Online Trading Starts Here
EN /
AR Arabic
AZ Azerbaijan
CS Czech
DA Danish
DE Deutsche
EL Greek
EN English
ES Spanish
ET Estonian
FI Finnish
FR French
HE Hebrew
HI Hindi
HU Hungarian
HY Armenian
IND Indonesian
IT Italian
JA Japan
KK Kazakh
KM Khmer
KO Korean
MS Melayu
NB Norwegian
NL Dutch
PL Polish
PT Portuguese
RO Romanian
... Русский
SQ Albanian
SV Swedish
TG Tajik
TH Thai
TL Tagalog
TR Turkish
UA Ukrainian
UR Urdu
UZ Uzbek
VI Vietnamese
ZH Chinese
Menu
Advertiser Disclosure

Crypto Hacks And How To Prevent Them On Your Own

Mikhail Vnuchkov
Written by:
Mikhail Vnuchkov
Chinmay Soni
Reviewed by:
Chinmay Soni
Mirjan Hipolito
Fact-checked by:
Mirjan Hipolito
Updated:
June 08, 2026

Editorial Note: While we adhere to strict Editorial Integrity, this post may contain references to products from our partners. Here's an explanation for How We Make Money. None of the data and information on this webpage constitutes investment advice according to our Disclaimer.

Hacks in crypto are a common thing, so it's best if you stay prepared to tackle them. The best ways to secure your crypto are:

  • Don’t share your seed phrase;

  • Make sure you understand what does smart-contract asks you to sign;

  • Support will never contact you first;

  • There is no account that needs a password reset;

  • Don’t keep funds on the exchange platforms.

A deep but short dive into why hacks happen in crypto, which ones are the most common and how to protect yourself from being drained.

Risk warning: Cryptocurrency markets are highly volatile, with sharp price swings and regulatory uncertainties. Research indicates that 75-90% of traders face losses. Only invest discretionary funds and consult an experienced financial advisor.

Why crypto hacks happen and what pattern do they follow

See, in crypto CEXs get hacked so often people don’t care that much anymore. What’s that? A Bybit hacked by Lazarus for 500,000 ETH ($1.5B) in 2025? Oh that's new (no). Every hack follows a pattern — weak security makes a good target for the state owned hackers called Lazarus Group.

Avoiding 99% of Crypto HacksAvoiding 99% of Crypto Hacks

Who and why made hacking crypto their business?

You see — North Korea made hacking a business: they run Lazarus Group, state funded hackers, to get some foreign currency income stream in the form of scamming the hell out of the crypto market and anything that has a «tech» tag on it. Those hackers receive government training, living quarters, treated as society elites and are hand-picked from math olympiad champions — they are raised to be purebred netrunners, much like Arasaka does in Cyberpunk 2077.

So far, Lazarus had: Nicehash (4500 BTC perish), Bithumb ($7M perish), Axie Infinity & Ronin Bridge ($620M perish), Horizon Bridge ($100M perish), Atomic Wallet ($100M perish), Indian CEX WazirX ($234M perish) and since 2021 they do social engineering of open-source GitHub repos. The good thing Lazarus Group did is butchering the «Stake.com» online casino — mad respect.

How do CEXs get hacked most of the time?

To understand this, let’s explore a bit of CEX hacking history:

  • MtGox, Tokio, 2011, responsible for 70% of BTC transactions. $8.75M stolen, another attack in 2014, this time for 850000 BTC. Case: fake bitcoin flooding.

  • KuCoin, 2013, $281M siphoned out, hot wallet keys leaked. Culprit: Lazarus Group, government hackers from NK. Within weeks they managed to recover $204M.

  • UpBit, 2019, one transaction attack, $45M leaked out, traces of Lazarus Group.

  • Binance, 2019, claims to be super safe, 7000 BTC perish along with API keys, two-factor codes, and seed phrases. Claims that SAFU fund — backed by BNB — takes care of that. Later in 2022 Binance Bridge got slapped with a protocol hack, wiping out 2B BNB.

  • Bitfinex, owned by makers of Tether, 2016, $60M perish in an attack. In 2019 US retrieves some of the coins, and in 2021 attackers move out stolen crypto to sell it later.

  • Cryptopia, 2019, $15.5M perish, complete CEX liquidation.

  • Zaif, 2018, hot wallet keys are taken, $60M perish.

  • Bancor, 2018, $23.5M perish, complex sybil attack.

