A new report by CipherTrace says that hackers and other cybercriminals stole about $1.7 billion worth of Bitcoin and other cryptocurrencies in 2018. The Menlo Park-based blockchain forensic analysis firm says this number represents a fivefold increase from 2017’s figures.
Cryptocurrency Crime Increasing Despite Bear Market
In a new document titled “Cryptocurrency Anti-Money Laundering Report, 2018 Q4,” CipherTrace revealed that “bad actors” successfully stole $1.7 billion in cryptocurrencies from hacks and other elaborate scams. Out of this number, about $950 million came from cyberattacks on Bitcoin exchanges.
The remainder came from ICO exit scams, Ponzi schemes, mobile phone sim swaps, etc. Researchers at CipherTrace say these exit scams cost investors $750 million in 2018.
Back in August 2018, data from blockchain analytics firm, Diar, revealed that five ICOs stole close to $100 million from unsuspecting investors.
According to the report, cryptocurrency theft in 2018 increased by more than 400 percent. This surge occurred despite a year-long bear market for virtual currencies with prices falling by over 80 percent.
The document also revealed the emergence of a new cyberthreat to the industry. This new wave of bad actors, according to the report comes from people working within firms in the market looking to exploit investors.
Commenting on the matter, Dave Jevans, the company CEO, said:
“Cryptocurrency criminal activity continues to evolve and accelerate. Fortunately, pending global legislation will hamstring many criminals, global gangs, and terrorist groups by greatly reducing their opportunities to launder.”
While cybercriminals may have increased their loot in 2018, CipherTrace says they will need to successfully launder their ill-gotten gains before newly enacted anti-money laundering (AML) regulations come into effect. An excerpt from the report reads:
“Whether it’s theft by hackers or inside jobs like exit scams, criminals must launder all of these ill-gotten gains before they can spend those funds in the real economy. In addition, global gangs, terrorist groups, and cybercriminals must hide their money trails. These bad actors are clearly flocking to jurisdictions with weak AML and Know Your Customer (KYC) regimes, because in our Q3 report we published the results of research showing 97% of criminal bitcoin flows into unregulated cryptocurrency exchanges.”
Asian Bitcoin Arena Mostly Affected
Concerning cryptocurrency exchange hacks, the report revealed that platforms in Japan and South Korea suffered the most. Indeed, 2018 began with the over $500 million hack of Tokyo-based Coincheck.
In response, places like South Korea and Japan have tried to firm up regulations to prevent such attacks. Apart from several policies enacted by Japan’s Financial Services Agency (FSA), regulators also gave green light from self-regulation.
Outside Japan and South Korea, investors in Vietnam also lost about $35 million to the Sky Mining scam.
Exchange Hacks Might be a Centralized Affair
In a related development, another new report, this time by Chainalysis revealed that most of cryptocurrency exchange hacks were the work of two syndicates. According to Chainalysis, two groups dubbed “Alpha” and “Beta” were responsible for more than 60 percent of all attacks against Bitcoin exchanges.
Going by the report, it appears that crypto cybercrimes, at the least the ones targeted at exchange platforms might be the work of centralized syndicates. The report also alleged that both groups have different motives for their attacks.
The Beta group is reportedly interested in getting rich from their loot. However, the Alpha group could have far more sinister motivations for their actions.
Meanwhile, 2019 which is barely a month old has already registered its first cryptocurrency exchange hack. This time, New Zealand-based Cryptopia is the victim. According to reports, hackers stole more than $16 million in Ethereum tokens from the platform.
A recent report by blockchain analysis firm, Elementus, the group responsible for the Cryptopia hack resumed their attack after a two-week dormancy period. The firm believes that Cryptopia no longer has access to its wallets meaning that the hackers can continue to siphon funds.