If you’ve been following for any length of time you probably realise there is a lot that is written about. Following cyber / infosec topics and movements in the crypto space is something that is usually pretty enjoyable for the average data nerd.

In today's historical hack, we’ll be looking at a fusion of two of these interesting topics. Cybersecurity and Cryptocurrency. It’s a real-life hack that turned the crypto world upside down, resulted in a hard fork to recover the funds and is still relevant in today's world of smart contracts and decentralised autonomous organisations (DAO). If you’re a crypto veteran, you probably know where we’re heading with this. It is, of course, the 2016 Ethereum hack. Let’s check it out!

The Background

While in 2024 some aspects of the crypto space are new and face continuing development, it’s fair to say that in 2016 things were even more so. With the concept of crypto still fairly new, there was plenty of movement in the space, with decentralised finance, smart contracts and decentralised autonomous organisations all becoming new terms to the average enthusiast. Promising to return power to the people by streamlining the ability to provide financial services to people the world over, with no need for a bank or central authority.

It’s worth mentioning here that the Silk Road had been shut down a few years earlier. Despite this, the concept of using crypto for trading was well and truly alive, and Bitcoin had been through several speculative periods during this time. This included some significant price movements in both directions and surviving the fallout of the MTG0X as well. The price at the time of the hack was around $600, a far cry from today's bull run prices.

Ethereum however, was a relative newcomer by comparison. Despite many showing interest at launch, it had been in the space barely twelve months at the time of the hack and many weren’t convinced of its longevity yet. It’s price reflected this, staying consistent at around $15 prior the the event occurring.

Despite this relative youth though, many developers saw great long-term potential in the Ethereum network. While Bitcoin ruled the space in the early days, ETH was a vision of what many believed the space should look like, promising a greater transaction rate, more decentralisation, smart contract execution and a long-term vision for its network.

One of the biggest advantages of these features was the option of engaging with decentralised apps (dApps), or more specifically those providing decentralised finance services. Promising the ability to use your crypto with collateral, these systems were powered by smart contracts, one of the new pieces of technology. It was one of those smart contracts that would end up being exploited to perpetuate the hack.

The Hack

The DAO was launched with quite a bit of fanfare for the time. With a large backing and a funding war chest of over $150 million, DAO provided many benefits to ETH, including the option of community voting, giving legitimate small-scale stakeholders a voice in the ongoing operations and funding allocations of the DAO. This governance token had the ticker of DAO and was designed to lock liquidity in exchange for voting power, with peace of mind provided by a smart contract. With the sale period just 28 days, it was expected that many currently in the crypto space would want to get involved.


When you’re looking at open-source code, one of its biggest strengths is also its biggest weakness. While the code is open source and able to be peer-reviewed, should there be exploits in that code then they become public too. It also means that someone, somewhere is probably going to read that code and may decide to exploit it for their own purposes, something that's become much more common in recent years.

While cyber researchers raised concerns about the code shortly after its release, unfortunately, it was too late to prevent the hack from occurring. Using an exploit in the contracts call function, the hackers were able to drain millions of dollars worth of ETH from the DAO.

The Fallout

Considering we hear much in the crypto scene about immutability and an inability to reverse transactions, it might surprise you to learn that one of the first solutions to reverse the hack revolved around exactly that. One of the first steps to be considered was a “soft fork” which was basically a reversal of the blockchain to the point prior to the hack.

This step proved extremely controversial, so much so that the hackers themselves spoke up and said that they intended to offset any fork using bribery, and threw in the offer of 1 million ETH and 100 BTC as an incentive. Eventually, it was revealed that due to intricacies in the original code, a soft fork wasn't possible. This eventually led to a hard fork being implemented, with the hack reversed and the DAO funds assigned to a new, more secure smart contract.


While the hack was able to be reversed, the loss of trust in ETH and the controversy caused by the hard fork reversal remained, splitting the crypto community in two. Those who agreed with the fork, and those who argued that decentralisation was king and that any reversal broke trust in the system as a whole. The outcome of this conflict was the creation of Ethereum Classic, a cryptocurrency that remains in play to this day.

Lasting Effects

It’s fair to say that the DAO raised the first of many issues that some might say have yet to be fixed today. This included issues around excessive centralisation, security issues with smart contracts, and what to do when a large hack occurred.

For some, the hack was a large breach of trust that would end up being nearly impossible to repair while for others it was simply a consequence that came with a lack of regulation within the space. While the exact solution was yet to be identified, some of the things that were agreed on were an increase in smart contract auditing and new security measures around dApps that would help users keep their funds in their wallets.

However, with another minor DAO attack occurring in 2024 on the Solana blockchain, it’s clear that more discussions around mitigating and securing smart contract exploitation will be needed in the future. Like anything new, the crypto space certainly isn’t without its problems. However, it also has a lot to offer for those who are currently active on-chain.

Medium has recently made some algorithm changes to improve the discoverability of articles like this one. These changes are designed to ensure that high-quality content reaches a wider audience, and your engagement plays a crucial role in making that happen.

If you found this article insightful, informative, or entertaining, we kindly encourage you to show your support. Clapping for this article not only lets the author know that their work is appreciated but also helps boost its visibility to others who might benefit from it.

🌟 Enjoyed this article? Support our work and join the community! 🌟

💙 Support me on Ko-fi: Investigator515

📢 Join our OSINT Telegram channel for exclusive updates or

📢 Follow our crypto Telegram for the latest giveaways

🐦 Follow us on Twitter and

🟦 We’re now on Bluesky!

🔗 Articles we think you’ll like:

1. What The Tech?! Rocket Engines
2. OSINT Investigators Guide to Self Care & Resilience

✉️ Want more content like this? Sign up for email updates