November’s Heist: How Cybercriminals Snatched $363 Million from Crypto

November was marked by a series of alarming security breaches in the cryptocurrency sector, culminating in financial losses that surpassed any previous month this year. Blockchain security firm CertiK’s report reveals a concerning trend of escalating threats within the crypto space.

Unpacking the Month’s Major Crypto Hacks

The most significant of these breaches occurred at Poloniex, a well-known crypto exchange, where hackers managed to steal approximately $131.4 million. This attack believed to be the work of the infamous Lazarus group from North Korea, involved a sophisticated compromise of private keys.

In a closely related incident, the HTX and Heco bridge, owned by Justin Sun, suffered a massive loss. Over $100 million was drained from two hot wallets, underscoring the vulnerabilities in digital asset storage.

Adding to the month’s woes, KyberSwap, a prominent exchange, was hit by a flash loan attack. This incident drained about $45 million from their liquidity pools, showcasing the novel methods employed by cybercriminals in the crypto arena.

The cumulative losses for November stood at a staggering $316.4 million from direct exploits, $45.5 million from flash loan attacks, and $1.1 million from exit scams. These figures are part of a larger, more disturbing trend in 2023, where the total losses due to security breaches have already exceeded $1.7 billion. This is a significant increase compared to the $3.7 billion lost in 2022 and echoes the $1.7 billion lost in 2021.

Other notable incidents included a phishing scam that resulted in a $27 million loss for a single victim and a $25 million loss suffered by Kronos Research due to compromised API keys.


In response to these incidents, affected platforms have initiated comprehensive investigations and are actively working to enhance their security measures. The industry is now faced with the challenge of not only addressing these immediate concerns but also of anticipating and protecting against the evolving tactics of cybercriminals.

The rise in sophisticated attacks, such as SIM swapping and exploiting multi-signature vulnerabilities, indicates that traditional security methods, like smart contract auditing, may no longer suffice. The crypto industry’s collective effort in reinforcing its security infrastructure is essential in restoring user trust and ensuring cryptocurrency platforms’ long-term viability and safety.

Leave a Reply

Your email address will not be published. Required fields are marked *