Posts

The dark side of crypto

avatar of @lbi-token
25
LeoBacked Investments - LBI
@lbi-token
·
·
0 views
·
10 min read

Authored by: @hetty-rowan


Don´t panic!

Let's take a look at the dark side of crypto today. As everyone knows, crypto in itself is relatively safe if you handle your private keys well, but also take your online privacy and security seriously. Those are things you really need to think about. But it's not always that easy...and certainly not now that one of the most famous hacker groups “Lazarus” has also turned their sights on crypto.

At the end of 2020, the digital skimming technique “Magecard” came to light. This is a technique whereby credit card details are stolen. This turned out to be installed at a growing number of online stores. And soon, a closer investigation revealed that malware had also been put into circulation that could be used to steal cryptocurrency. A combination of “Magecard” and a modified version of Javascript Sniffers (JS Sniffers) was used for this.

JS Sniffers are malicious JavaScript codings that makes it possible to steal payment information from e-commerce companies. By using these sniffers the link was also made between Lazarus and these things. Using this technology to steal cryptocurrency is new. So Lazarus now seems to be experimenting with the possibilities of using these sniffers for the theft of cryptocurrency.

Kind of TEST Runs

Only a small amount was taken: 9000 USD in ETH and 8400 USD in Bitcoin. This is all the more indicative that the attack was a kind of test run. The security experts managed to track the cryptocurrency to a number of wallets connected to crypto exchange CoinPayments. Lazarus may have used this exchange site to funnel and launder cryptocurrency.

Now it is not the case that everyone who owns cryptocurrency themselves should be extremely afraid of this. But it IS always good to be aware of the potential dangers that sometimes appear from unexpected quarters.

In 2017, the first attacks take place in which cryptocurrency is looted. The malware used in this attack has many similarities with that of the WannaCry attacks and the attack on Sony. The hackers exploited vulnerabilities in Hancom's Hangul, a Word processing software that is widely used in South Korea.

There was also an attack with spear phishing emails. South Korean owners of Bitcoin and Monero (XMR) were targeted, mostly Coinlink users. Students in particular were approached by means of e-mails that stole login details after opening this e-mail. However, Coinlink has said that nothing has been stolen.

Other attacks on users of South Korean exchanges Bithumb and Youbit were more successful. On Bithumb they looted USD 7 million worth of cryptocurrencies. Youbit had to file for bankruptcy after 17% of the assets on the platform were stolen. At Nicehash, a mining marketplace, 4500 Bitcoin was stolen.

This can all be seen as 'undesirable adoption of cryptocurrency', and certainly does not contribute to the general image that is being propagated. Unfortunately, we don't have much to say about this and it can be seen as the Dark Side of Cryptocurrency.

Prepare yourself!

But what should you pay attention to most? What should you be most concerned about? Besides the fact that you always have to be careful with your keys and your online privacy, it is also important to take a good look at the Exchanges. Because many have already become targets of Hackers. And one handles it differently than the other.

Which exchanges have already been hacked

Over the years, there have been several attacks on Bitcoin reserves from major exchanges. Hackers from all over the world are targeting the large sums of money that the exchanges hold.

It is estimated, that the cost of all hacks and fraud, amounts to about 15-20 billion US dollars. The techniques hackers use range from phishing, identity fraud to exploiting bugs in the code.

The gigantic amount is formed because most of the stolen funds consisted of Bitcoin and other cryptocurrencies. Since the exponential growth of these cryptocurrencies, the value of the amounts of these hacks has also increased significantly.

The total number of crypto exchanges that have been hacked is estimated to be about 200 exchanges. This list just keeps growing, especially with the advent of DeFi, where anyone can now copy the open-source code of a decentralized exchange.

When we look at the top 15 largest exchanges by volume, we notice that 8 out of 15 have been victims of hacks. In addition to losing serious money, these exchanges have lost the trust of their customers. Some have come on top of this loss, others have been less fortunate.

Today we look at exchanges that still have a place in the top 15 crypto exchanges

Top 15 Exchanges (Volume)

  • 1.) Binance
  • 2.) Coinbase
  • 3.) Huobi
  • 4.) Kraken
  • 5.) KuCoin
  • 6.) Bitfinex
  • 7.) Binance.US
  • 8.) bithumb
  • 9.) gate.io
  • 10.) Bitstamp
  • 11.) Gemini
  • 12.) Coinone
  • 13.) BitFlyer
  • 14.) Poloniex
  • 15.) Bittrex

Binance

Binance experienced a hack in 2019 in which 7,000 Bitcoins were stolen. At the time, it was worth $60.5 million. The hackers could log in via API keys, 2FA codes and other user information. Binance has refunded all users' losses and tightened its security measures.

