Hackers Are Phishing For Crypto Investors’ Money

Higher cybersecurity standards in the cryptocurrency field will require companies to tighten up their cyber defenses

Yair Geva and Ofer Toledano 19:4706.02.18

TAGS:

The large-scale, frequency and rapidity with which new technology projects are established in the Initial Coin Offerings (ICOs) market have drawn the attention of hackers.

For daily updates, subscribe to our newsletter by clicking here.

The total amount of funds raised via ICOs worldwide in 2017 surpassed $4 billion and the number of ICO projects significantly increased to several hundreds.

Cryptocurrency (illustration). Photo: CryptoCoinsNews

More than 10% (roughly $400 million) of ICO proceeds are lost or stolen as a result of cyberattacks, according to a report by accounting company Ernst & Young Global Ltd. (EY) which highlights the various risks of investing in ICO projects online. Some of the reasons why cryptocurrency funds are more attractive to hackers: blockchain transactions are almost irreversible, the absence of a centralized authority, and the partial anonymity of transactions.

Both investors and ICO projects are exposed to far-reaching cyberattacks. This is, inter alia, due to the fact that while the project founders are focusing on attracting prospective investors, the project cybersecurity is frequently not prioritized. The most prevalent type of cyberattacks on ICOs according to EY include a distributed denial of service (DDoS), phishing, website hacking, and hacking of exchanges and investors’ crypto-wallets.

Phishing—a common cyberattack designed to trick users into clicking on malicious links—was the most extensively used hacking technique for ICOs, with hackers stealing up to $1.5 million from ICO proceeds per month, according to EY. In addition to losing cryptocurrency funds, further indirect losses were incurred by these cyberattacks, for instance when investors’ personal data was stolen, and as a result of the damage to the ICO project reputation.

Cryptocurrency exchanges around the world, most of which operate with little to no regulation, have suffered a spate of hacks and outages lately. The theft of more than $530 million worth (at that time) of XEM – the native cryptocurrency of NEM's blockchain platform – from the Japanese cryptocurrency exchange last month, is one of several examples. In this specific hack, the hackers were able to get hold of the private key for an internet-connected money storage system so-called a "hot wallet," where NEM tokens were stored, enabling them to steal the cryptocurrency funds.

The theft of the NEM tokens represents the largest cryptocurrency theft since the collapse of online Bitcoin exchange Mt. Gox in February 2014. In Mt. Gox, nearly 850,000 Bitcoins, worth approximately $450 million at the time were stolen from the exchange by hackers. Similarly, in December, a popular South Korean Bitcoin exchange called Youbit suffered a large-scale cyberattack that led to the theft of almost 20 percent of its total assets.

Cryptojacking—a process by which a PC or a smartphone is hacked to remotely mine cryptocurrencies, usually without the owner's awareness—is now a major problem. The process uses a large amount of the victim's CPU or GPU power and existing resources, and can extremely slow down the device. A research team from Israel-based cybersecurity company Check Point Software Technologies Ltd. has recently published a report concerning a sheer rise in the prevalence of crypto-mining malware, indicating that 55% of organizations globally are affected by this type of cryptojacking.

Last month, a case of cryptojacking was even discovered on the popular digital video website YouTube. Anonymous hackers managed to place malicious advertisements on YouTube which used users' CPU power and electricity in order to mine cryptocurrencies (such as Monero).

These recent incidents should serve as a crucial and expensive reminder that like numerous areas in the cryptocurrency sphere, cybersecurity technologies as well as industry standards, best practices and regulation for using them are still evolving and emerging. But more importantly, these events should emphasize the importance and necessity of adequate cybersecurity measures.