Coins: 14,333
Exchanges: 1,096
Market Cap: $2.542T 0.6%
24h Vol: $65.35B
Gas: 4 GWEI
Go Ad-free
Coverage
TABLE OF CONTENTS

Crypto Security: Can You Recover Stolen Crypto on a Centralized Exchange?

4.1
| by
Valerioshi X
-

When it comes to mainstream adoption, crypto security remains a major challenge. The crypto landscape suffers from daily onslaughts of FUD by the mainstream media and legacy finance. Hesitant newcomers might feel discouraged even further whenever they hear of security breaches in the crypto space.

But the language used to communicate this information is conflated and confusing. What exactly do people mean when crypto is “hacked”? And can cryptocurrency exchanges get hacked? Are our assets safe? We'll answer these questions, and look at ways to protect your crypto assets as well.

Let's get to learning!  

Crypto Exchange Hacked! What Does It Mean?

© Chris Liverani | Unsplash

"Crypto exchange hacked!" is a common headline you might spot in the news these days. The headline is curious because there are many ways to "hack" something. But let’s not get ahead of ourselves. We must first address a more pertinent question:

Can crypto itself (aka virtual currencies) be hacked? 

The answer is a confident "No" (for now!). And the clue's in the name. It's not called "crypto" for nothing. (That's short for "cryptographic".) Blockchain technology uses a cryptographic primitive called hashing (combined with Merkle trees and others) to securely add correct blocks to the chain.   

Hashes are a long string of alphanumeric characters, randomly generated from the data stored within a block. Each hash is unique to each block, and any small change to the data will result in a different hash. So if someone tries to alter a single transaction, not only the hash for the current block will need to be recalculated, but this applies to the hashes of all subsequent blocks. 

And you can’t do this arbitrarily either. Miners verify each and every transaction to ensure that each block is calculated accurately. To make a change, you’d need to convince more than 50% of all miners to agree with you, which is certainly not an easy feat (especially if you’re acting as a bad actor!) 

Due to its decentralized nature, Bitcoin and all other cryptos, particularly those with many different miners, are much harder to attack since there's no single point of failure. In other words, its globally distributed nodes make it a many-headed hydra.  

© Rijksmuseum | Picryl

But what about cryptocurrency exchanges? Can exchanges get hacked? 


What is a rug pull?

A rug pull isn't a hack; it's a scam. A rug pull is when a team convinces you to invest in their crypto project by purchasing the project's tokens. 

Once enough tokens are bought, the team "pulls the rug" from under you. In other words, they dump their entire token allocation on the cryptocurrency market. Then they vanish with their tasty money bags.


Can Crypto Exchanges Get Hacked? And If Yes, Which Crypto Exchanges Have Been Hacked?

© Nick Chong | Unsplash

Many crypto exchanges have been hacked, and we won't list them all here. But yes, crypto exchanges get hacked once in a while. We mention a few prominent hacks in this section. What's more interesting, though, isn't that they were hacked. It's how the exchanges handled the aftermath. 

See, reasons for hacking range from employee computers getting hacked to leaving funds on an exchange's hot wallet. But let's look at what Bitmart did once they were hacked.

Bitmart was hacked just this month (December 2021), losing roughly US$150 to $200 million. But they didn't waste any time. They immediately declared that they'll reimburse all users whose accounts were affected. 

Other reputable exchanges that have been hacked include Binance (2019) and Bitfinex (2016). Bitfinex returned all lost funds to users, but in the form of their governance token BFX. This was to match the dollar equivalent of the funds that were stolen. Binance also reassured investors that they would be refunded in full.  

But let's look at two other major players this year: FTX and Coinbase. Has FTX ever been hacked? Nope. Never. In fact, when Liquid Global was hacked, FTX CEO Sam Bankman-Fried actually offered to loan $120 million to the exchange, so that they could continue to meet all their financial obligations (!). 

But what about Coinbase? Can Coinbase be hacked? Coinbase offers more robust security measures traditionally associated with legacy finance. This is more so because Coinbase is a publicly listed company, which is regulated by the U.S. government. 

Because it's never been hacked, we don't know if Coinbase is willing to refund stolen assets. None of these exchanges actually have any legal obligation to return funds to users. That's why it's worth noting that they're doing this voluntarily. This move shows that they understand that their reputation as a secure crypto exchange hinges on customer trust.

Unfortunately, in past instances of massive hacks, there have been exchanges that have been unable to repay their users and have gone bankrupt. That’s why it’s important to avoid such situations as much as possible.

What Is the Safest Crypto Exchange?

Here's an easy way to find out whether an exchange is safe to use. First, see if you recognize the name. (The big names are big for a reason.) Second, do a search to see if the exchange has ever suffered from a hack. Third, if they have, see how they resolved the situation. (Did they refund their customers? Are they insured? What happened?)

Another important consideration is to determine where they're based. Some exchanges may be based in jurisdictions where they’re regulated, and may thus be required to have higher cyber security standards, or insurance for their customers’ funds. While it’s not a guarantee that they’re safer, there’s a good chance they may take security more seriously. 

