OVERVIEW

$5.3 Billion And Counting: Top 10 Crypto Hacks Explained 🔥

If you missed yesterday’s intro to the Litepaper, it looks a little different because I am out for a few days.

But I did leave you with some great content.

And I have my laptop with me if there’s something crazy that happens.

Probably gonna do some work anyway because Lord knows I won’t catch any walleye because:

A. Walleye are a mythical fish like Plesiosaurus.

B. I have to keep my kids from thinking the worms and leeches are animals that need to be freed from a prison and thrown into the lake.

DEFI
All About Automated Market Makers (AMMS) 🤖 

Automated Market Makers (AMMs) - basically the backbone of DeFi - cut out the middleman and hand the pricing reins to algorithms, which sounds cool until someone screws up the code. 👨‍💻 

Here’s a dive into their perks, pitfalls, and how Cetus Protocol's recent $223 million disaster showed us why getting fancy (I’m looking at you, CLMM) isn't always smart.

AMMs, Simplified

Traditional exchanges got replaced with pools and math formulas - no brokers, just straight blockchain magic. Quick rundown of popular flavors:

• Constant Product (CPMM): Uniswap’s go-to; great for vanilla trading, infamous for impermanent loss.

• Constant Mean: Balancer’s baby, handy for multi-token juggling; still bites with impermanent loss.

• StableSwap: Curve’s thing for stablecoins, minimal impermanent loss; boring but reliable.

• Hybrid Function: Bancor lets you play solo-token LP; safer-ish from impermanent loss.

• Concentrated Liquidity (CLMM): Uniswap V3 & Cetus - tight price ranges, high efficiency, but loaded with complexity.

• Dynamic (DAMM): Kyber’s adaptive deal, best for calm waters; volatile seas? Not so much.

AMMs cater to different needs, sure, but complexity and risks scale together. ⚖️

DEFI
AMMs: The Good And The Bad 🎭️ 

AMMs’ Good Side

A quick list of why AMMs caught on herpes in a co-ed dorm:

• Decentralized: No middlemen, no gatekeepers. Just peer-to-peer trading.

• Open Liquidity: Anyone with tokens can join in, earning fees and leveling the financial field.

• Always Open: Forget market close times; DeFi doesn’t sleep.

• Fully Transparent: Everything’s recorded on-chain; zero shady backrooms (well, that’s mostly accurate).

• Asset Control: Your crypto, your control - no custodial dramas.

Hold up though, there’s always bad with the good. 🥹 

Where AMMs Stumble

Some pain points:

• Impermanent Loss: Assets in pools shift prices, sometimes painfully, against holding.

• Slippage: Big trades equal worse prices, especially in thin markets.

• Front-Running and MEV: These mfers - we’re going to talk more about them this week. They’re Bots cutting queues, sniping trades, classic blockchain chaos.

• Security Nightmares: Smart contracts aren’t bulletproof, ask Cetus about their $223 million headache.

• Volatility Drama: AMMs amplify volatility, especially in smaller pools.

• Complexity Overload: CLMM models? Great in theory, dangerously complex in practice.

Not exactly a risk-free paradise. 🛑 

DEFI
A Recent Problem With A Type Of AMM: The Cetus Hack 😡 

May 22, 2025, Cetus Protocol (Sui’s largest DEX) blockchain got hammered for $223 million, courtesy of a CLMM smart-contract blunder.

How did it happen?

• Overflow Error: Simple coding mistake let attackers exploit arithmetic in liquidity calculations.

• Flash-Swap Frenzy: Hackers manipulated liquidity via insane token swaps and fake tokens like BULLA, wrecking multiple pools simultaneously.

• Widespread Damage: Token prices tanked - CETUS down 50%, SUI tokens down up to 90%. Ouch.

Validators froze $162 million, limiting the bleeding, but damage control was messy. Cetus’s solution? A community-backed bailout.

How A CLMM Model May Have Made It Worse

A Concentrated Liquidity Market Maker’s (CLMM) mechanism may have turned a straightforward exploit into a full-blown catastrophe:

• Increased Complexity: More intricate smart contracts introduced vulnerabilities.

• Concentrated Liquidity: High-value, narrow price ranges amplified the impact of the exploit.

• Active Management Overhead: In my opinion, this was one of the biggest liabilities/threats for the kind of hack/exploit that occured. CLMM LPs must actively manage positions to adjust ranges based on market conditions.

• High-Value Target: Large liquidity pools attracted sophisticated attackers.

Without specific technical details on the exploit, it’s hard to pinpoint the precise mechanism. However, the incident highlights that CLMM’s efficiency comes at the cost of heightened security risks, especially for protocols handling significant TVL.

