Crypto Exchange Hacks on the Rise
Exchanges are a juicy target for hackers, with a successful attack potentially taking in millions.
Hackers are getting more sophisticated, breaching a greater number of crypto exchanges in 2019 compared to the previous year.
Chainalysis has published an initial overview of its 2020 Crypto Crime report. It indicates that exchange attackers are becoming more sophisticated and carrying out more hacks compared to 2018. However, the total value of funds stolen in 2019 decreased compared to the previous year.
Exchange Breaches on the Rise
The overall verdict of the 2019 Chainalysis report can be considered mixed for cryptocurrency exchange users. While it appears to be good news that the value of funds stolen in 2019 is down, it’s also worth bearing in mind that a single exchange hit hard by one attack can skew the total for the year. This was the case in 2018, when attackers made off with $534 million from Coincheck in a single heist, and similarly in 2014 when Mt.Gox lost $473 million.
In contrast, the biggest single attack in 2019 was on Coinbene, when hackers drained $105 million worth of various ERC-20 tokens from the exchange’s hot wallet in March. At the time, the exchange denied it had been hacked, but later admitted what had happened.
Hot wallet attacks also accounted for the next two biggest exchange hacks of 2019. Malicious actors stole $49 million from South Korean exchange Upbit in November and $40 million from Binance in May. In all three cases, the exchanges covered the losses suffered by their users.
In total, the funds stolen in 2019 amounted to $283m compared with $875m in 2018. However, the total number of attacks was up to 11 in 2019, compared with just 6 in 2018.
Hackers Upping Their Game
The Chainalysis report attributes the decrease in stolen funds to better security measures on the part of cryptocurrency exchanges. These include improved monitoring, reducing the value of funds kept in hot wallets that are more prone to hacking, and tighter withdrawal authorizations.
Despite this improvement, the report also points to how hackers have stepped up their efforts, using the North Korean cybercrime syndicate Lazarus Group as an illustrative example.
In one particularly elaborate phishing scam, the group created a fake company purporting to offer a trading bot, with a website and social media presence to make the hoax appear more convincing. The group also built a software product designed to mimic an actual trading bot, but that contained malware.
Once they successfully convinced employees from Singaporean exchange Dragonex to install the software on a machine holding the exchange’s private keys, they were able to make off with over $7 million worth of cryptocurrency.
Governments and the UN allege that these kinds of attacks by Lazarus Group are a source of funding for North Korea’s nuclear and ballistic missile program. As a result, crypto users have been advised not to attend an upcoming cryptocurrency event in Pyongyang, or they risk breaching sanctions.