This month, the crypto trading platform Bitmart announced that hackers had stolen nearly $200 million after breaking into a company account.
It’s not just about investors getting rich from cryptocurrencies.
Hackers have stolen billions of dollars in virtual assets from cryptocurrency exchanges during the last year by attacking some of the marketplaces that have developed throughout the bitcoin boom.
There have been at least 20 successful robberies of crypto exchanges or projects this year, totaling more than $10 million in digital currencies. In at least six cases, hackers stole more than $100 million, according to data compiled by NBC News. Bank robberies last year resulted in offenders pulling off an average of less than $5,000 per job, according to FBI statistics.
Despite the fact that these robberies have a large price tag, they do not usually have the same degree of drama or attention as traditional bank robberies. But cryptocurrency experts believe they provide a cautionary tale for would-be cryptocurrency investors: exchanges are now attractive targets for hackers.
“If you hack a Fortune 500 company today, you might steal some usernames and passwords,” said Esteban Castaño, the CEO and co-founder of TRM Labs, a company that builds tools for companies to track digital assets. “If you hack a cryptocurrency exchange, you may have millions of dollars in cryptocurrency.”
Modern-Day bank robbers
Cryptocurrencies, which were once an obscure technology requiring a high degree of technical knowledge to purchase, have evolved into a more accessible investment and speculation tool, prompting over 300 businesses to start up in recent years to provide individuals with an easy method to invest in and trade everything from bitcoin to less prominent “altcoins” like dogecoin and shibu.
Exchanges that trade cryptocurrencies work similarly to traditional money exchanges, establishing rates for various currencies and collecting a fee to enable trades. However, while several countries have tough rules in place, it is rather simple for technology entrepreneurs to establish an exchange almost anywhere throughout the globe and run it as they choose.
Cryptocurrencies, as the name implies, are decentralized, secure currencies. However, because cryptocurrency exchanges generally start with a small staff and few if any full-time cybersecurity specialists, they are especially vulnerable to cybercriminals. Their developers may work at breakneck speeds to get the code to run correctly, inadvertently creating vulnerabilities that allow hackers access.
Cryptocurrency exchanges keep many of their cryptocurrencies in so-called cold wallets, which are stored securely offline. Everything else is kept in “hot wallets,” which are liquid and can be sent to clients. That means if a hacker compromises a staff member’s account — a frequent internet security breach – they may pull off a large theft, according to Dave Jevans, the founder of CipherTrace, a company that tracks theft and fraud in cryptocurrencies.
“If you steal the private keys to a hot wallet, it’s not like stealing a database of people’s names and Social Security Numbers,” Jevans said. “You’ve just basically stolen all their money.”
If an exchange has adequate funds and plans ahead to create an emergency fund, it can reimburse customers if its system is assaulted, according to Jevans. If not, they are generally forced out of business.
“Not every exchange is so wealthy or has so much foresight. It just goes, pop, ‘We’re out of business. Sorry, you’re all screwed,’” he said.
Recent Cryptocurrency Exchange Hacks
In early December, when the cryptocurrency trading platform Bitmart announced that hackers had stolen almost $200 million from a firm account, one of the most significant robberies that has occurred. The firm shut down client transactions for three days before allowing them to resume trading their money.
The problem is made worse by the fact that many cryptocurrency projects, in order to avoid government controls, operate from nations where law enforcement agencies have little power to go after transnational hackers. Or if they are hacked, they are less likely to ask for government assistance on principle because of their beliefs, according to Beth Bisbee, CEO of Chainalysis a company that tracks cryptocurrency transactions for both private companies and government agencies.
“Some people want to be anti-bank and anti-oversight,” Bisbee said. “They’re not necessarily wanting to work with law enforcement, even though they’d be considered a victim and it’d be beneficial for them to do so.”
Keeping A Low Profile
Exchange hacks, unlike bank robberies of old, don’t have the same characteristics that made them front-page news in the past. Despite their significant dollar amounts, public attention to these breaches may be limited. The majority of exchange hackers are not caught, leaving customers with little closure. There is rarely any physical evidence or real-world aftermath like traumatized bank tellers or perp walks.
Some hacks, however, have pleasant endings. A hacker stole $600 million from the cryptocurrency platform Poly Network in a strange, public occurrence. Instead of blaming the thief, Poly Network instead appealed to his better nature by calling him “Mr. White Hat,” which is a cybersecurity term for a researcher working to make things more secure. Poly Network thanked him for exposing a flaw in its code and asked for the money back. The hacker eventually relented and returned it all.
When big law enforcement organizations tackle a major cryptocurrency breach, they typically attempt to track down every lead, which is a time-consuming procedure that moves much slower than the offenders they’re pursuing.
Europol has been of an increase in data breaches, including those that involve hackers stealing digital assets. However, forming a strong case is a time-consuming and laborious process that doesn’t keep up with the rate of attacks.
“We have a slew of investigations in progress right now,” Georges added. “They take a long time to complete because we also want to dismantle the entire criminal network,” she continued. “These instances frequently crossover with one another.
“They might go on indefinitely,” she added. “These inquiries generally take a long time.”