Complexity might sound cool, but sometimes simplicity keeps your wallet heavier. 👝 

HACKS
The Top 10 Biggest Hacks In Crypto History Methodology and Context Ranking 📊 

The value’s represented below are the approximate value of what was stolen at the time of the hack - no today’s pumped or dumped numbers. 🔢 

And it includes what’s happened so far in 2025.

Fun fact 1: the 1st and the 10th biggest hacks of all time in crypto happened in 2025.

Fun fact 2: The Bybit hack makes up 26-ish% of the top 10s total losses. 🤦 

HACKS
Bybit - $1.4 Billion

Not even a full three years to unseat the prior leader of this ranking of shame (Ronin). And the loss is even more than double what Ronin’s was.

On Feb 21, 2025, Bybit handed North Korean hackers (thanks, Lazarus Group) 400,000 ETH $1.4 billion - in crypto’s biggest heist ever.

Method: Classic private key leak from Bybit's hot wallet, likely through phishing or a shady insider. Funds quickly vanished into anonymous wallets.

Impact: Bybit CEO Ben Zhou immediately threw up a bounty program to claw back stolen funds. The FBI soon pointed fingers officially at North Korea. Confidence in centralized exchanges? Seriously dented.

Lesson: Hot wallets suck; cold storage and multi-sig wallets are absolute musts.

STOCKTWITS POLL
Trump Coin, Bullish or Bearish? 🤔 

So far, the Stocktwits community is divided. Click here or below to vote! 🗳️ 

HACKS
Ronin Network (Axie Infinity) - $620 Million

Oh lawd I remember this shite show.

Ronin, Axie Infinity's sidechain, got hacked in March 2022, losing 173,600 ETH and 25.5M USDC ($620 million) to - you guessed it - North Korea's Lazarus Group.

Method: Phishing compromised five of nine validator nodes, giving hackers private keys and a backdoor into Ronin’s gas-free system.

Impact: Massive fallout for Axie Infinity players, particularly in the Philippines, where gaming became serious income. Like, people were quitting jobs in droves because you could make so much money from your Axie’s and Smooth Love Potion (don’t ask).

Sky Mavis scrambled, raising $150M to cover losses.

Lesson: Decentralization matters; relying on a handful of validators is risky.

HACKS
Poly Network - $611 Million (August 2021)

If I remember correctly, the hacker got scared over how much he looted with this one, anyway.

Cross-chain protocol Poly Network lost $611M in ETH, BNB, and stablecoins, but the hacker bizarrely gave nearly all of it back, claiming a “white hat” intent.

Method: Exploited a smart contract vulnerability, overriding transaction approvals thanks to lousy cryptographic configuration.

Impact: Exposed shaky cross-chain security, though the community pushback surprisingly got funds returned. Poly Network beefed up security afterward.

Lesson: Audits, audits, and more audits for smart contracts.

HACKS
Binance (BNB Chain Bridge) - $566 Million (October 2022)

Binance makes so much money, this wasn’t even a thing when it happened.

A cross-chain bridge hack netted thieves $566M in minted BNB tokens, exploiting verification flaws.

Method: Forged proof-of-stake messages fooled the bridge. Binance acted fast, halting the chain and limiting damage to $100M.

Impact: Binance covered the loss but raised centralization red flags.

Lesson: Bridges remain risky; quick responses help, but decentralization matters more.

HACKS
Coincheck - $534 Million (January 2018)

January 2018 sucked so bad after BTC hit the, at the time, ATH near $20k, that not many people care or cared about this disaster.

Coincheck's hot wallet got raided for 523 million NEM tokens, worth $534M, due to embarrassingly weak security.

Method: Single hot wallet, flimsy multi-sig setup - likely phishing or malware.

Impact: NEM tanked, tighter regs in Japan followed, and Coincheck had to cough up $420M in compensation.

Lesson: Cold storage isn't optional - definitely a theme that started around here.

HACKS
Mt. Gox - $470 Million (February 2014)

If things keep going as they are, Mt. Gox might not even be on this list in a few years.

Once king, Mt. Gox imploded after losing 850,000 BTC ($470M then, billions now) to hackers exploiting Bitcoin bugs and shoddy accounting.

Method: Transaction malleability bugs, insider theft, general incompetence. Only 200,000 BTC ever recovered.

Impact: Long-term damage to Bitcoin’s early credibility, creditors finally seeing partial payouts a decade later - I mean this is still going on as of June 2025, lol.

Lesson: Transparency and security are everything.

HACKS
Wormhole - $326 Million (February 2022)

It was after this fook up I took the stance bridges are bad in crypto, they suck. Hell, four of the top ten hacks in crypto are because of bridges.

Wormhole's Solana bridge leaked 120,000 wETH ($326M), thanks to hackers minting fake tokens.

