10 Biggest Crypto Scams in History & Lessons for Investors

Have you ever dreamed of making money with cryptocurrency?

Many people have.

Crypto promises freedom and quick profits. But there is also a dark side. Scams, hacks, and frauds have stolen billions from many investors.

In 2025 alone, over $2.17 billion has been stolen from crypto services.

In this blog, we’ll share the top 10 biggest crypto scams in history and show you how to protect yourself in this risky world of digital money.

Cryptocurrency is a type of digital money that exists only online. It uses cryptography, a type of code, to keep transactions safe and secure. All transactions are recorded on a blockchain, which is like a public notebook that anyone can check, but no one can change.

Unlike normal money that governments control, cryptocurrency is decentralized, meaning no bank or authority is in charge. You can use it to send money directly to anyone, anywhere in the world, without middlemen.

Some popular cryptocurrencies are Bitcoin, Ethereum, and Ripple.

People buy crypto to invest, make online payments, or protect their money from unstable economies. But because it is less regulated, crypto also attracts scammers, which is why many of the biggest scams in history happened.

01 # OneCoin: $4.4B Stolen (2014)

In 2014, Bulgarian entrepreneur Ruja Ignatova launched OneCoin, claiming it was the next big cryptocurrency. She promised investors returns of up to 300% per year, which sounded like a dream to many.

OneCoin was sold through a multi-level marketing (MLM) system. People bought “educational packages” ranging from €100 to €118,000. These packages supposedly gave access to OneCoin tokens that could grow in value.

The truth was shocking. OneCoin had no blockchain, no mining, and no real way to verify its value. It was a fake cryptocurrency. Yet, it worked like a classic Ponzi scheme.

At its peak, it collected around $4.4 billion from 3.5 million investors in over 175 countries. The company had offices in more than 100,000 locations worldwide. It even hosted flashy conferences in cities like Dubai, Bangkok, and Lisbon to look legitimate.

Eventually, the U.S. Department of Justice stepped in. Some executives, like co-founder Sebastian Greenwood, were sentenced to 20 years in prison. But Ruja Ignatova, known as the “Cryptoqueen,” disappeared in 2017.

She is still on the FBI’s Ten Most Wanted list with a $5 million reward for information leading to her capture.

02 # BitConnect: $2.4B Lost (2017)

BitConnect started in 2016 as a platform where people could lend Bitcoin and earn huge profits. They promised investors up to 1% per day, which is over 3,600% a year.

The platform used its own coin, called BitConnect Coin (BCC). Investors were told a “trading bot” would generate these profits. But no one ever saw this bot or how it worked.

By December 2017, BitConnect had a market value of over $2.5 billion. Its growth was powered by aggressive marketing and referrals. Many promoters around the world, including John Bigatton from Australia, encouraged people to join. Bigatton was later charged with giving unlicensed financial advice.

The system was a classic Ponzi scheme. Money from new investors was used to pay earlier investors. In January 2018, regulators in Texas and North Carolina forced BitConnect to shut down its lending and exchange platform.

The price of BCC crashed from $463 to under $1, and investors lost billions. Experts estimate that around $2.4 billion was stolen worldwide.

Later, the U.S. SEC filed charges against BitConnect’s founder, Satish Kumbhani, and U.S. promoter Glenn Arcaro. They were accused of running a global Ponzi scheme.

03 # Mt. Gox: $473M Stolen (2014)

Before Binance or Coinbase existed, Mt. Gox was the biggest name in crypto. It started in 2010 in Japan, first by Jed McCaleb, and was then sold to Mark Karpelès in 2011. Back then, it was the only major place where people could buy and sell Bitcoin safely.

By 2013, Mt. Gox handled nearly 70% of all Bitcoin trades worldwide. It processed over $6 billion in transactions every year and had more than 1 million users.

But the success didn’t last long. The platform had poor security, no regular audits, and one man controlled everything. Hackers took advantage of that. Between 2011 and 2014, they slowly stole Bitcoin without being noticed.

By the time Mt. Gox realized what had happened in February 2014, around 850,000 Bitcoins were gone. Back then, that was worth about $473 million. Today, the same amount would be worth more than $57 billion.

After the theft, Mt. Gox froze all withdrawals and filed for bankruptcy. More than 24,000 people lost their savings. Investigations later showed that most of the Bitcoins were stolen years before, and Mt. Gox had been running at a loss for a long time.

