Wallet-related hacks

Wallet-related hacks and exploits in the blockchain industry refer to the unauthorized access to or theft of digital assets through the compromise of a user's wallet. This can occur due to a variety of factors such as poor security practices, lack of two-factor authentication, or malware. Exploits involving wallet hacks are a significant concern in the this industry as they can result in the loss of large amounts of digital assets.

One example of a wallet-related hack is the incident involving the cryptocurrency exchange, Mt. Gox, in 2014. The exchange was hacked, resulting in the loss of 850,000 bitcoins (worth around $450 million at the time). The attack was caused by a vulnerability in the exchange's wallet software, which allowed the attacker to gain access to the funds of multiple users. This hack highlights the importance of proper security practices, such as regular software updates and the use of secure wallet software.

Another example of a wallet-related hack is the incident involving the cryptocurrency exchange, Bitfinex, in 2016. The exchange was hacked, resulting in the loss of 120,000 bitcoins (worth around $72 million at the time). The attack was caused by a vulnerability in the exchange's multi-signature wallets, which allowed the attacker to gain access to the funds of multiple users. This hack highlights the importance of proper key storage practices and the use of secure multi-signature wallets.

A third example is the 2017 attack on Parity Wallet, which resulted in the theft of 153,000 Ether (worth around $30 million at the time). The attack was caused by a vulnerability in the wallet's smart contract, which allowed the attacker to gain access to the funds of multiple users. This hack highlights the importance of proper security practices, such as regular software updates, and the use of secure smart contract development practices.

Last worth to mention case is that of CVE-2022-32969 in which security company Halborn disclosed that this unknown vulnerability at that moment made possible for attackers to steal BIP-39 key recovery phrase from their browser-based wallets because of the way browsers as Google Chrome and Firefox were locally caching this information.

All the above examples are study cases in the cybersecurity field and emphasize the need for a customer protection solution that offers it's users full control over their transactions and the ability to know when a transaction is signed and sent from their non-custodial wallet, regardless of the type of users, retail and enterprise.