The Archive
All catalogued events
Every structured record CryptoMortem has published, ordered from most recent. 70 total.
Bybit Cold-Wallet Hack — February 2025
During a routine multi-sig transfer from an Ethereum cold wallet, malicious code injected into the signing UI tricked three Bybit executives into approving the transfer of approximately 401,000 ETH to a Lazarus-controlled address — at $1.46 billion, the largest cryptocurrency theft on record.
Funds affected$1.46BDanbury Bitcoin Robbery Scheme Guilty Plea
Federal prosecutors said a 22-year-old Missouri man pleaded guilty in Hartford in connection with an attempted Bitcoin robbery and kidnapping in Danbury in August 2024, though key case details remain undisclosed.
Funds affected$0WazirX Multi-Sig Hack — July 2024
India's largest cryptocurrency exchange lost approximately $235M from a multi-sig wallet compromise attributed to North Korea's Lazarus Group. Singapore restructuring proceedings remain open.
Funds affected$235.0MShanghai Sentencing in $29 Million Crypto Forex Case
Chinese authorities traced unusual transactions to a company alleged to have enabled illegal overseas transfers via crypto, and a Shanghai court later sentenced five people in the matter.
Funds affected$29.0MDMM Bitcoin Hack — May 2024
The Japanese exchange lost approximately $305M of BTC to a private-key compromise attributed by the FBI to North Korea's TraderTraitor (Lazarus). DMM covered customer balances and wound down operations in 2025.
Funds affected$305.0MStake.com Hot-Wallet Hack — September 2023
The Australian-licensed crypto-betting platform lost ~$41M to a hot-wallet compromise attributed by the FBI to North Korea's Lazarus Group. Customer balances were unaffected.
Funds affected$41.0MMultichain Bridge Disappearance — July 2023
The cross-chain bridge stopped processing transactions and approximately $130M was drained from bridge contracts after its founder and CEO Zhaojun He was reportedly detained by Chinese authorities.
Funds affected$130.0MAtomic Wallet Hack — June 2023
Approximately 5,500 users of the Estonian non-custodial Atomic Wallet lost a combined ~$100M in June 2023, in an attack attributed by Elliptic and US law enforcement to North Korea's Lazarus Group.
Funds affected$100.0MEuler Finance Hack — March 2023
A flash-loan exploit of a missing solvency check drained $197M from the Ethereum money market — and was returned in full within three weeks after the protocol's public negotiations with the attacker.
Funds affected$197.0MUSDC Depeg — March 2023
When Silicon Valley Bank was seized by US regulators on 10 March, Circle disclosed $3.3 billion of USDC reserves were stuck at the bank — and USDC traded as low as $0.87 over the weekend before federal backstop assurances restored the peg.
Funds affected$3.30BBlockFi Collapse — November 2022
The New Jersey crypto lender filed Chapter 11 sixteen days after FTX, citing direct exposure to FTX and Alameda as the final blow on top of earlier losses to Three Arrows Capital.
Funds affected$1.30BFTX Collapse — November 2022
The world's second-largest crypto exchange filed for Chapter 11 bankruptcy within nine days of a leaked Alameda balance sheet that revealed commingled customer funds.
Funds affected$8.00BMango Markets Oracle Manipulation — October 2022
A trader pumped the MNGO oracle on a thin Solana spot market, used the inflated collateral to borrow $114M from the protocol, then later argued in court that the manoeuvre constituted legitimate trading.
Funds affected$114.0MOFAC Sanctions on Tornado Cash — August 2022
The US Treasury added Tornado Cash smart-contract addresses to the SDN list — the first time OFAC sanctioned autonomous code rather than persons or entities — and arrested co-founder Roman Storm a year later.
Celsius Network Collapse — July 2022
The largest centralised crypto lender suspended withdrawals on 12 June 2022 and filed for Chapter 11 a month later, owing approximately $4.7 billion to retail depositors.
Funds affected$4.70BVoyager Digital Collapse and Bankruptcy in 2022
After Three Arrows Capital defaulted on a roughly $670 million loan, Voyager froze customer activity, entered Chapter 11, and later liquidated, returning about 35.7% of customer claim value.
Funds affected$670.0MThree Arrows Capital Collapse — June 2022
The 10-billion-dollar crypto hedge fund failed margin calls on leveraged LUNA, GBTC and staked-ETH positions, triggering a cascade through Voyager, Celsius and BlockFi.
Funds affected$10.00BTerra / UST Depeg — May 2022
The third-largest stablecoin lost its dollar peg over four days, taking $40 billion in combined LUNA and UST market cap to zero.
Funds affected$40.00BRonin Bridge Hack — March 2022
A North Korean state actor compromised 5 of 9 validator nodes on the Ronin sidechain, draining $625 million in ETH and USDC.
Funds affected$625.0MWormhole Bridge Hack — February 2022
A signature-verification flaw in the Solana-Ethereum Wormhole bridge allowed an attacker to mint 120,000 wETH on Solana without depositing the matching ETH — a $325 million theft that Jump Trading replenished from its own balance sheet.
Funds affected$325.0M