrency from 85 wallets.^[144] Researchers later discovered updated versions with the ability to steal 30 types of cryptocurrencies.^[145]

A type of Mac malware active in August 2013, Bitvanity posed as a vanity wallet address generator and stole addresses and private keys from other bitcoin client software.^[146] A different trojan formacOS, called CoinThief was reported in February 2014 to be responsible for multiple bitcoin thefts.^[146] The software was hidden in versions of some cryptocurrency apps onDownload.com andMacUpdate.^[146]

A stealer, also known as a drainer orinfostealer, is a type of malware designed to steal private information including private keys from cryptocurrency wallets, enabling attackers to access and transfer the funds to their wallet. The most common infections scan computers for wallet files and upload them to aremote server, where they can be cracked.^[147] Many stealers also incorporatekeyloggers to record keystrokes, often bypassing the need to crack the keys.^[148]

Clipboard hijacking involves a malware that detects when a cryptocurrency address is copied to theclipboard, and quickly replacing it to trick victims into sending their cryptocurrency to the attackers address. The method is effective due to the difficulty of memorizing or manually typing wallet addresses, combined with the irreversible nature of cryptocurrency transactions.^[149]

Cryptocurrency is considered to be the "near-universal form of payment" forransomware,^[150] a type ofmalware thatencrypts a victim's data until a ransom is paid. Ransomware attacks are estimated to have generated US$1.1 billion in 2019, US$999 million in 2020, a record US$1.25 billion in 2023, and US$813 million in 2024.^[151] In 2024, a record breaking US$75 million ransom was paid to the Dark Angels ransomware group by an undisclosedFortune 500 company.^[152]

Fraud factories in Asia traffic workers to scam Westerners into buying cryptocurrencies online.^[161]

In 2015, two members of the Silk Road Task Force—a multi-agency federal task force that carried out the U.S. investigation ofSilk Road—were convicted over charges pertaining to corruption.^[162] FormerDEA agent, Carl Mark Force, had attempted to extort Silk Road founderRoss Ulbricht ("Dread Pirate Roberts") by faking the murder of an informant. He pleaded guilty to money laundering,obstruction of justice, and extortion under color of official right, and was sentenced to 6.5 years in federal prison.^[162] FormerU.S. Secret Service agent, Shaun Bridges, pleaded guilty to crimes relating to his diversion of $800,000 worth of bitcoins to his personal account during the investigation, and also separately pleaded guilty to money laundering in connection to another cryptocurrency theft. Bridges was sentenced to almost eight years in federal prison.^[163]

Gerald Cotten founded QuadrigaCX in 2013, after graduating from the Schulich School of Business in Toronto. Cotten was acting as the sole curator of the exchange. Quadriga had no official bank accounts since banks at the time had no method of managing cryptocurrency. In late 2018, Canada's largest crypto exchangeQuadrigaCX lostUS$190 million in cryptocurrency when the owner died; he was the only one with knowledge of the password to a storage wallet. The exchange filed for bankruptcy in 2019.^[164]

In 2018, Ellis Pinsky, 15 years old, was accused of orchestrating a scheme to steal millions of dollars' worth of cryptocurrencies from Michael Terpin, a prominent cryptocurrency investor. The scheme involved a social engineering technique known as theSIM swap scam. The case attracted significant attention due to Pinsky's young age and the substantial amount of money involved. It raised questions about the security of digital assets and the challenges in regulating and prosecuting crimes in the rapidly evolving world of cryptocurrencies. Pinsky later reached a settlement to return $22 million in cryptocurrency to Terpin.^{[165][166][167][168][169]} In May 2020, Pinsky experienced a home invasion by intruders searching for remaining stolen assets.^[166] Michael Terpin, the founder and chief executive officer of Transform Group, aSan Juan,Puerto Rico-based company that advises blockchain businesses on public relations and communications, sued Ellis Pinsky in New York on May 7, 2020, for leading a "sophisticated cybercrime spree" that stoleUS$24 million in cryptocurrency by hacking into Terpin's phone in 2018.^[170][171] Terpin also sued Nicholas Truglia and won a $75.8 million judgment against Truglia in 2019 in California state court.^[171]

On July 15, 2020,Twitter accounts of prominent personalities and firms, includingJoe Biden,Barack Obama,Bill Gates,Elon Musk,Jeff Bezos,Apple,Kanye West,Michael Bloomberg andUber werehacked. Twitter confirmed that it was a coordinatedsocial engineering attack on their own employees. Twitter released its statement six hours after the attack took place. Hackers posted the message to transfer theBitcoin to a Bitcoin wallet, which would double the amount. The wallet's balance was expected^{[according to whom?]} to increase to more than $100,000 as the message spread among Twitter followers.^[172]

In 2021, US Authorities carried out a raid onJames Zhong's home in Gainesville, Georgia. Authorities found over 51,000 bitcoin that Zhong had stolen fromSilk Road between 2012 and 2013. Through an error on Silk Road, Zhong was able to withdraw more bitcoin than what was initially deposited. He concealed his identity and was able to evade authorities for nearly a decade. Zhong ended up pleading guilty to wire fraud and was sentenced to 1 year and 1 day in prison along with a forfeiture of all bitcoin.^[173]

In 2022, theFederal Trade Commission reported that $139 million in cryptocurrency was stolen byromance scammers in 2020.^[174] Some scammers target dating apps with fake profiles.^[175]

In early 2022, the Beanstalk cryptocurrency was stripped of its reserves, which were valued at more thanUS$180 million, after attackers had managed to use borrowedUS$80 million in cryptocurrency to buy enough voting rights to transfer the reserves to their own accounts outside the system. It was initially unclear if such an exploit of governance procedures was illegal.^[176]

In 2025, A Nigerian scammer impersonated Trump allySteve Witkoff by creating a nearly identical email address to solicit a $250,000 cryptocurrency donation from a political donor intended for the Trump-Vance Inaugural Committee. The donor, deceived by the subtle change in the email domain, transferred 250,300 USDT.ETH, which was quickly laundered through multiple wallets. The FBI, with help fromTether andBinance, managed to recover and freeze about $40,300 of the stolen funds, but over $210,000 remains missing. Officials warn that the complexity of blockchain transactions makes recovering stolen crypto extremely difficult.^[177]

• Bitcoin network § Alleged criminal activity
• Computer security
• Cryptocurrency bubble
• Terrorism financing

• Zandt, Florian (31 March 2022)."Infographic: The Biggest Crypto Heists".Statista.

• Cryptocurrencies
• Security
• Cryptocurrency theft
• Financial crimes
• Bitcoin

• Pages with non-numeric formatnum arguments
• CS1 Dutch-language sources (nl)
• Webarchive template wayback links
• CS1 maint: multiple names: authors list
• All articles lacking reliable references
• Articles lacking reliable references from December 2022
• CS1 German-language sources (de)
• CS1 errors: periodical ignored
• CS1 maint: bot: original URL status unknown
• Articles with short description
• Short description is different from Wikidata
• Wikipedia articles needing context from July 2021
• All Wikipedia articles needing context
• All pages needing cleanup
• Articles with too many examples from December 2022
• All articles with too many examples
• Wikipedia articles with style issues from December 2022
• Wikipedia articles in need of updating from July 2024
• All Wikipedia articles in need of updating
• Articles with multiple maintenance issues
• Wikipedia articles needing clarification from July 2021
• Articles containing potentially dated statements from December 2017
• All articles containing potentially dated statements
• Articles with excerpts
• All articles with specifically marked weasel-worded phrases
• Articles with specifically marked weasel-worded phrases from July 2021