After the amazing rise of the bitcoin price at the end of 2017, mining and trading cryptocurrencies rapidly became one of the most important technology trends of the subsequent years.
Today, in the wake of the global coronavirus pandemic, Bitcoin has quadrupled its value. All cryptocurrencies seem to hold much value as a hedge against the inherent weaknesses of traditional currencies and inflation risk, even more so in the general atmosphere of instability that follows the shadow cast by the virus.
Trading Bitcoins and Ethereum may be profitable today but beware. A lot of cash started moving around cryptos, and when there's money, there are thieves trying to steal it.
Unsurprisingly enough, just in the first quarter of 2018, crypto-mining malware for businesses increased by a whopping 27 percent. An increase was even more pronounced for mobile users, who saw an increase in detection of up to 40 percent!
More recent numbers indicate most instances of cryptocrime is falling (from 2% of all cryptocurrencies being considered "illicit" in 2019 to .34% in 2020, according to Chainalysis.) The exception to that is ransomware, which saw a surge, aided it seems by lapses in security with decentralized workers forced to work from home due to the pandemic.
This sector has attracted a lot of unwanted attention by evildoers who found a goldmine in hacking transactions involving cryptocurrencies. (Read also: Debunking the Top 5 Blockchain Myths.)
Hacking Cryptos 101
From hacked apps to malicious Chrome extensions and cloned websites, how do hackers hack cryptos?
A popular tactic is to lure an unsuspecting victim to a cloned website that looks almost identical to the original one. They may use a Google or Facebook ad that ranks for the same name as the original service, or a slightly modified URL that points to a "trapped" version of the site. Once there, they may fool you into uploading your private info through a page that may look like one of the many perfectly legit payment gateways or an otherwise indistinguishable trading site.
Another frightening trick is to switch a legit URL you are copy-pasting to make a payment with a fake one through malicious software such as Cryptoshuffler. A whole army of other tricks including hacked Slack Bots and fake social media accounts are also in place to lure you into uploading your private key to a malicious URL.
Hackers have also devised some methods to steal additional money from people after the deed is done, such as demanding a ransom to delete traders' personal information. (Read also: How Cryptomining Malware is Dominating Cybersecurity.)
And if it's easier to fool less tech-savvy people by using old-school technologies such as phishing emails, even the most paranoid of us can be hacked when cybercriminals find a way to obtain our credentials through mobile SMS two-factor authentication (2FA) by duping mobile operators. Nobody is safe!
The Worst Cyberattacks
The amount of money in cryptocurrencies stolen from exchanges is incredible, amounting to a grand total of $760 million just in the first half of 2018. In 2020, the largest decentralized finance hack costed KuCoin $280 million, when in September the CEO Johnny Lyu confirmed a leak of several private keys. (Read also: The Top 5 Cyber Threats from 2020.)
Although hackers broke into the firm’s Bitcoin, Ethereum, and ERC-20 hot wallets, in just a few months the Singapore-based exchange was eventually able to recover 84% of the stolen cryptos. They were the lucky ones, though, as by the end of October, at least 75 centralized crypto exchanges were closed for many reasons, hacking included.
As large as these heists were, they pale in comparison to an attack in 2014 against Mt. Gox, the largest bitcoin exchange in the world at the time. They too were forced into bankruptcy after losing $850,000 bitcoins in a cyberattack. Even back then, the stolen loot was worth some $450 million.
Hacking cryptocurrencies even has some political implications. South Korea's spy agency, the National Intelligence Service, suspects that North Korean hackers may have been behind some of the attacks such as the one against the Coins exchange in September 2017. They alleged that the attacks against the South Korean exchanges may have occurred to evade the financial sanctions imposed as punishment for the North's development of nuclear weapons.
All this leads to a very important consideration. For newcomers in the world of cryptocurrencies, things like privacy settings and cold storage are aspects to consider, but most important is a bitcoin exchange and service provider.
With exchanges going under, making a wise decision on a provider is vital. A massive data breach in the summer of 2020 at French company Ledger culminated in over 270 000 bitcoin users having their names, emails and postal addresses posted online by hackers, a nightmare scenario for users who value privacy.
If you’re checking your balance and the bitcoin provider in question has been compromised, what should your reaction be? If you have concerns with your provider and how they’re managing your funds, you should consider changing right away.
Hacking Computers to Steal Mining Power
While crypto exchanges and mining companies try to withstand these constant barrages by hackers, the rest of us are under assault as well. Crypto mining requires a great deal of processing power due to the hash rate requirements of performing the required calculations to a bitcoin and other cryptocurrencies. This, of course, requires significant CAPEX to fund the necessary infrastructure. It also consumes a great deal of electricity. While bitcoin mining requires special high-end processors reserved for dedicated servers, some unscrupulous individuals have found ways to avoid investing their own money to mine for cryptocurrencies such as Monero, Zcash and Ethereum. Instead, they use the CPU power of unsuspecting users. While a single client device has nowhere near the capacity to mine cryptocurrency to any reasonable degree, the collective effort of millions of devices can. Hackers who control these zombie armies of miners are ringing in profits.
