Millions in
cryptocurrency stolen, exit scams, and countless arrests were made in
connection to crypto criminal schemes this year.
Play Sound
The cryptocurrency
market is booming, and with it, criminals are looking to cash in.
Bitcoin (BTC) may not
have sustained the $19,000+ price tag of previous years, now coming in at
roughly $7,200 at the time of writing, but there is also a variety of other
stable coins and altcoins, including Ethereum (ETH), Ripple (XRP), Monero
(XMR), Bitcoin Cash (BCH), and Litecoin (LTC), that maintain a loyal following
and constant trade.
EXECUTIVE
GUIDE
There’s promise and
peril in the still-evolving world of cryptocurrencies such as Bitcoin and
Ether.
The industry has
gained enough traction in recent years that regulators are beginning to shift
towards the viewpoint that virtual coins should be considered taxable assets,
with the IRS now hunting down
cryptocurrency traders that do not declare their investments. The UK's
Financial Conduct Authority (FCA) also clarified its stance (.PDF) this year on
what coins can be considered securities or e-money -- some of which now land
under the FCA's remit.
Russia, too, known for
its hostile approach to cryptocurrency, has begun to accept that
cryptocurrency may have a legal position in the economy.
With any form of asset
that has financial worth, criminals will look for ways to fraudulently profit
and cryptocurrency is no exception. The industry is rather unregulated, with
laws potentially applied locally, but with exchanges registered worldwide,
investment in cryptocurrency can be a risk.
Exchanges are a common
target. A weakness in a website, a vulnerability leading to exposure of a hot
wallet -- storage systems used to hold virtual coins that are
Internet-connected -- insider threats, and exit scams can all result in traders
losing their cryptocurrency. Wallets, too, can be ransacked when
vulnerabilities are found, and the blockchain itself, the backbone technology
of cryptocurrency exchanges, may be subject to attacks such as the 51% technique. Unless
cryptocurrency is stashed in a cold, hardware-based wallet that is not
connected to the web, there may be a risk of cyberattack.
Below, we take a look
at some of the most noteworthy cases of hacking, criminal investigations, exit
scams, and cryptocurrency-related breaches over 2019.
JANUARY:
·
Cryptopia: New Zealand's Cryptopia cryptocurrency exchange
was pulled offline due to some form of hack, but details are scant. Trading was
suspended and the firm went into liquidation. It has since emerged that
users did not hold individual
wallets. Estimates suggest that up to
$16 million may have been lost.
·
Proof of Stake: Security issues were found in 26 forms of
cryptocurrency opening up users to "Fake Stake" attacks, crashing
blockchains and giving attackers the opportunity to seize control of them.
·
LocalBitcoins: An attack taking place on the
peer-to-peer cryptocurrency market platform led to the theft of Bitcoin
belonging to customers.
·
Bitgrail sentence: The previous owner of
hacked exchange Bitgrail -- which lost $195 million in Nano coins -- was
commanded by an Italian court to return as much in customer funds as possible,
leading to the seizure of assets.
·
IOTA arrest: Europol arrested a man from the United
Kingdom on suspicion of stealing €10 million in IOTA cryptocurrency.
FEBRUARY:
·
Coinmama: Coinmama was made aware that 450,000 email
addresses and hashed passwords of users were up for sale on the Dark Web.
MARCH:
·
Bithumb: Bithumb reported another security incident, the
third in two years. It is believed that cyberattackers may have stolen up to
$20 million in EOS tokens and Ripple.
·
DragonEx, CoinBene: The cryptocurrency exchanges were
subject to cyberattacks, leading to an estimated loss of $1 million in
cryptocurrency by DragonEx, and $45 million by CoinBene.
·
Binance: Cyberattackers compromised the Binance
cryptocurrency exchange platform and made off with $41 million in Bitcoin.
Since May, Binance has faced rumors of raids in
China, which the company vehemently denies.
·
Bestmixer: Bestmixer.io was seized by European
police. The online service is thought to have laundered over $200 million in
cryptocurrency throughout the years, making it far harder for law enforcement
to track coins believed to be stolen or the result of criminal activities.
1 - 5 of 9
NEXT
JUNE:
·
GateHub: Ledger wallets belonging to 18,473 customers were
compromised. Suspicious API calls were detected and an investigation concluded
the attacker(s) managed to access a database containing valid access tokens. It
is still not known exactly just how many coins were stolen, but estimates
suggest that at least $10 million was taken.
·
Bitrue: Singaporean exchange Bitrue lost 9.3 million in
XRP and 2.5 million in Cardano (ADA) from its hot wallet, worth millions of
dollars. A hacker exploited a vulnerability in review process systems to steal
customer funds.
·
€24 million Bitcoin heist: Six arrests were made in the UK
and the Netherlands by Europol and Eurojust. The suspects are alleged to have
operated a scam that netted them €24 million in Bitcoin (BTC).
CNET:
JULY:
·
Bitpoint: Japan-based cryptocurrency exchange Bitpoint was
subject to $32 million in cryptocurrency theft, $23 million of which belonged
to the organization's customers.
SEPTEMBER:
·
Ethereum startup extortion: Two cryptocurrency consultants
were arrested and charged by the DoJ based on claims the pair attempted to
extort an Ethereum startup, threatening to destroy the business unless they
were paid what they wanted.
·
EtherDelta charge: A hacker best known for attacking
TalkTalk was also indicted for an attack in 2017 on cryptocurrency exchange
EtherDelta.
OCTOBER:
·
MapleChange: Canadian crypto trading post MapleChange said
that over 900 BTC had been stolen, but customers would not be refunded -- and
very quickly thereafter, the firm's website and social media presence vanished.
Foul play is suspected.
·
Satowallet: Satowallet blamed Telegram scammers for the
loss of $1 million, stolen from customer wallets. An exit scam is suspected.
TechRepublic:
NOVEMBER:
·
Upbit: South Korean cryptocurrency exchange Upbit said
that 342,000 in Ethereum (ETH) had been stolen from the firm's hot wallet,
worth roughly $48.5 million. The exchange has promised that customers will not
be impacted and the funds will be covered by Upbit assets.
·
Monero: The official Monero website was compromised to
deliver a malicious Official Linux CLI binary, tampered to steal funds from
unwitting users.
·
PureBit: Despite only being in operation a few
months, South Korean cryptocurrency exchange PureBit allegedly pulled an exit
scam, taking $3 million in Ethereum with it.
·
North Korea talks: Ethereum project member and
cryptocurrency expert Virgil Griffith was arrested after giving a talk at a
technology conference in North Korea about how the blockchain could be used to
circumvent sanctions. If found guilty of breaking US law, he may face up to 20
years behind bars.
·
Crypto theft, SIM-swapping: The DoJ charged two men for
allegedly conducting SIM-swapping attacks in order to steal cryptocurrency from
high-value targets. Over $550,000 in cryptocurrency from known victims was
allegedly stolen after phone numbers were hijacked to gain access to victim
wallets.
·
PlusToken: PlusToken allegedly performed an exit scam,
walking away with $2.9 billion in deposits. Some individuals suspected of being
involved have been arrested.
DECEMBER:
·
Vertcoin: Vertcoin suffered a 51% attack in December 2018,
and a year later, history repeated itself. This attack resulted in 603 blocks
being removed from the VTC chain and replaced by 553 attacker blocks in order
to perform double-spending.pending.
Comments
Post a Comment