Various studies have revealed that the number of cryptocurrency crimes on the market is on the rise. Estimates show that the increase in hacking coincides with the crypto-market’s rapid growth along with increased use of cryptocurrencies. According to a document released by blockchain security firm CipherTrade, cryptocurrency hackers had stolen about $927 million from crypto-exchanges and related platforms as of Q3 of 2018. The report titled “Cryptocurrency Anti-Money Laundering 2018 Q3” reveals that cryptocurrency losses are 3.5 times higher than those of $266 million in 2017. The most popular large-scale attacks that dominated headlines in 2018 include the Japanese Coincheck hack, where $530 million worth of cryptos were stolen; Italy’s BitGrail hack of $195 million; Japan’s Zaif hack of $60 million; South Korea’s Coinrail hack of $40 million; and Bithumb’s hack of over $30 million.

The report also went ahead and indicated that even though larger hacks dominated headlines, smaller thefts were also increasing in number and occurring on a regular basis. For instance, a German-based couple, Marco and Peggy Lachmann-Anke realized that hackers had cracked their 40 character password and cleaned $14,000 worth of crypto-assets out of their digital wallet. Armin Fischer, a Vienna-based IT specialist, and crypto-enthusiast, also fell into the hands of cybercriminals where he lost a cumulative sum of $5,300 in Ether. Dave Appleton, a HelloGold blockchain developer, revealed that he lost about $3,000 in Ether tokens after falling for a fake token pre-sale. Michael Terpin, a long-time crypto-investor, said that he got robbed of $60,000 when hackers accessed his cellphone with stolen SIM card credentials and cleaned out his wallet.

Different Strategies Hackers use to Conduct Cryptocurrency Hacks

1.Crypto-Jacking

Crypto-jacking has become one of the most popular tools used by hackers to steal cryptocurrencies. Hackers use this strategy to hijack an individual’s or a business’ computing power without consent to mine cryptocurrency. They do this by introducing crypto-jacking malware into the user’s computer where mining takes place in the background and funds are sent to the hacker in control of the software. Computers infected with such malware tend to run much slower and often, victims are unaware of their existence as they are difficult to detect. As mining continues to increase, so does the power consumption which leaves the owner of the computer with a hefty and unwelcome power bill.

While crypto-jacking is relatively new, a recent CTA (Cyber Threat Alliance) report reveals a massive 459% increase in crypto-jacking rates this year. Furthermore, McAfee Labs released a September 2018 report stating that the number of crypto-jacking malware has grown from 400,000 in 2017 to about 2.9 million in Q1 of 2018. The trend has continued into Q2 as total samples in circulation rose by 86% with more than 2.5 million new samples discovered. According to the McAfee report, the increase in the value of cryptocurrencies is directly tied to the rise of crypto-jacking efforts.

Crypto-jacking malware targets specific groups rather than a broad spectrum of victims. For instance, a particular malware was purely designed to target gamers on a Russian forum where it was posted as a ‘mod’ to enhance gameplay. While PCs were the primary targets for hackers, other devices such as Android phones in China and South Korea were exploited by the ADB.Miner malware into mining Monero cryptocurrency for the hackers.

2. Ransomware

While this strategy is on the decline, steadily being replaced by crypto-jacking, there are still several instances where hackers have utilized this strategy to acquire crypto-assets. Ransomware is specifically designed to infiltrate a computer(s) and deny its owner(s) access to data contained within. The malware makes it difficult to regain entry to all files within the computer by encrypting them. The hackers then demand money or anything valuable (like Bitcoin) in return for them to free the data locked within the encrypted files. A 2017 IOCTA (Internet Organized Crime Threat Assessment) report revealed that ransomware attacks were prevalent in the first half of 2017 reaching levels previously unseen.

The most notable 2017 ransomware attack related to Bitcoin was the WannaCry attack. The malware was first reported in May 2017 and quickly spread worldwide in a matter of weeks. The hackers demanded to be paid between $300-$600 in Bitcoin per computer to get rid of the malware. It’s estimated that they collected BTC ransoms amounting to $214,000.

Other Popular Ways Hackers used to Steal Cryptocurrencies

Other than the above two popular ways of stealing cryptocurrencies, hackers have access to a plethora of other tools that they can leverage. These include:

  • Site Clones and Phishing Techniques
  • Phone Porting/SIM Swap
  • Copy-Paste Exploits
  • Identity Theft – compromising a user’s credentials

Cryptocurrency Hacker Groups

About five major hacker attacks that took place in 2017 and 2018 were linked to North Korea’s Lazarus hacker group. They stole $534 million in cryptocurrency from Coincheck. Other cryptocurrency exchanges that suffered from their attacks include Bithumb, Yapizon, and Coinis. Group IB CTO, Dmitry Volkov, predicted that several infamous hacker groups such as Silence, MoneyTaker, and Cobalt were the most likely hacker groups to attack crypto-exchanges in the future.

Tips on Protecting Your Crypto-Assets

Cryptocurrencies are unique assets that once lost or stolen, are challenging (if not impossible) to recover. Therefore, it’s essential that you implement these practices below to ensure that you don’t get hacked and that your assets remain protected at all times. They include:

  • Storing cryptocurrencies offline in cold wallets – hardware and paper wallets.
  • Locking hardware or paper wallets in a safe place away from prying eyes when not in use.
  • Storing private keys offline in safe places such as a bank safe-deposit box or a secure offsite location away from your crypto-wallet.
  • Limiting crypto-funds held in crypto-exchanges to only amounts needed for trading and exchanging only.
  • Mitigating losses by implementing multiple passphrases on hardware wallets to hide primary wallet balances.
  • Implementing a multi-factor authentication and multi-signature approach for funds held in wallets.
  • Double-checking the wallet address before pasting it.

Conclusion

While cryptocurrency theft activities are on the rise, the tools and knowledge needed to track thieves and discourage theft are also on the rise. Until robust approaches are developed, it’s important to implement proper safe-guarding techniques which can significantly reduce the chances of loss. One such technique is investing in a secure multi-asset blockchain wallet. Feel free to check out our advanced and secure blockchains.my (BCMY.io) digital wallet app for more information.