Malware hidden in Chrome extensions and hacked WordPress sites can be used by hackers to hijack other people's computers to "enslave" them (a trick called "cryptojacking"). Kaspersky Lab reported finding this type of malicious threat on 1.65 million computers scanned, and pointed to how hackers moved to mining different, more profitable crypto coins such as Monero and zCash. Illegal mining operations set up by insiders are also on the rise, as employees with high-level network privileges resort to stealing server power for mining purposes. Some attacks have been directed at stealing computing power even from public Wi-Fi such as that found in Starbucks.
Using Cryptocurrencies for Money Laundering
Cybercrime is a thriving industry, worth up to $1.5 trillion per year. Ransomware alone may be worth up to $1 billion. Just like any other criminal, cybercriminals can't deposit their ill-gotten gains into normal banks, let alone spend the huge amount of money they collect by breaking all kinds of international law.
And just like every other criminal out there, they need to resort to money laundering, except this time they do it with the digital counterpart of physical money: cryptocurrencies. (Read also: The Ability to Combat Ransomware Just Got a Lot Tougher.)
Crypto transactions are fully anonymous, and since they do not require any financial intermediaries like PayPal or banks, it's easy to imagine how simple it is for this money to fall through the cracks. Although more complicated than with traditional methods, money laundering through crypto coins is much more convenient and inexpensive since you don't need to pay the money required to establish a sham business.
This kind of laundering is done through "layering," i.e., moving money through the cryptosystem until the number of transactions makes it too complicated for an investigator to follow it anymore. The generalized lack of proper "know your customer" (KYC) regulations in cryptocurrency gambling sites also make the whole process even foggier and more confused, allowing criminals to clean their dirty money with almost no risks.
The feeling of impunity leads to things that regular people might find shocking: Since even traditional criminals acknowledge the potential of cryptos to launder their good ol' dollars, some hackers are now advertising their services to wash illicitly acquired crypto coins through Google AdWords.
How to Protect Your Assets
There are a few ways to avoid having one’s digital wallet stolen, both in terms of simple tricks to reduce your chances of being scammed, and promising defense technologies to prevent cryptocurrency hacks from occurring in the first place.
- First things first – although we previously stated that 2FA is not 100 percent safe anymore, there's no reason not to employ it at all times. It's much better to avoid 2FA via SMS, though, since it's a less secure form.
- Second, do not trust Slack Bots, and report all those who look suspicious. A good antivirus may be used to protect the Slack channel as well.
- Third, do not download any crypto add-on – like, ever. They're like those pesky, malware-ridden search tool extensions in Chrome that clogged people's computers a few years ago – just avoid them. Do not perform any crypto transaction while on public Wi-Fi, and, if possible, use a different PC or smartphone for crypto trading.
- Last, but not least, use a cold wallet to protect your digital address. Cold storage is not connected to the internet, reducing the exposure of your holdings. Your digital finances can be safely kept in custody inside external hard drives or memory cards which can be accessed later with the help of SD card readers.
Obviously, keeping one's eyes peeled at all times can't be enough. Users need some form of automated threat intelligence that prevents the worst from occurring, rather than just relying on their own wits. The vulnerability of many apps to web-based attacks was solved with the introduction of web application firewalls (WAF) to limit unwanted traffic.
This same concept has been applied to the blockchain world through the decentralized application firewall (DAF), a technology implemented by SafeBlocks Firewall to protect smart contracts from unauthorized transactions.
Similar to traditional firewalls, rules and limits can be set to allow or deny transactions based on certain attributes, such as the number of tokens per transaction or the time between each transaction. This new technology may represent an interesting step towards a more efficient, streamlined, and automated form of protection against blockchain threats. It may help dispel at least a portion of the general sense of insecurity commonly associated with this new technology.
More Addresses = More Security
According to Michael Perklin, president of Toronto bitcoin security firm Bitcoinsultants, the best practice for users is to have multiple addresses, even hundreds. Using only a select number of addresses or holding too many funds in one address are some of the biggest mistakes bitcoin users can make. The other reason for having so many addresses is privacy.
That's why it’s becoming an industry standard among bitcoin service providers. Most bitcoin software now supports this under the hood, without the user having to think too much about it.
"In practice, as you’re walking around the city and you buy a coffee here and a donut there, every single purchase means you need to create a brand new account," explains Perklin.
"This is done by design to protect your privacy because if I learned that you had address 1ABCDE, maybe because I owed you $5 so I’ve given you $5 to that address, at any point in the future, I can see how many funds you have in that account," Perklin said. "For privacy, it’s not ideal to stick with one bitcoin address because once someone learns that that address is yours, from that point on, they can track every purchase you make."
Examples of illegal activities that push the boundaries of what has traditionally been considered "crime" are abundant: Hidden hackers that steal Wi-Fi bandwidth to fuel their mining networks. Invisible malware downloaded to conjure real money from thin air by sucking computer power or stealing virtual coins. (Read also: Liberland: The Country on the Blockchain — An Inside Look).
Hacking cryptocurrencies depicts a truly dystopian scenario that lets us perceive how another unseen and interconnected world exists around and inside ours. An impressive virtual world whose darkness and intangibility really makes Cyberpunk 2077's cyberspace pale in comparison.