Private Key Compromise attacks in 2024

$13.7M drained from UAE-based M2 Exchange hot wallets across BTC, ETH and Solana; identified, contained and customer funds restored in just 16 minutes.

DPRK-style multi-chain compromise swept $52M from BingX hot wallets across Ethereum, BNB Chain, Avalanche, Optimism and Polygon.

DeltaPrime lost $6M on Arbitrum after a single private key was extracted; the team ran multi-sig on Avalanche but not Arbitrum. ZachXBT linked it to Lazarus.

~$20M swept from Indonesia's largest crypto exchange across multiple chains in a coordinated hot-wallet compromise during 2024's run of exchange breaches.

~$55M drained from BtcTurk's hot wallets, with Binance freezing roughly $5.3M of the stolen funds mid-flight — Turkey's largest exchange compromise to date.

$22M (158 BTC, 2,161 ETH, plus LTC/BCH) drained from Lykke in a private-key compromise the UK exchange tried to keep quiet; later attributed to Lazarus.

Attacker took over a dormant MINTER role to mint 5B GALA ($216M), sold $21.8M before being blacklisted; the remaining 4.4B tokens are effectively burned.

Grand Base, an RWA project on Base, lost $2M after its deployer key was compromised or abused; the attacker minted unlimited GB and drained the liquidity pool.

A stolen admin key let the attacker add themselves as a minter and produce 1.79B PLA across two strikes — nominal $290M, only $32M successfully cashed out.

Orange Finance on Arbitrum lost ~$844K after its admin key was compromised, used to alter strategy contracts and withdraw managed Uniswap v3 positions.