Around 200,000 Bitcoins were later found in old wallets, but it wasn’t enough to cover what investors lost. In 2019, the CEO, Mark Karpelès, was charged with fraud and data tampering. He was found guilty of falsifying records and got a two-and-a-half-year suspended sentence.

04 # PlusToken: $3B Vanished (2019)

In May 2018, a crypto wallet called PlusToken appeared. It promised users huge returns up to 18% per month - only for storing their cryptocurrency. People were excited and joined quickly.

The platform used a multi-level referral system. That means you earned rewards by inviting friends. Most users were from China, South Korea, and Japan.

Investors were asked to deposit cryptocurrencies like Bitcoin (BTC), Ethereum (ETH), Litecoin (LTC), Ripple (XRP), Dogecoin (DOGE), and EOS.

PlusToken said it would use these coins to trade and earn profits. But it was a classic Ponzi scheme. They never invested the money anywhere real.

By June 2019, the scammers had collected around $2.9 billion in crypto. People soon realized they could not withdraw their funds. The scammers took over $3 billion and vanished.

Chinese authorities finally arrested six main suspects in Vanuatu in June 2019. Later, more arrests were made. By July 2020, 27 top suspects were in custody.

In December 2020, a court in Jiangsu sentenced the leaders to 2 to 11 years in prison, and they were fined $900,000.

The scam also affected the crypto market. Blockchain analytics firm Chainalysis found that the scammers laundered much of the stolen crypto through mixers and exchanges.

This caused temporary drops in Bitcoin’s price. For example, in September 2019, about $34 million in Bitcoin from PlusToken wallets were sold, which pushed prices down.

05 # QuadrigaCX: $137M Locked (2018)

In December 2018, the Canadian cryptocurrency exchange QuadrigaCX collapsed. Its CEO, Gerald Cotten, died suddenly in India. Cotten was the only person with access to the exchange’s cold wallets.

These wallets held about C$190 million (US$137 million) in cryptocurrency from around 115,000 customers. When he died, the funds became unreachable.

The Ontario Securities Commission (OSC) investigated QuadrigaCX. They found Cotten ran the exchange like a Ponzi scheme. He used new deposits to pay old withdrawals.

He also spent money on personal things. Cotten even opened accounts with fake names and gave himself fake balances.

Auditors found the cold wallets were empty months before Cotten died. QuadrigaCX had about C$28.6 million in real assets. But it owed around C$216 million to creditors, including C$214.6 million to 76,319 unsecured creditors.

06 # Thodex: $2B Disappeared (2021)

In April 2021, Turkey’s crypto world was shocked by the sudden collapse of Thodex, one of the biggest crypto exchanges in the country. The exchange was started in 2017 by Faruk Fatih Özer.

In just a few years, it grew very quickly. Thodex had around 391,000 users and handled daily trades of more than $500 million.

On April 20, 2021, Thodex suddenly stopped letting users trade or withdraw money. Özer said the exchange faced a cyberattack and promised users their money was safe.

But the next day, he disappeared. Reports say he ran away to Albania with about $2 billion from investors.

In August 2022, Özer was arrested in Albania. He was sent back to Turkey.

In September 2023, he was sentenced to 11196 years in prison for money laundering and running a criminal organization. His brother and sister, who helped run the exchange, also received the same sentence.

07 # Pincoin & iFan: $660M Scam (2018)

In 2018, two cryptocurrency projects, Pincoin and iFan, run by the Vietnamese company Modern Tech, became one of the biggest crypto scams in history.

They promised investors huge profits and new blockchain technology. Together, these projects raised around $660 million from 32,000 investors.

Pincoin offered monthly returns of up to 48% and iFan claimed it would change how fans interact with social media influencers.

Modern Tech used flashy events and seminars in Ho Chi Minh City and Hanoi to make their projects look real. They even presented themselves as the official representative of both ICOs in Vietnam.

In reality, both Pincoin and iFan projects were Ponzi schemes. Early investors were paid with money from newer investors. Eventually, Modern Tech disappeared with all the funds. Offices were left empty, and investors had no way to get their money back.

The Vietnamese government investigated the case, but the team behind the scam has not been caught, and the money is still missing.