Method: Validation flaw exploited by spoofing messages, thanks to limited guardians.

Impact: Solana’s rep took a hit; Jump Crypto bailed out Wormhole with cash. I wonder if Jump Crypto thought that this was the worst things could get…

Lesson: Bridge validation must be decentralized and robust. Bridges just suck is the other lesson.

HACKS
DMM Bitcoin - $300 Million (May 2024)

This one didn’t a get ton of press in the US, or the West in general.

Japanese exchange DMM Bitcoin lost 4,500 BTC ($300M+) in another mysterious hot wallet hit.

Method: Likely private key theft or server breaches.

Impact: DMM halted ops, BTC unrecovered, spotlight on centralized exchanges’ continued vulnerability.

Lesson: Nonstop security updates and cold storage.

HACKS
KuCoin - $285 Million (September 2020)

Everyone was getting fat from all that stimmy money and just gaming like crazy to care.

KuCoin hackers grabbed $285M by snagging private keys via phishing or server hacks.

Method: Weak wallet segregation allowed easy draining across chains.

Impact: KuCoin clawed back 84% through tracking, upgraded security afterward.

Lesson: Smaller exchanges must step up security to match bigger platforms.

HACKS
Cetus - $220 Million (May 2025)

Last on the list, but also the most recent.

Sui blockchain’s DEX Cetus saw $220M vanish via fake token contracts that tricked pool balances.

Method: Token metadata spoofing fooled smart contracts. And I’m not to sure that the CLMM model they use as an AMM didn’t make things even worse - still looking into that.

Impact: Cetus paused ops, worked with Sui Foundation for loans, but user trust damaged.

Lesson: Rigorous DeFi smart contract audits and security checks are crucial.

HACKS
Common Themes And Observations 👀 

• Insufficient Private Key Security:
  Prevalence: 4 out of 10 major hacks (Bybit, Coincheck, DMM Bitcoin, PlayDapp).

• North Fucking Korea:
  Prevalence: 3 out of 10 hacks (Bybit, Ronin, DMM Bitcoin), totaling $2.32B - 42% of total losses.

• Lack of Auditing and Testing:
  Prevalence: 3 out of 10 hacks (Poly Network, Binance, Wormhole), totaling $1.503B.

• Human Error and Insider Threats:
  Prevalence: 4 out of 10 hacks (Bybit, Ronin, Coincheck, Coinbase), totaling $2.854B.

• Delayed or Poor Breach Responses:
  Prevalence: 3 out of 10 hacks (Mt. Gox, Coincheck, DMM Bitcoin), totaling $1.304B.

Get In Touch 📬

Follow our social channels for great, real-time content on Stocktwits and Twitter. And check out our YouTube channel for in-depth video content! 📲

Email me (Jonathan Morgan) your feedback; I’d love to hear from you. 📧

Want to sponsor this newsletter and reach hundreds of thousands of crypto enthusiasts? Reach us here. 👍

Terms & Conditions 📝

Securities Disclaimer: STOCKTWITS IS NOT A TAX ADVISOR, BROKER, FINANCIAL ADVISOR OR INVESTMENT ADVISOR. THE SERVICE IS NOT INTENDED TO PROVIDE TAX, LEGAL, FINANCIAL OR INVESTMENT ADVICE, AND NOTHING ON THE SERVICE SHOULD BE CONSTRUED AS AN OFFER TO SELL, A SOLICITATION OF AN OFFER TO BUY, OR A RECOMMENDATION FOR ANY SECURITY. Trading in such securities can result in immediate and substantial losses of the capital invested. You should only invest risk capital, and not capital required for other purposes. You alone are solely responsible for determining whether any investment, security or strategy, or any other product or service, is appropriate or suitable for you based on your investment objectives and personal and financial situation. You should also consult an attorney or tax professional regarding your specific legal or tax situation. The Content is to be used for informational and entertainment purposes only and the Service does not provide investment advice for any individual. Stocktwits, its affiliates and partners specifically disclaim any and all liability or loss arising out of any action taken in reliance on Content, including but not limited to market value or other loss on the sale or purchase of any company, property, product, service, security, instrument, or any other matter. You understand that an investment in any security is subject to a number of risks, and that discussions of any security published on the Service will not contain a list or description of relevant risk factors. In addition, please note that some of the stocks about which Content is published on the Service have a low market capitalization and/or insufficient public float. Such stocks are subject to more risk than stocks of larger companies, including greater volatility, lower liquidity and less publicly available information. Read the full terms & conditions here. 🔍

Author Disclosure: The author of this newsletter holds positions in ADA, IMX, COPI, MIN, AGIX, ALGO, ZEC, XLM, and NEAR. 📋