KuCoin

KuCoin, which is located in Singapore and ranks fifth among most used exchanges, fell victim to a cyber attack on September 2020. The cyber criminals managed to access KuCoin's hot wallets via private keys. This is where the coins that were traded on the platform were stored. The hackers ran with several tokens with a total value of $270 million.

All victims of the hack were reimbursed by KuCoin's insurance fund. Kucoin along with Tether (USDT) were able to freeze some of the stolen funds. Later it was reported that $ 204 million had been recovered and some suspects of the hack were arrested.

Bitfinex

Hong Kong-based exchange Bitfinex was robbed by hackers in August 2016 for nearly 120,000 Bitcoin, which at the time was worth $72 million. The data to the multisig wallet fell into the wrong hands, giving intruders access to Bitfinex's hot wallet. Investigations revealed that there were no internal links to the disappearance of the Bitcoins anywhere. This raises questions, as Bitfinex has never been clear about how the Bitcoins were moved.

To make up for the financial loss, Bitfinex decided to split the loss among its users. Each user received one BFX token in exchange for each dollar taken. This token could be exchanged for dollars at a later date. There was a lot of criticism about the way the loss was covered and the response from Bitfinex. In the end, Bitfinex managed to pay out its users and offset the losses.

Bithumb

South Korean exchange Bithumb has been hit by cyberattacks three times. One hack was a lot bigger than the other. The biggest theft was one of about $31.5 million, in which criminals looted Bithumb's hot wallets.

Bithumb was also the victim of a hack, in which the data of 30,000 users was stolen, by a hacker who gained access to a computer belonging to a Bithumb employee. Shortly after this, the accounts were purged. The stolen funds had a combined value of approximately $12 million.

The last time Bithumb was not attacked from the outside, but from within. A Bithumb employee allegedly turned against the company and stole $18.7 million worth of Ripple (XRP) and Eos (EOS) tokens. In all cases, the users were refunded by Bithumb.

Gate.51

Chinese exchange Gate.io fell victim to a 51% attack on the Ethereum Classic (ETC) network in 2019. Criminals managed to steal about 40,000 ETC, which was equivalent to $271,500. To stop the attack, all transactions on the Ethereum Classic network were invalidated. Users' losses were reimbursed by Gate.io.

Bitstamp

Several employees of the crypto exchange Bitstamp, which is based in Luxembourg, were victims of coordinated phishing attacks in 2015. In doing so, they were persuaded to open files that spread malware and thus access sensitive files.

As a result of the hack, Bitstamp lost about 18,866 Bitcoins from its hot wallet, which at the time was worth about $5 million. In order not to experience the hack a second time, Bitstamp decided to temporarily shut down its platform and completely replace its system by building a new platform.

Kraken

The American exchange was hit by DDoS attacks on May 2017. At that point, Kraken users were unable to trade and the price of Ethereum (ETH) hit a low of $29.

This flash crash led to liquidations of many leverage traders. Five of these filed a lawsuit against Kraken, seeking $5 million in compensation. According to Kraken, the timing of the DDoS attack and the big sell order turned out to be rather coincidental, and that there was no market manipulation involved.

Poloniex

Along with Kraken, the American exchange Poloniex was also the victim of a DDoS attack. This is the second DdoS attack that Poloniex experienced. Poloniex showed that it couldn't handle the increased demand from users at the time and that its systems were way too old. Meanwhile, Poloniex has strengthened its servers against possible new DdoS attacks.

Coinone

South Korean crypto exchange Coinone was ordered in 2018 to pay compensation to a user who was hacked. The user who fell victim to a SIM swap attack lost access to his account. The scammer, who emptied the account via a Dutch VPN address, ran off with $ 50,000. The robbed investor sued Coinone for the fact that the hacker could withdraw more than his daily limit and there was no security whatsoever to block foreign VPN IP addresses.

Coinone paid compensation for the amount that was taken, but was above the limit.

Honorable Mentions

Other exchanges that were less strong went bankrupt or declined in popularity. They will be in the crypto history books forever. Let's take a look at the most notable hacks.