  • Coincheck, 2018, $534M perish, phishing.

  • CoinBene, 2019, $105M perished and they tried to hide it.

Notice the pattern? Each time hacks happen for two reasons: poor security and insiders. FTX isn’t on the list because that exchange was made for illicit purposes — it wasn’t scammed or hacked, but operated by scammers. Aside from CEXs getting hacked left to right, the major hacking route is still — and remains to the day — about your personal wallet.

Want to know how all of the hacks affect crypto prices? 9/10 times FUD spreads, people panic, crypto starts to swing here and there — after Bybit hack ETH tanked, after Binance got rugged their BNB tanked. Every time a CEX is hacked — you immediately sell crypto (coins and tokens) involved in the hack, no exceptions.

Here’s one trick to save you from every CEX hack: keep private keys to yourself and store only 10% of your portfolio on the trading platform.

The most common types of crypto hacks

According to Chainalysis — guys who deal in crypto crime — theft of personal crypto is at an all time high with a rise from $857M to $1.7B. Thanks to AI Pig Butchering in Crypto is at an all time high with 40% growth YoY, and most of the hacking happens because people willingly give out their private keys.

Growth of crypto hacksGrowth of crypto hacks

5 major crypto hack types

  • Address poisoning — virus replaces wallet address upon copy-paste.

  • Blackmail/Sextortion — you are manipulated by AI-forged sextapes and pornpics you swear isn’t you but look really real.

  • Crypto Drainer — you enter a seed phrase on the wrong website or sign a wrong smart-contract without even looking.

  • Livestream — you flashed the SEED PHRASE in front of millions of subscribers.

  • Pig Butchering — editor’s favourite, the one that involves you telling your seed phrase by yourself.

Notice the pattern? 1 case of advanced virus, 4 other are psychological trickery.

How can you prevent crypto hacks for yourself?

How to prevent crypto hacks as a userHow to prevent crypto hacks as a user

While enterprise-level hacks are not in your hand, you can still make moves to save yourselves from user-based hacks. Here are key things to keep in mind:

  • Don’t share your seed phrase. Your seed phrase is the only way into your wallet. If someone gets it, they have full control. Never give it out — even if they claim to be from the support team. And don’t store it in your email, phone, or cloud.

  • Understand what you’re signing. Hitting “Approve” without checking what a smart contract wants can be a disaster. Some can sneak in full wallet access. If something looks shady or too technical, pause and ask someone you trust before moving forward.

  • Support will never contact you first. A real crypto support team won’t DM or email you out of the blue. If that happens, it’s almost always a scam. Only reach out using links from official sites, especially if you’re dealing with platforms like exchanges or wallet apps.

  • There’s no account that needs a password reset. No one can reset a crypto wallet like a Facebook account. If you get an email saying you need to reset something, it’s likely a scam. Your access depends on your seed phrase, not a password recovery link.

  • Don’t keep funds on the exchange platforms. Even the biggest crypto exchanges have been hacked. If you’re not trading, move your coins to a private wallet. Exchanges are handy — but they were never meant to be a savings account. You’re safer holding your keys, not trusting a platform to do it for you. You can use wallets such as Trust Wallet. Trust Wallet stores your private keys right on your mobile device. This means that only you can access your wallet and funds. Unlike custodial wallets, Trust Wallet does not see or manage your keys.

Do regulated crypto exchanges lower the risk of crypto hacks?

Yes, regulated crypto exchanges do lower the risk of hacks. They’re required to follow strict security standards, conduct regular audits, and hold insurance in some cases — all of which help protect your funds. If you’re looking for a reliable, regulated exchange to trade safely, we’ve researched and presented the best options below to help you make a confident choice:

Best regulated crypto exchanges
Crypto Foundation year Min. Deposit, $ Coins Supported Spot Taker fee, % Spot Maker Fee, % Alerts Copy trading Tier-1 regulation TU overall score Open an account

Kraken

Yes 2011 10 278 0.4 0.25 Yes Yes Yes 8.7 Go to broker
Your capital is at risk.

Coinbase

Yes 2012 10 249 0.5 0.5 Yes No Yes 8.46 Go to broker
Your capital is at risk.

Nebeus

Yes 2014 5 30 Not available Not available No No Yes 7.84 Go to broker
Your capital is at risk.

Crypto.com

Yes 2016 1 250 0.5 0.25 Yes No Yes 7.24 Go to broker
Your capital is at risk.

