The cryptocurrency industry has witnessed a surge in cyberattacks and hacks since 2023, prompting concerns and discussions among both beginners and seasoned cryptocurrency enthusiasts. The most common types of cryptocurrency fraud are phishing scams, Ponzi schemes, fake ICOs, and fake investment opportunities. These attacks often target exchanges and wallets, which are the most vulnerable points in the cryptocurrency ecosystem.
In this article, we delve into the reasons behind the increasing attraction of hackers to the cryptocurrency sector, summarize the key attacks and exploits during each quarter of 2023, explore common security vulnerabilities, assign accountability, and provide actionable insights to protect oneself.
What causes cyber fraud in crypto?
The cryptocurrency industry is vulnerable to cyber fraud because of its decentralized and independent nature, which makes it affordable and free of cost. Cybercriminals can hack cryptocurrency trading platforms and steal funds, and cryptocurrency is already the most popular form of exchange in ransomware attacks. The lack of regulations in the industry also makes it easier for cybercriminals to operate, and the decentralization of cryptocurrencies is a great opportunity for them.
The rise in cryptocurrency prices has made the industry more attractive to hackers as they can potentially steal larger sums of money. However, the decrease in inflows to illicit addresses shows that the efforts of both the private and public sectors are paying off, and law enforcement pressure appears to dampen criminal activity to some extent.
2023 Crypto Hack Record
The crypto industry is vast and complex, with new developments and hacks occurring daily. While smaller incidents may not have a significant impact on the market, high-profile cases can cause panic and have long-term consequences for the entire industry.
For example, the collapse of the crypto exchange FTX and other major players last year badly scarred the global cryptocurrency market, causing a drop in prices, volumes, and venture capital. Similarly, the vulnerability of crypto bridges, which link blockchain networks, has made them a major target for cybercriminals, resulting in a loss of approximately $1.4 billion this year alone.
Decentralized finance (DeFi) protocols have also become a primary target for crypto hackers, with $997m in cryptocurrency stolen from DeFi projects this year. These incidents can lead to a loss of trust among users and investors, which can have long-term consequences for the industry.
In 2023, several major hacks occurred on cryptocurrency exchanges as follows:
- Bitpoint exchange was hacked for $70 million (February/23)
- Ethereum (ETH) blockchain-related hacks led to losses of $221 million for Q1.
- BNB Chain had 139 hacks for over $300 million for Q1.
- Binance was hacked for $100 million on Oct 7, 2023 (April/23)
- The Euler Finance attack led to losses of over $195 million (May/23)
- The Coinbase exchange was hacked for $150 million (June/23)
- Atomic Wallet hack >$100m (June/23)
- Multichain exploit over $135 million (July/23)
- Zunami Protocol Attack $2.1 million (August/23)
- Exactly protocol attack $7.6 million (August/23)
- Pepe withdrawal event $16 million (August/23)
Q4 (so far):
- CoinW was hacked for over $55 million by the North Korean hacker group Lazarus, according to blockchain security firm SlowMist and on-chain investigator ZachXBT (October/23)
- HTX Global was hacked for $7.9 million in Ethereum (October/23)
It is worth noting that according to CertiK, a security-focused ranking platform of blockchain protocols and DeFi projects, the amount lost to crypto hacks and exploits in Q1 2023 was significantly lower than in the first and fourth quarters of 2022, when hackers took around $1.3 billion and $950 million, respectively. However, the problem of cybersecurity in the cryptocurrency industry persists, with hackers continuing to target exchanges and platforms.
Is it possible to get your money back?
As practice shows, after powerful hacker attacks, crypto exchanges often use three methods to compensate for affected users:
- Rolling back the blockchain to the previous state or freezing transactions (this is what Bitstamp, Ethereum, and Bancor did (but it contradicts the principle of blockchain irreversibility).
- Compensation for damages at the expense of other users (Poloniex chose this way).
- Repayment by exchange from its own profits or by issuing exchange tokens (this is what Bitfinex did and what Coinrail is trying to do).
Thus, sustainable large exchanges interested in continuing to operate will offer new and novel ways to compensate for the lost funds. This is good news for the cryptocurrency industry. Obviously, the days of exchange owners trying to hide the details of theft from the community and hiding themselves are things of the past.
- Gaining access to accounts and closed functionality by hacking into the founders' accounts, using malware from the banking attack arsenal;
- Attacking the exchange infrastructure itself by hacking the web application that connects the customer to his money on the exchange servers, or by attacking so-called hot wallets.
Consequently, the protection of digital assets can be achieved through the joint efforts of users and cryptocurrency exchanges that circulate cryptocurrencies.
How can we protect ourselves from cyber fraud in crypto?
Loud cryptocurrency platform hacks can harm ordinary users and such incidents have occurred. However, most cryptocurrency crimes are small and aimed at individual users. Therefore, it is important for users to implement their own security measures. By following best practices, such as only dealing with legitimate businesses, ignoring promises of guaranteed profits, protecting your wallet, using multiple wallets, using a secure Internet connection, regularly changing passwords, avoiding phishing links, using a cold wallet, and reporting suspicious activity, users can help protect themselves from cryptocurrency fraud. It is important to remain vigilant and take steps to protect assets in the cryptocurrency world.
- Only deal with legitimate businesses: No legitimate business is going to demand that you send cryptocurrency in advance, not buy something, and not protect your money. That’s always a scam.
- Ignore promises of guaranteed profits: do not trust people who promise you can quickly and easily make money in the crypto markets.
- Do your own research: Before you invest in crypto, search online for the name of the company or person and the cryptocurrency name, plus words like “review,” “scam,” or “complaint.” See what others say.
- Protecting your wallet: To invest in cryptocurrency, you need a wallet with private keys. If a firm asks you to share keys to participate in an investment opportunity, it is highly likely to be a scam. Keep your wallet keys private.
- Using multiple wallets can help spread risk and protect assets.
- Use a secure Internet connection: Make sure you are using a secure Internet connection when accessing your cryptocurrency accounts.
- Regularly changing passwords: Changing passwords regularly can help prevent unauthorized access to accounts.
- Avoid phishing links: Be wary of phishing scams where attackers try to click on a link that takes you to a fake website designed to steal your login credentials.
- Use of a cold wallet: A cold wallet is a type of cryptocurrency wallet that stores private keys offline, making it less vulnerable to hacking.
- Report suspicious activity: If you notice any signs of a scam, do not click on any links, dial a phone number, contact them in any way, or send them money: report fraud and other suspicious activities involving cryptocurrencies to relevant authorities.
Attacks on cryptocurrency exchanges, wallets, and online trading platforms have become more frequent. Technical support specialists on all platforms are constantly working on strengthening security, using the latest technological solutions to counter hacker attacks.
Today, most experts in the crypto market strongly recommend that each participant remain calm, and not panic, even if there is a news report that your exchange has become the object of another hacker attack. Try to calmly analyze and correctly assess the situation before removing crypto assets. Remember that there is a very high probability of their further growth and even reaching new highs after the experienced temporary fall, and thus, you will be able to avoid unreasonable losses.