CoinCheck

The CoinCheck hack in 2018 became the largest crypto exchange hack in cryptocurrency history. The Japanese exchange was hacked due to its major security flaws for 500 million dollars worth of Nem (XEM) tokens. Coincheck decided to refund all users and worked with the Nem developers to track down the funds. But this turned out to be a cock, so the investigation was discontinued shortly after.

Coincheck overcame the loss and is still used as a crypto exchange. Still, trust in the exchange has seriously dwindled and crypto traders chose other platforms to trade their coins.

Mt. Gox

The Mt. Gox hack, which was the world's largest crypto exchange from 2011 to 2014, accounting for more than 70% of its total volume, became one of the most infamous hacks in crypto history.

Hackers used stolen credentials to steal the largest number of Bitcoins, in a crypto hack. The total amount thus amounted to 850,000 Bitcoins, of which 740,000 from the users of Mt. gox. The stolen Bitcoins were worth $460 million at the time.

This hack led to a 36% crash in the price of Bitcoin. Mt Gox went bankrupt and CEO Mark Karpelis was given a suspended sentence for being found guilty of manipulating information. The Russian Alexander Vinnik was also arrested in 2017, because he would have played an important role in laundering the stolen Bitcoins. It took years for Bitcoin and cryptocurrency to recover from this heavy blow.

Bitconnect

Bitconnect was not actually an exchange, but a pyramid scheme or pyramid scheme. The platform wanted to convince gullible members of the crypto community to invest money.

When Bitconnect collapsed in 2018, the price of the Bitconnect token (BCC) fell from $400 to a few cents. Thousands of users lost their money. The $2.4 billion pyramid scheme collapsed completely.

The promotion happened through social media influencers, who were able to persuade the gullible to invest in Bitconnect. Earlier this year, the news was announced that these influencers are expected in court to answer for the promotion of Bitconnect.

DeFi hacks

The development of decentralized exchanges (DEX) has ensured that cryptocurrencies are no longer kept in one location. This protects the decentralized exchanges to some extent. However, there are several instances where protocols, which also hold crypto users' money, will be abused by hackers and fraudsters.

Because a decentralized exchange only works on codes, hackers manage to exploit bugs and thus steal platforms. In DeFi, there is more risk because the space is much less regulated than the central side of crypto. In recent months, hacks on protocols seem to be the rule rather than the exception. The following hacks are the biggest in DeFi history.

Meerkat Finance

Meerkat Finance, which was a fork of the Yearn.Finance (YFI) protocol, was launched on the Binance Smart Chain (BSC). One day later, the protocol was robbed of 13 million Binance dollars (BUSD) and 73,000 Binance Coins (BNB). This resulted in a total of $32 million being stolen by the fraudulent developers.

The developers of Meerkat Finance had developed the code in such a way that, via a so-called upgrade, they could send the coins to their own address. After the hack, all social media accounts were deleted and there was no trace of Meerkat Finance.

BunnySwap

Bunnyswap was the platform hardest hit in the last Binance Smart Chain exploits. Eight flash loans were used to manipulate the price of various PancakeSwap pools. This resulted in a loss of 6.9 million Bunny tokens, which were valued at $45 million. By this onfall, the price crashed from $150 to $6. Bunny protocol is still trying to get over its losses.

EasyFi

EasyFi, a fork of Compound Finance (COMP), was one of the largest lending platforms on the Ethereum network. The protocol was hacked for 2.98 million EASY tokens, which were worth about $75 million. The hacker gained access to the developer's admin keys and completely drained the protocol's liquidity pools. At $75 million, the EasyFi hack is the largest DeFi hack to ever take place.

Lessons to be learned!

Despite all these spectacular stories, cryptocurrencies are relatively safe. However, the exchanges are at a big risk of being hacked. It is important to choose the right exchange that makes security their top priority. Still, it's not uncommon for several top exchanges to fall victim to hacks or fraud. What is striking is the reaction of these exchanges. Most always refunded their users in full for losing their funds and strengthened their security systems.

Hackers will never stop attacking crypto exchanges or finding new ways to exploit protocols.

It is therefore important to choose a good exchange, but also to take measures yourself with regard to your online security.
This was it for this Sunday guys! I´m off to enjoy some sun now that it is finally here, and have some spare time with the dogs and my partner outside before the rain starts falling again.

Enjoy your Sunday!


Posted Using LeoFinance Beta