Nexo

Yes 2018 No 100 0.04 0.07 Yes No Yes 7.13 Go to broker
Your capital is at risk.

Why trust us

Independent analysis, real experts, and transparent methodology

  • 15+ years of independent market analysis

  • 140+ evaluation criteria, reviewed by 50+ experts

  • Data-driven reviews of 200+ platforms, updated regularly

  • 20+ industry awards & a wide network of global media partners

Learn more about our methodology and editorial policies.

why trust us why trust us why trust us why trust us why trust us why trust us

Protect offline, split seed, and whitelist withdrawals early

Anastasiia Chabaniuk
Anastasiia Chabaniuk Educational Content Editor

Most people think buying a hardware wallet means they’re fully protected — but that’s only part of the story. If you set up your recovery phrase on a laptop that’s been online, there’s already a risk. The best move? Generate your seed phrase completely offline, even better on a device that’s never touched the internet. And don’t just save it in one place. Tools like Shamir’s Secret Sharing let you split that phrase into parts, so no single piece is enough to steal your funds.

Here’s something even seasoned traders miss: go into your exchange settings and set withdrawal limits and whitelist wallet addresses. That way, even if someone gets into your account, they can’t just send your crypto anywhere. Think of it like locking the back door, not just the front. You’re not just stopping hackers — you’re slowing them down long enough to realize something’s off before anything gets stolen.

Conclusion

Let’s be real — scams don’t always come through sketchy emails or shady websites. Sometimes, it’s a well-written message that catches you off guard on a tired Monday. Security isn’t just about turning on 2FA or buying a cold wallet — it’s about being sharp every time you click, sign, or respond. The biggest risks often hide in routine habits. If you want to stay in this game, don’t just protect your crypto — train yourself to spot the trick before it happens.

FAQs

Is it safe to keep money on the trading platform?

Never was, never will be, keep your money inside a cold wallet you made yourself. Don’t use hardware wallets you bought from anyone, don’t trust people with your seed phrase.

Is it safe to use Telegram/WhatsApp/Viber bots to swap crypto into USD/INR?

No. Never was, never will be. If people claim that particular bot is fine — you risk it with your money, they risk it with nothing but giving advice.

Is keeping money in a cold wallet instead of a bank account safer?

Both are equally risky: you can’t trust the government, nor can you trust the centralized exchange, so pick the lesser evil.

I want to trade and keep my funds 100% safe, how’d I do that?

Trade with CEXs, use DEXs, use WalletConnect, use secure account auth, use 2FA, use Google Authenticator, use OTP codes, use Face ID, use anti phishing codes, don’t ever give out your seed phrase or you’re done.

Editors' Top Picks and Insights

All news
How To Spot Crypto Scams And Protect Your Investments
Rinat Gismatullin
23 hours ago
Best Practices For Crypto Security
Parshwa Turakhiya
23 hours ago
FreeBitcoin Review: How to Earn with a Popular Bitcoin Faucet
Aleksandra Chaikina
23 hours ago
Cryptocurrency Scams List 2026
Oleg Tkachenko
23 hours ago
Who Are Whales in Crypto And How to Recognize Them?
Aleksandra Chaikina
23 hours ago

Team that worked on the article

Mikhail Vnuchkov
Mikhail Vnuchkov
Author at Traders Union

Mikhail Vnuchkov joined Traders Union as an author in 2020. He began his professional career as a journalist-observer at a small online financial publication, where he covered global economic events and discussed their impact on the segment of financial investment, including investor income.

Learn about our editorial policies
Chinmay Soni
Chinmay Soni
Head of Fact-Checking Department

Chinmay Soni is a financial analyst with more than 5 years of experience in working with stocks, Forex, derivatives, and other assets. As a founder of a boutique research firm and an active researcher, he covers various industries and fields, providing insights backed by statistical data.

Mirjan Hipolito
Mirjan Hipolito
Cryptocurrency and stock expert

Mirjan Hipolito is a journalist and news editor at Traders Union. She is an expert crypto writer with five years of experience in the financial markets.

Glossary for novice traders
Investor

An investor is an individual, who invests money in an asset with the expectation that its value would appreciate in the future. The asset can be anything, including a bond, debenture, mutual fund, equity, gold, silver, exchange-traded funds (ETFs), and real-estate property.

CFD

CFD is a contract between an investor/trader and seller that demonstrates that the trader will need to pay the price difference between the current value of the asset and its value at the time of contract to the seller.

