Cybersecurity companies like Kaspersky and Carbon black have discovered that over the past year, there have been breaches in storage and exchanges and about $1.1 billion worth of digital money was stolen, as per CNBC and Kaspersky Lab’s reports.
United States was termed to be the most vulnerable country in terms of these incidents with over 24 incidents of attempts of theft, China ranks second with 10 and barely lagging behind on the third is United Kingdom with 8 attempts of theft.
The companies found out that the hackers usually attack lesser known currencies, or prefer currencies other than Bitcoin because others are a bit harder to trace compared to Bitcoin. Although in the year 2014, a Tokyo based Bitcoin exchange Mt. Gox, which was reputed to be one of the largest Bitcoin exchange faced a grave loss by a hacking incident that cost them 750,000 of the users’ Bitcoins and 100,000 of the exchange’s own. However, this year, the hackers tried avoiding any trace and targeted lesser known currencies.
Kaspersky Lab found out that the hackers succeeded to steal $10 million worth of Ethereum (ETH) through simple social engineering schemes. According to the Lab’s experts, since the start of 2018, these criminals have triggered over a hundred thousand security alarms that indicate attacks on cryptocurrency. Most of these thefts were made by the use of social engineering scams. Some of these scams involved fake Twitter offers, where the scammers portrayed their link with the initial coin offerings (ICO) and tricked money out of the cyber wallets of people who were specifically interested in that ICO. Other scams included cryptocurrency giveaways, where the criminals promised public with a large amount of money in the form of a giveaway in return for a small amount at that time. One of the lead experts from Kaspersky stated that the phishing ways are continuously evolving and it is almost impossible to stop or provide easy protection against them. Lead web content analyst of Kaspersky Lab, Nadezhda Demidova said in a press release;
The success criminals have enjoyed suggests that they know how to exploit the human factor, which has always been one of the weakest links in cybersecurity, to capitalize on user behaviors.
The alarming point of this situation, according to Carbon Black’s security strategist, Rick McElroy, is that now a days, cyber crime like ransom ware does not need any kind of technical skill set to perform. The phishing techniques today are rather simple that just need a level of intellect to be carried on. So, it is more or less in anyone’s hand now. He also explained that the hackers use Dark web to carry out such operations where there are market places with multiple offerings for crypto theft for hackers to choose from. The downside of such market places in the dark web is because it offers high levels of anonymity and the transactions are almost untraceable.
The reason might also be lack of jobs and unemployed engineers looking to make some money since it is not only restricted to highly trained cartels now. There are thousands of places that teach coding but the ratio of jobs is comparatively negligible which motivate hackers to perform these activities.
Digital currency does not have many banks or third party insurances making it much more unsafe to keep on cloud wallets. People tend to keep cryptocurrency on mobile wallet services that are frequently targeted by hackers. Attacks that happened throughout the year were mostly inclined towards exchanges. According to the statistics, 27 percent of the attacks were made on exchanges. One of the most popular cyber attack was made on Mt.Gox in 2014.
Another cyber attack shook Japan this January when the hackers broke into an exchange called Coincheck and stole a lesser known cryptocurrency NEM. According to Coincheck’s statement, hackers took a total of what equals to be $530 million. This massive cryptocurrency attack caused Coincheck to freeze any withdrawals and deposits other than Bitcoin. The humongous loss of digital currency shook exchange’s roots as they couldn’t fully manage to reimburse the stolen money to clients. However, according to company’s chief operating officer Yusuke Otsuka, they know where the money went, and as soon as the money is traced they might even be able to get it back. According to exchange, the money was kept in a hot wallet, that is part of the exchange connected to the internet, on the other hand, cold wallets are safer as they secure money offline. Loss faced by the exchange, NEM fell 11% over a 24-hour period to 87 cents. Among other crypto-currencies, Bitcoin dropped to 3.4% and Ripple retreated to 9.9%, according to prices seen by the agency.
A bit behind exchanges, corporations were the second most attacked group making up to 21% of those hacks. Mostly, hackers break into the internal system of companies and demand ransom in the form of cryptocurrency. However, Bitcoin and Ethereum weren’t the top choices of the hackers as they made up to be 10% and 11% of the total targeted cryptocurrencies. They preferred Monero and it made it to be 44% of the attacks because of its privacy and it is difficult to trace than Bitcoin and Ethereum. According to Carbon black, this currency also has a low transaction fee.
As for the security of cryptocurrency, the cryptobank culture isn’t yet implemented and there aren’t any third party insurances for digital currency. It is advised by the experts to watch out for the phishing techniques being used and any unauthorized offers made on the social media platform. Apart from that, some hardware and paper wallets provide much more security. Cold storage is also a better idea to store whatever the currency you want to keep.