After the amazing rise of the bitcoin price at the end of 2017, mining and trading cryptocurrencies rapidly became one of the most important technology trends of 2018. A lot of cash started moving around cryptos, and when there's money, there are thieves trying to steal it. Unsurprisingly enough, just in the first quarter of 2018, cryptomining malware for businesses increased by a whopping 27 percent. An increase which was even more pronounced for mobile users, who saw an increase in detection of up to 40 percent!
Trading bitcoins and Ethereum may be profitable today, but beware. This sector has attracted a lot of unwanted attention by evildoers who found a goldmine in hacking transactions involving cryptocurrencies. (Learn more in Hacking Activities Increase Along with Cryptocurrency Pricing.)
Hacking Cryptos 101
From hacked apps, to malicious Chrome extensions and cloned websites, how do hackers hack cryptos? A terribly misleading tactic is to lure an unsuspecting victim to a cloned website which looks almost identical to the original one. They may use a Google or Facebook ad that ranks for the same name as the original service, or a slightly modified URL that points to a "trapped" version of the site. Once there, they may fool you into uploading your private info through a page which may look like one of the many perfectly legit payment gateways or an otherwise indistinguishable trading site.
Another frightening trick is to switch a legit URL you are copy-pasting to make a payment with a fake one through malicious software such as Cryptoshuffler. A whole army of other tricks including hacked Slack Bots and fake social media accounts are also in place to lure you into uploading your private key to an ill-natured URL. Hackers have also devised some methods to steal additional money from people after the deed is done, such as demanding a ransom to delete traders' personal information. And if it's easier to fool less tech-savvy people by using old-school technologies such as phishing emails, even the most paranoid of us can be hacked when cybercriminals find a way to obtain our credentials through mobile SMS two-factor authentication (2FA) by duping mobile operators. Nobody is safe!
The Worst Cyberattacks
The amount of money in cryptocurrencies stolen from exchanges is incredible, amounting to a grand total of $760 million just in the first half of 2018. The most recent cryptocurrency hack in 2018 was the attack on South Korea's Bithumb exchange, that allowed cybercriminals to loot $31.5 million worth of digital tokens in June. Hackers exploited the vulnerabilities of Bithumb's hot wallet, a much less secure storage system than a cold wallet. This attack was nothing compared to the ones performed in January against the Japanese exchange Coincheck which cost them $534 million worth of NEM coins, or the hacking of the Italian exchange BitGrail where $195 million in nano tokens were stolen.
Hacking cryptocurrencies even has some political implications. South Korea's spy agency, the National Intelligence Service, suspects that North Korean hackers may have been behind some of the attacks such as the one against the Coinis exchange in September 2017. They alleged that the attacks against the South Korean exchanges may have occurred to evade the financial sanctions imposed as punishment for the North's development of nuclear weapons.
Hacking Computers to Steal Mining Power
Mining cryptocurrencies requires vast amounts of computing capacity to verify the transaction record and decode the block hash to obtain coins. Malware hidden in Chrome extensions and hacked WordPress sites can be used by hackers to hijack other people's computers to "enslave" them (a trick called "cryptojacking"). Kaspersky Lab reported finding this type of malicious threat on 1.65 million computers scanned, and pointed to how hackers moved to mining different, more profitable cryptocoins such as Monero and zCash.
Illegal mining operations set up by insiders are also on the rise, as employees with high-level network privileges resort to stealing server power for mining purposes. Some attacks have been directed at stealing computing power even from public Wi-Fi such as that found in Starbucks.
Using Cryptocurrencies for Money Laundering
Cybercrime is a thriving industry, worth up to $1.5 trillion per year. Ransomware alone may be worth up to $1 billion. Just like any other criminal, cybercriminals can't deposit their ill-gotten gains into normal banks, let alone spend the huge amount of money they collect by breaking all kinds of international law. And just like every other criminal out there, they need to resort to money laundering, except this time they do it with the digital counterpart of physical money: cryptocurrencies. (For more on ransomware, see The Ability to Combat Ransomware Just Got a Lot Tougher.)
Crypto transactions are fully anonymous, and since they do not require any financial intermediaries such as PayPal or banks, it's easy to imagine how simple it is for this money to fall through the cracks. Although more complicated than with traditional methods, money laundering through cryptocoins is much more convenient and inexpensive since you don't need to pay the money required to establish a sham business. Laundering is done through "layering," i.e., moving money through the crypto system until the number of transactions makes it too complicated for an investigator to follow it anymore. The generalized lack of proper "know your customer" (KYC) regulations in cryptocurrency gambling sites also makes the whole process even more foggy and confused, allowing criminals to clean their dirty money with almost no risks.
Not-so-fun fact: Since even traditional criminals acknowledge the potential of cryptos to launder their good ol' dollars, some hackers are now advertising their services to wash illicitly acquired cryptocoins through Google AdWords. This speaks volumes of the feeling of impunity they are currently enjoying.
How to Protect Your Assets
There are a few ways to avoid having one’s digital wallet stolen, both in terms of simple tricks to reduce your chances of being scammed, and promising defense technologies to prevent cryptocurrency hacks from occurring in the first place. First things first – although we previously stated that 2FA is not 100 percent safe anymore, there's no reason not to employ it at all times. It's much better to avoid 2FA via SMS, though, since it's the less secure form. Second, do not trust Slack Bots, and report all those who look suspicious. A good antivirus may be used to protect the Slack channel as well. Third, do not download any crypto add-on – like, ever. They're like those pesky, malware-ridden search tool extensions in Chrome that clogged people's computers a few years ago – just avoid them. Do not perform any crypto transaction while on public Wi-Fi, and, if possible, use a different PC or smartphone for crypto trading. Last, but not least, use a cold wallet to protect your digital address. Cold storage is not connected to the internet, reducing the exposure of your holdings. Your digital finances can be safely kept in custody inside external hard drives or memory cards which can be accessed later with the help of SD card readers.
Obviously, keeping one's eyes peeled at all times can't be enough. Users need some form of automated threat intelligence that prevents the worst from occurring, rather than just relying on their own wits. The vulnerability of many apps to web-based attacks was solved with the introduction of web application firewalls (WAF) to limit unwanted traffic. This same concept has been applied to the blockchain world through the decentralized application firewall (DAF), a technology implemented by SafeBlocks Firewall to protect smart contracts from unauthorized transactions. Similarly to traditional firewalls, rules and limits can be set to allow or deny transactions based on certain attributes, such as the number of tokens per transaction or the time between each transaction. This new technology may represent an interesting step towards a more efficient, streamlined and automated form of protection against blockchain threats. It may help dispel at least a portion of the general sense of insecurity commonly associated with this new technology.
Hidden hackers that steal Wi-Fi bandwidth to fuel their mining networks. Invisible malware downloaded to conjure real money from thin air by sucking computer power or stealing virtual coins.
Hacking cryptocurrencies depicts a truly dystopian scenario that lets us perceive how another unseen and interconnected world exists around and inside ours. An impressive virtual world whose darkness and intangibility really makes the cyberspace we used to imagine back in the '80s Cyberpunk pale in comparison.