The 5 biggest DeFi hacks of 2023

More than $1.3 billion has been lost to crypto hacks this year

article-image

Artwork by Crystal Le

share

Ledger was recently exploited for an estimated $610,000 —  a reminder that security and privacy remain important priorities for the crypto ecosystem.

According to DeFiLlama, hackers have cost crypto startups and projects more than $1.3 billion in losses this year. Since June 2016, on-chain losses have amounted to an estimated $7.54 billion, with $5.69 billion hacked in DeFi protocols. 

Brian Pak, co-founder of Chainlight, told Blockworks that these exploits should be a fundamental reminder that security is still overlooked in much of the DeFi Ecosystem.

Read more: ‘Wallet drainer’ code added to Ledger library has crypto on edge

“As we enter into another bull market and liquidity starts to pour into the DeFi ecosystem, we can expect to see hacks like this happen more often,” Pak said. “It is of paramount importance that protocols take preemptive measures and are properly audited. Furthermore, builders must place more focus on security if the DeFi ecosystem is to flourish.”

With 2024 just around the corner, let’s look at the five largest exploits that occurred this year.

1. Mixin Network — $200 million

Hong Kong-based decentralized peer-to-peer network Mixin Network was exploited for an estimated $200 million in September this year, making it one of the biggest hacks of the year.

Mixin has since released a new system with enhanced security features. It has also offered the hacker a bounty of $20 million in return for the stolen assets. 

“Most of our platform assets were users, and we hope you can refund them,” the Mixin team wrote. The company added in a post on X that the hacker could reach the team anonymously or through appropriate channels in order to return the compromised assets.

2. Euler Finance — $197 million

DeFi lending protocol Euler Finance was the victim of a flash loan attack that saw $197 million stolen after an attacker tricked the smart contracts into believing there were fewer collateral tokens than debt tokens. 

Following the exploit, the Euler team offered a $1 million reward bounty to ensure the attacker was arrested. 

After a series of back-and-forth communications, the Euler attacker — who went by “Jacob” — returned all stolen funds to the Euler team. 

3. Poloniex — $126 million

The Justin Sun-owned exchange Poloniex saw an estimated $126 million drained after hackers gained access to its hot wallets in mid-November.

Immediately after the hack, Sun wrote in a post on X that “Poloniex maintains a healthy financial position and will fully reimburse the affected funds,” and that the exchange was offering a 5% white hat bounty to the hacker in exchange for the stolen cryptocurrencies.

The hacker was given seven days to consider the offer before Sun would turn to law enforcement. 

A month after the attacks, Poloniex has since resumed withdrawal and deposit services for select tokens on the TRON network, including USDT, USDD, BTT, WIN, NFT, SUN, JST, USDJ and USDC. 

4. Multichain — $126 million

Cross-chain bridge Multichain saw a total of $126 million being moved from its bridges to an unidentified address after its private keys were compromised.

Stolen funds had been transferred to different addresses and were not withdrawn or put through cryptocurrency mixers. 

Soon after the attack, it was revealed that the company’s founder and CEO had been missing for a month, and it was suspected that Chinese authorities had arrested him

Multichain services have stopped indefinitely, and the team has urged users not to use any multichain bridges. 

5. Atomic Wallet — $100 million

North Korean hackers stole an estimated $100 million from Atomic Wallet after an estimated 5,000 crypto wallets were compromised, with one particular wallet losing over $1 million in funds
After failing to address the incident and downplaying its urgency, a group of investors have since sued the wallet provider.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates.jpg

Research

Figure, founded by former SoFi CEO Mike Cagney, has emerged as a leader in onchain RWAs, with ~$17.5B publicly tokenized. The platform’s ecosystem volume is growing ~40% YoY as it expands beyond HELOCs into student loans, DSCR loans, unsecured loans, bankruptcy claims, and more. Operationally, Figure cuts average loan production cost by ~93% and compresses median funding time from ~42 days to ~10, creating a durable speed-and-cost advantage.

article-image

In bonds, stablecoins and billionaires, a reminder of what makes crypto special

article-image

21Shares exec says CPI and PPI data supports a Fed rate cut, with market leaning toward a 25bps decrease

article-image

The Ethereum co-founder suggested LINEA holders would be eligible for other airdrops in cryptic tweet

article-image

The layer-2’s biggest release yet brings benefits — but a post-upgrade outage caused a chain reorg

article-image

Crypto is shifting into risk-on mode — pump.fun dominates meme activity, while Lido leans on treasury maneuvers

article-image

If the president breaks the Fed, he’ll own the budget problems