Finally, it's best to check the Trust Score of these exchanges on listing sites like CoinGecko. Let's take Fantom (FTM) as a quick example. Head over to the FTM price chart. Scroll down to "Fantom Markets". Underneath, you'll see a list of exchanges offering FTM and its trading pairs, as well as the Trust Score of each exchange. 

© Valerio Puggioni | HODL CONTENT

Once you've picked an exchange, make sure to play around with small amounts on the exchange first. Try to get a feel for the experience, and to see how easy it is to move your funds around, both on and off the exchange. 

How Do I Recover My Crypto?

© Bruce Mars | Unsplash

"What happens if my exchange gets hacked?"

That's a fair question. I've been through this, just last year actually. Here's what happened. I left a few hundred dollars in digital currencies on Hotbit.io. Then, the exchange was hacked. And the Chief Security Officer (CSO) immediately tweeted that our funds were safe. 

Haters were screaming FUD, that our digital assets were rugged, poking fun at Hotbit users. (Crypto Twitter can be a toxic space.) Regardless, the CSO continued to post regular updates, and voila'! A few weeks later, all our funds were safe, as promised. 

So ignore the FUD. Try to look for updates, preferably from a security lead. (A good exchange will have one. The CSO will also not be afraid to act as the public point-of-contact when your exchange assets hit the fan.) 

But what if it was your wallet that was hacked? Too often I come across posts that read, "Can I recover my stolen BTC?" I’ll admit it: It's a tough read. People who get too carried away in the moment of a promise for quick riches.

Unfortunately, that's like leaving your bank vault open. Then you're hoping you can come back sometime later, and find all your money untouched. It's not going to happen. By giving away your keys, you gave up access to your vault.

So can hacked crypto be recovered? Can funds be recovered... at all? Well, you can't hack crypto, but here's the bad news. Funds inside crypto wallets accessed via the private key or seed phrase cannot be recovered. There's a reason hackers target the individual owner of a digital wallet. It's that much easier to trick someone into giving away private info than it is to hack an exchange. 

Has anyone recovered stolen crypto? Sure, but there are very few instances where this has actually happened. And the behind-the-scenes details can get iffy. Let’s say hackers were to move your stolen funds onto an exchange. If you can prove that the funds are actually yours, the exchange might be able to intercept them for you.

This is worth a shot, but I wouldn't hold my breath. The best thing you can do is educate yourself on how best you can protect your assets. The next best thing is to learn from your mistakes and move on. (Don't focus on your losses. There's always more money to be made.)

What Can We as Users Do to Minimize This Risk?

© ethmessages | Unsplash

Risk is a trait that's inherent in money. Doesn't matter if it's Bitcoin, the US dollar, or even gold. (Get enough gold, and you'll need an army to defend it.) So other types of money aside, where is the safest place to keep your crypto? 

It's best to think of crypto security on a scale. Greater security means less convenience and potentially fewer earnings. Still, reduced security affords greater convenience and the ability to make passive income from your idle assets.

So the greatest security you can achieve is via cold wallets you can put away in cold storage. A cold wallet is a physical wallet that resembles a USB. Hardware wallets store your private key, so you can use it to sign your financial transactions. Since it's set up this way, no one can ever move your funds without your hard wallet. Let's say someone hacks your Metamask (a soft crypto wallet) and sees everything you own. Without your hard wallet, they can't transfer your assets.

A cold wallet is indispensable in the long run. But while you’re waiting for yours in the mail, make sure to enable 2-factor authentication on your favorite crypto exchanges. This move ensures that any funds you leave on your exchange wallet will be protected via phone verification. 


Looking for a hard cryptocurrency wallet to purchase? 

I use the Ledger Nano X. It's a bit of a pain to use (with many bugs introduced via every update), so I'm looking at the Trezor next. Keystone is also another great hardware wallet. (Collect enough Candy Rewards from CoinGecko, and you can get yours for 15% off!). 



For instance, in a time-sensitive NFT minting situation, greater security can cost you a lot of time, money, and frustration. You might not get that NFT in time if everything sells out in under 3 minutes. And you've got to input your pin repeatedly if you want to try minting. (Many a time my alarm has gone off at 3 AM to go back to sleep with empty hands.)The downside of having a hard wallet is that I’m greatly inconvenienced whenever I want to make a quick trade. I have to input my pin and password every single time. And that's not mentioning all sorts of other security protocols I might have to mess with. 

My advice? Keep a little bit of liquidity on your favorite exchange, and store the bulk of your assets in a hard wallet. You can still participate in certain protocols, like staking and lending. For example, you can stake ADA inside your own wallet, even with a hard wallet, so there are exceptions to this rule. 

All in all, crypto security is still evolving, and there are many ways to exploit bugs. Even decentralized exchanges like Balancer have been exploited due to protocol issues. This means it's not just centralized exchanges that are vulnerable. 

