Hackers, Scammers Have Stolen $7.6B in Crypto Since 2011

12 November 2020

Since 2011, $7.6 billion worth of cryptocurrencies have been stolen, according to a new report from Amsterdam-based blockchain analytics firm Crystal Blockchain. The total figure breaks down into two sadly predictable buckets – hacks and scams. 

The report found that $2.8 billion was stolen through security breaches, the most popular breach being via a cryptocurrency exchange’s security systems. In total, the firm documented 113 security breaches; the largest of these was the Coincheck breach in 2018, which saw hackers make off with more than $535 million worth of NEM coins. 

The United States, Japan, the United Kingdom, China and South Korea experienced the most exchange security breaches. U.S. crypto services were targeted 13 times, topping the list. 

Read more: Social Engineering: A Plague on Crypto and Twitter, Unlikely to Stop

Another $4.8 billion was stolen through scams, with Crystal Blockchain identifying 23 prominent fraud schemes. 

“We deemed $7.6 billion as the total amount for all the years combined in one sum. Basically a cumulative sum for the last 10 years,” said Kyrylo Chykhradze, a product director of Crystal Blockchain.

In terms of the value stolen, China led the pack by far. The report attributed its ranking mainly to the 2019 PlusToken Ponzi scheme ($2.9 billion) along with the 2020 WoToken scam ($1 billion) that  was connected to the PlusToken. 

The majority of crypto exchanges that were hacked had insufficient security and low-level verification for withdrawals, such as just an email or phone number. 

In the case of Coincheck, for example, the company kept most of its assets in a wallet connected to other external networks. It also lacked multisignature security entirely, which would have required multiple key holders to sign off before funds were moved. 

Read more: Multisignature Wallets Can Keep Your Coins Safer (If You Use Them Right)

Chykhradze said the main reason for vulnerabilities in the tech is the industry continues to evolve at a very fast pace, and more and more entities are appearing on the market with inadequate and “neglected” internal security policies. 

“Their security policies are neglected because these new services cannot (financially) afford to pay as much attention to such security issues, whereas well-established entities are in a better position to ensure and prioritize security,” he said in an email to CoinDesk. “This results in newer services becoming cherry-picking opportunities for bad actors who can spot those vulnerabilities.”

Hackers are becoming more sophisticated

The report’s conclusion doesn’t offer much of a silver lining. It observes that over the last few years the number of attacks have remained high. Even large-scale exchanges, which would ostensibly have better security measures, have experienced breaches. The report also predicts that, given that methods used by hackers have continued to become more sophisticated, attacks will only continue to grow in number. 

Chykhradze said they see SIM-swapping on the rise; this scam is industry-agnostic, afflicting cryptocurrency players as well as those in other sectors. 

“But what has really changed and developed is the way that these criminals are laundering stolen funds. These entities scrutinize services to understand their [anti-money laundering/know your customer] policies as well as policies related to privacy coins in the service’s offering,” he said. 

“Services with lower barriers for KYC or privacy coin entry are better opportunities for laundering. This is another critical point to consider in crypto service security, how do we make stolen fund laundering almost impossible for bad actors?”

By way of solution, a few basic security measures for all crypto exchanges were recommended, particularly when exchanges use hot wallets. One is having proper insurance for special cases, a second is retaining an in-house security team, the third is using blockchain analytics software and last is making sure to have assets in reserves equivalent to the amount of cryptocurrencies in online storage. 

“We can assume that the number of attacks and schemes will continue to grow as the blockchain industry and the crypto market grows,” said Chykhradze, “especially with this latest bitcoin bull run we are currently experiencing and the influx of new business.”

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.