According to a new report from Amsterdam-based blockchain analytics firm Crystal Blockchain, $ 7.6 billion worth of cryptocurrencies have been stolen since 2011. The total breaks down into two unfortunately predictable buckets – hacks and scams.
The report found that $ 2.8 billion was stolen through security breaches, with the most popular breach being through the security systems of a cryptocurrency exchange. In total, the company documented 113 security breaches; The largest of these was the Coincheck breach in 2018, in which hackers got away with NEM coins valued at more than $ 535 million.
The United States, Japan, the United Kingdom, China, and South Korea had the most security breaches in exchanges. US crypto services were targeted 13 times and topped the list.
Continue reading: Social Engineering: A Plague On Crypto And Twitter That Is Unlikely To End
Another $ 4.8 billion was stolen through fraud, with Crystal Blockchain identifying 23 known fraud programs.
“We have put together a total of $ 7.6 billion for all years. Basically a cumulative total for the past 10 years, ”said Kyrylo Chykhradze, Crystal Blockchain's product director.
In terms of stolen value, China led the pack by far. The report mainly attributed its ranking to the PlusToken Ponzi program 2019 ($ 2.9 billion) as well as the WoToken scam 2020 ($ 1 billion) associated with the PlusToken.
The majority of crypto exchanges hacked had inadequate security and a low level check for withdrawals such as B. just an email or a phone number.
In the case of Coincheck, for example, the company has kept most of its assets in a wallet that is connected to other external networks. It also completely lacked multi-signature security, which would have required multiple keyholders to log out before funds were moved.
Continue reading: Multi-signature wallets can make your coins more secure (if you use them correctly)
Chykhradze said the main reason for weaknesses in technology is that the industry continues to evolve very rapidly and more and more companies are entering the market with inadequate and "neglected" internal security policies.
"Your security policies are being neglected because these new services cannot (financially) afford to pay so much attention to such security issues, while incumbents are in a better position to ensure security and prioritize," he said in an email to CoinDesk. "As a result, newer services are becoming opportunities for bad actors to spot these vulnerabilities."
Hackers are getting more sophisticated
The report's conclusion doesn't offer much silver. It is found that the number of attacks has remained high in recent years. Violations have even occurred at large exchanges that supposedly had better security measures. The report also predicts that, given that the methods used by hackers have become more sophisticated, the number of attacks will continue to increase.
Chykhradze said they see SIM swapping on the rise; This scam is industry-independent and affects cryptocurrency players as well as those in other sectors.
“But what has really changed and evolved is the way these criminals launder stolen funds. These companies are reviewing the services to understand their anti-money laundering / knowledge of your client policies as well as the privacy token policy on the service offering, ”he said.
“Services with lower barriers to KYC or privacy coin entry are better ways to launder. This is another important point in the security of crypto services. How can we make stolen money laundering nearly impossible for bad actors? "
To solve this, some basic security measures have been recommended for all crypto exchanges, especially if exchanges use hot wallets. On the one hand, insurance is properly taken out for special cases, on the other hand, an internal security team is commissioned, on the other hand blockchain analysis software is used and, on the other hand, it is ensured that there are assets in reserves that correspond to the amount of cryptocurrencies in the online storage .
"We can assume that the number of attacks and schemes will continue to increase as the blockchain industry and crypto market grow," said Chykhradze, "especially with this recent bitcoin bull run we are currently witnessing and the influx of new business. "