Copy trading

Copy trading is an investing tactic where traders replicate the trading strategies of more experienced traders, automatically mirroring their trades in their own accounts to potentially achieve similar results.

Bitcoin

Bitcoin is a decentralized digital cryptocurrency that was created in 2009 by an anonymous individual or group using the pseudonym Satoshi Nakamoto. It operates on a technology called blockchain, which is a distributed ledger that records all transactions across a network of computers.

Ethereum

Ethereum is a decentralized blockchain platform and cryptocurrency that was proposed by Vitalik Buterin in late 2013 and development began in early 2014. It was designed as a versatile platform for creating decentralized applications (DApps) and smart contracts.

Table of Contents
Table of Contents
Who We Are
Business Solutions
For Users
TU News
Popular Sections
Disclosures
CONTACT US
Legal
We are in Social Media
© IAFT Ltd., 2010-2026 All rights to the website are owned by IAFT Ltd.,
Registration number - HE 336186
  • Risk disclosure:

    Information on the TradersUnion.com website is for informational purposes only and does not constitute any motive or suggestion to visitors to invest money. Moreover, we hereby warn you that trading on the Forex and CFD markets is always a high risk. According to the statistics, 75-89% of customers lose the funds invested and only 11-25% of traders earn a profit. Trading in futures and options carries substantial risk of loss and is not suitable for every investor.

    That is why you should only invest money that you are prepared — or can afford — to lose at such high risks. Tradersunion.com does not provide any financial services, including investment or financial advisory services. Also, the Traders Union is not a broker and does not get money for trading in the Forex or CFD markets. Our website only provides information on brokers and the markets and helps its users to select the best brokerage company based on detailed information and objective analysis of brokers.

  • Disclaimer:

    Traders Union (TradersUnion.com) shall not be liable for the consequences of trading decisions made by the Client and for the possible loss of his capital resulting from the use of this website and information published on it.

    Forex market, CFD and cryptocurrency trading involves high risks and is not suitable for everyone. Before investing money, you need to adequately assess the level of your expertise and be aware of the risks, particularly in the context of trading with leverage. The information on this website is not intended for distribution or use by any person in any country or jurisdiction, where such distribution or use would be in violation of the local law or regulation. Any payments by Traders Union (TradersUnion.com) to the users of our website shall be legally interpreted solely as an incentive on our part for the activity on the website in the form of a deduction of a part of the advertising income; they shall not be a subject of any claims of our users or our obligations, a subject of disputes, as well as cannot be considered in relation to the services provided to users by brokers, both in fact and in their completeness and volume. The administration of the website shall not be liable for the content of user comments and reviews about the companies and shall not verify whether the authors of the reviews are indeed real clients of a specific company. All reviews, both negative and positive are published on the website without verification of their reliability; only offensive reviews that call for violence or any kind of discrimination and also reviews published from one group of IP addresses are moderated and removed. The authors of the materials shall be fully liable for the accuracy, completeness and impartiality of any information in the articles and reviews, including in the context of their use or mention of any brand names or trademarks. All mentions of the names of companies and their brands in any materials on the website shall be made in the context of communication of socially important information to the people about their activities by independent journalists, who are the authors. All evaluations and indicators on the website express the subjective opinion of the authors of the reviews (articles) and shall not be viewed as accurate statements and be a subject of disputes and claims against Traders Union.

  • Disclosure of advertisers and revenues:

    All the services on the Tradersunion.com website are free for you to use. Our team spends thousands of hours per annum researching brokers and gathering information about them to help investors all over the world to choose reliable companies and to avoid fraudsters.

    Indeed, the curating, sourcing, and organization of this process requires substantial financial investment by Tradersunion.com, which the website earns in the form of advertising payments. There are two types of advertising services on the website — direct advertising or partner (broker) participation programs. However, no services purchased by our partners shall affect the recommendations on our website, or our opinions, or ratings. Our ratings are based on our objective rating criteria and methodology; and the results are always equally and fairly applied to each broker. The work of our content authors and research groups does not involve any interaction with our advertisers and they do not have access to data concerning the amount of advertising purchased. For over 10 years we consider our independence, absolute openness, and objectivity as our main priority. Please follow the links to each of our affiliated broker’s websites. This will help Tradersunion.com to continue to provide our services to you for free.

onepercentfortheplanet.org World Association of News Publishers https://gdpr.eu/ GDPR