08 # WoToken: $1.1B Lost (2018)

WoToken started in 2018 in China and promised investors big profits using a crypto trading app. The company claimed they could give up to 10% monthly returns through automatic trading.

Thousands of people invested, mostly from China, but also from other countries. The scheme used a multi-level marketing structure, which paid users for bringing in new members.

In reality, WoToken had no real trading. Early investors were paid with money from new investors, which is how Ponzi schemes work.

Experts estimate that WoToken stole around $1.1 billion. The scam had over 715,000 victims. Its marketing system had 501 levels, showing how large and complex it was.

Chinese authorities acted in 2020. Four key suspects were sentenced to prison from 2.5 to 8.8 years. About $63 million of the stolen money was recovered. Investigations showed the scammers used fake trading data and clever tricks to hide the fraud.

09 # Centra Tech ICO $25M Scam (2017)

In 2017, Centra Tech shocked the crypto world. Its Initial Coin Offering (ICO) raised over $25 million from investors. The company promised new financial products, like a debit card backed by Visa and MasterCard.

They claimed these products would make crypto spending easy. But none of this was true. Centra Tech had no deals with Visa or MasterCard. The cards did not exist.

The founders, Sohrab "Sam" Sharma and Robert Farkas, created fake executive profiles. They used misleading marketing materials to look trustworthy. They also paid celebrities to promote the ICO.

Floyd Mayweather Jr. received $100,000, and DJ Khaled got $50,000. Neither of them told the public they were paid, breaking U.S. securities rules.

In 2021, Sharma went to prison for eight years. Farkas served one year and had to give back over $347,000. The SEC fined Mayweather and Khaled a total of $614,775, which included penalties and interest.

10. Mirror Trading International: $1.7B Stolen (2020)

Mirror Trading International, or MTI, started in 2019 in South Africa. Its founder, Johann Steynberg, promised investors easy profits through automated Bitcoin trading.

MTI claimed to use a special AI trading bot to earn money for users. It offered monthly returns up to 10%, which sounded very attractive.

But MTI did not actually trade Bitcoin. Instead, it used money from new investors to pay earlier investors. This made it a classic Ponzi scheme.

At its peak, MTI had about 100,000 members in over 140 countries. The platform collected around $1.7 billion (R32 billion) in Bitcoin. Investors believed their money was growing, but the profits came from other investors’ funds.

MTI went offline in December 2020, and the Western Cape High Court put it into final liquidation in June 2021. Liquidators recovered 1,281 BTC, worth about R1.05 billion, from a Belize-based broker called FXChoice.

Johann Steynberg fled South Africa and was arrested in Brazil in December 2021. He faced charges for using fake documents. In 2023, a U.S. court ordered him to pay over $1.7 billion in restitution to victims.

Read Blog -  How To Recover Stolen Cryptocurrency

The history of the biggest crypto scams also teaches us important lessons. If you know these lessons, you can protect your money and avoid mistakes that cost millions.

01 # Unrealistic Promises Are a Red Flag

Many scams attract people by promising huge profits. BitConnect promised up to 1% per day. That adds up to more than 3,600% a year. PlusToken promised 18% per month.

Real crypto investments do not give fixed profits. If a project promises massive returns with no risk, it is almost always a scam.

02 # Centralized Control Equals Big Risk

Scams often happen when one person controls all the money. QuadrigaCX lost C$190 million because only the CEO could access the wallets. Mt. Gox lost $473 million in 2014 because hackers stole Bitcoin over the years.

Always use wallets where you control the private keys. Multi-signature wallets are safer than trusting one person or company.

03 # Marketing Hype Can Be Dangerous

Many scams use famous people or big events to look real. Centra Tech paid Floyd Mayweather Jr. $100,000 and DJ Khaled $50,000 to promote its ICO. Pincoin and iFan ran big seminars in Vietnam with thousands of people.

Do not trust celebrity endorsements. Always check the project’s team, whitepaper, and history before investing.

04 # Lack of Transparency Shows Risk

Scammers hide the truth about money and operations. OneCoin had no blockchain. MTI used fake trading bots. A real project will share clear reports and show how your money is used. If you cannot check how a project works, do not invest.

05 # Regulation Protects Investors

Many scams grow in places with few rules. BitConnect shut down only after Texas and North Carolina regulators acted. MTI disappeared before the courts could act. Investing in projects that follow rules and are registered with authorities is safer.