As we've covered, there are many ways to lose your assets in crypto. So what's the single best way to secure your crypto assets? Educate yourself on industry best practices. If you want to find out more about how to protect yourself, read this article covering 16 essential crypto security tips!

 

CoinGecko's Content Editorial Guidelines
CoinGecko’s content aims to demystify the crypto industry. While certain posts you see may be sponsored, we strive to uphold the highest standards of editorial quality and integrity, and do not publish any content that has not been vetted by our editors.
Learn more
Want to be the first to know about upcoming airdrops?
Subscribe to the CoinGecko Daily Newsletter!
Join 600,000+ crypto enthusiasts, traders, and degens in getting the latest crypto news, articles, videos, and reports by subscribing to our FREE newsletter.
Tell us how much you like this article!
Vote count: 113
Valerioshi X
Valerioshi X
Valerioshi is the 4th president of X+, one of the most exclusive communities in web3, for holders who hold 10 or more DeGods. Along with the burn team, he led the CryptoPunk burning campaign for DeGods, successfully raising more than US$100,000 in under 30 hours. He runs Degen Reports, and is host of The Degen Hour as well as the X+ Sigma Lounge, both weekly Twitter spaces. Follow the author on Twitter @valerioshi_

More Articles

Select Currency
Suggested Currencies
USD
US Dollar
IDR
Indonesian Rupiah
TWD
New Taiwan Dollar
EUR
Euro
KRW
South Korean Won
JPY
Japanese Yen
RUB
Russian Ruble
CNY
Chinese Yuan
Fiat Currencies
AED
United Arab Emirates Dirham
ARS
Argentine Peso
AUD
Australian Dollar
BDT
Bangladeshi Taka
BHD
Bahraini Dinar
BMD
Bermudian Dollar
BRL
Brazil Real
CAD
Canadian Dollar
CHF
Swiss Franc
CLP
Chilean Peso
CZK
Czech Koruna
DKK
Danish Krone
GBP
British Pound Sterling
GEL
Georgian Lari
HKD
Hong Kong Dollar
HUF
Hungarian Forint
ILS
Israeli New Shekel
INR
Indian Rupee
KWD
Kuwaiti Dinar
LKR
Sri Lankan Rupee
MMK
Burmese Kyat
MXN
Mexican Peso
MYR
Malaysian Ringgit
NGN
Nigerian Naira
NOK
Norwegian Krone
NZD
New Zealand Dollar
PHP
Philippine Peso
PKR
Pakistani Rupee
PLN
Polish Zloty
SAR
Saudi Riyal
SEK
Swedish Krona
SGD
Singapore Dollar
THB
Thai Baht
TRY
Turkish Lira
UAH
Ukrainian hryvnia
VEF
Venezuelan bolívar fuerte
VND
Vietnamese đồng
ZAR
South African Rand
XDR
IMF Special Drawing Rights
Cryptocurrencies
BTC
Bitcoin
ETH
Ether
LTC
Litecoin
BCH
Bitcoin Cash
BNB
Binance Coin
EOS
EOS
XRP
XRP
XLM
Lumens
LINK
Chainlink
DOT
Polkadot
YFI
Yearn.finance
Bitcoin Units
BITS
Bits
SATS
Satoshi
Commodities
XAG
Silver - Troy Ounce
XAU
Gold - Troy Ounce
Select Language
Popular Languages
EN
English
RU
Русский
DE
Deutsch
PL
język polski
ES
Español
VI
Tiếng việt
FR
Français
PT
Português
All Languages
AR
العربية
BG
български
CS
čeština
DA
dansk
EL
Ελληνικά
FI
suomen kieli
HE
עִבְרִית
HI
हिंदी
HR
hrvatski
HU
Magyar nyelv
ID
Bahasa Indonesia
IT
Italiano
JA
日本語
KO
한국어
LT
lietuvių kalba
NL
Nederlands
NO
norsk
RO
Limba română
SK
slovenský jazyk
SL
slovenski jezik
SV
Svenska
TH
ภาษาไทย
TR
Türkçe
UK
украї́нська мо́ва
ZH
简体中文
ZH-TW
繁體中文
Login to track your favorite coin easily 🚀
By continuing, you agree to CoinGecko Terms of Service and acknowledge you’ve read our Privacy Policy
or
Forgot your password?
Didn't receive confirmation instructions?
Resend confirmation instructions
IT'S FREE! Track your favorite coin easily with CoinGecko 🚀
By continuing, you agree to CoinGecko Terms of Service and acknowledge you’ve read our Privacy Policy
or
Password must contain at least 8 characters including 1 uppercase letter, 1 lowercase letter, 1 number, and 1 special character
Didn't receive confirmation instructions?
Resend confirmation instructions
Forgot your password?
You will receive an email with instructions on how to reset your password in a few minutes.
Resend confirmation instructions
You will receive an email with instructions for how to confirm your email address in a few minutes.
Get the CoinGecko app.
Scan this QR code to download the app now App QR Code Or check it out in the app stores
coingecko
Continue in app
Track prices in real-time
Open App