06 # Research Before You Invest

You must check a project carefully. Look for reviews, official documents, team info, and past projects. PlusToken stole $3 billion and caused Bitcoin prices to drop temporarily.

Scams can harm the whole market, not just individuals. Being informed is your best protection.

07 # Never Invest More Than You Can Afford to Lose

Even if a project seems safe, crypto is risky. OneCoin took $4.4 billion from 3.5 million people. Only invest funds you can affor

Cryptocurrency hacks come in many forms. Here are the 15 common types of crypto hacks:

1. DNS Hijacking
2. Cross‑Chain Bridge Exploits
3. Dusting Attacks
4. Cold‑Wallet Compromise
5. Brute‑Force / Password Cracking
6. Man‑in‑the‑Middle (MITM) Attacks
7. Front‑Running / MEV Exploits
8. Transaction Malleability Attacks
9. Compiler or Tooling Backdoors
10. Phony or Cloned dApps (Fake Interfaces)
11. Governance Token Manipulation
12. Key‑Escrow / Custody Breaches
13. Faucet Abuse / Testnet Token Laundering
14. Time‑Delay / Multisig Exploits
15. Side‑Channel Attacks

Following these simple steps with basic tech awareness can help you avoid losing your money in crypto exchange hacks.

• Choose Trusted Exchanges - Pick platforms that use cold storage, multi-signature wallets, Hardware Security Modules (HSMs), and Distributed Key Management (DKM) to protect private keys. Make sure they’ve had third-party security checks and penetration testing. Also, check if they support Proof-of-Reserves (PoR) to show all user funds are backed properly.
• Use Strong Authentication - Always turn on Two-Factor Authentication (2FA) using apps like Google Authenticator or Authy. Avoid using SMS 2FA because it’s weak against SIM-swap attacks. Some exchanges support hardware security keys like YubiKey, which add extra protection.
• Don’t Keep All Crypto On Exchanges - Store most of your crypto in non-custodial wallets or hardware wallets where only you hold the private keys. If the exchange is hacked, your funds will stay secure.
• Watch Out for Phishing Sites - Hackers make fake websites or apps that look real. Always check the website link before logging in and use only official links. Avoid clicking links from emails or ads.
• Keep Your Devices Secure - Use strong, unique passwords and store them in a password manager. Keep your computer, browser, and antivirus updated. Avoid using public Wi-Fi and, if possible, use a separate device for crypto work.
• Check Your API and App Permissions - If you use trading bots or portfolio tools, set their API access to read-only. Turn off withdrawal access to stop hackers from moving your funds.
• Use Exchanges With Good Security Systems - Top exchanges use intrusion detection systems (IDS), real-time monitoring, DDoS protection, and cyber threat intelligence tools to stop attacks quickly.

Read more: How to Stay Safe from Scams

What is the biggest crypto hack in history?

The biggest crypto hack is OneCoin (2014), where scammers stole $4.4 billion from 3.5 million investors worldwide.

How much money have people lost to crypto scams in 2025?

In 2025, people lost over $2.17 billion to crypto scams. Most of this comes from Ponzi schemes, fake exchanges, and fraudulent tokens.

Can crypto scams affect the overall cryptocurrency market?

Yes. Big scams can shake confidence in the crypto market. For example, the PlusToken scam caused temporary drops in Bitcoin prices when stolen funds were sold.

Which countries were most affected by crypto frauds?

The USA, China, South Korea, India, Turkey, and Vietnam have seen the largest number of fraud cases. Scammers target both beginners and experienced investors in these places.

Are there countries where crypto investments are safer from scams?

No country is completely safe. But countries such as Singapore, Switzerland, and Germany protect investors with strong crypto rules and regulations.

How can I verify if a crypto project actually has a blockchain?

To check a crypto project:

• Look for public blockchain explorers to see transactions.
• Review the smart contracts on the main network.
• Make sure transactions are visible and verifiable.

A real project usually has open-source code, clear reports, and transparent operations. If you cannot verify how it works, it might be a scam.

The biggest crypto scams in history show that anyone can lose money if they are not careful. It is very important to know the risks, do research, and stay alert before investing.

If you ever lose crypto in a hack or scam, contact TechForing. We can help you recover your lost funds.

Talk To a Recovery Specialist