Since the inception of bitcoin, cryptocurrency exchanges have been a major target of attack compared to other traditional financial institutions such as banks. As cryptocurrency platforms tighten cybersecurity, hackers find new cracks in the wall.
In 2019, we saw the volume of digital currency hacks surpassing $500 million, a figure that was recorded in 2018 during the hack of Coincheck exchange. More than 9 major exchanges were attacked last year with over $175 mln worth of cryptocurrency pilfered and this has a big effect on the market.
2019 has started with a major hack in January. Then, the New Zealand-based exchange called Cryptopia was attacked twice by an anonymous gang who pilfered more than $16 million. The thieves targeted mainly Ethereum (ETH), ERC-20 and Centrality (CENNZ) coins. Around $2.44 mln worth of ETH and approx. $1.2 million worth of CENNZ were transferred from Cryptopia to a mysterious wallet. Users demanded compensation and tried to go to court for justice. Fortunately, following the decision by the High Court in Christchurch, Cryptopia users will get their funds back and compensation for the damages caused.
On March 29, 2019, Bithumb lost over $19 million to unidentified hackers, as coinidol.com, a world blockchain news outlet, reported. Insiders were suspected to have engaged and participated in this massive attack on the company’s hot wallet. Later on, in July, a giant Japanese exchange BitPoint was hacked in both of its cold and hot wallets and lost more than $32 mln.
In 2020, the number of attacks has increased even more. Now, hacker gangs prefer to use crypto-jacking malware and ransomware to attack not only cryptocurrency exchanges but also other types of businesses. Lately, corporate networks of Australian companies were attacked by a group called Blue Mockingbird using crypto-jacking malware to illegally mine Monero cryptocurrency. The country’s government has also become vulnerable to attacks supposedly from Chinese state-backed hackers.
With the outbreak of coronavirus hackers also targeted the healthcare sector due to its vulnerability and importance. Thus, the University of California had to pay over $1 million ransom to a group called Netwalker for releasing important medical research data.
During the most recent attack a cyber gang dubbed “CryptoCore'' managed to run away with $70 million from Israeli exchanges. The hackers started their criminal activity from mid-2018 to the present, according to the report by Jerusalem Post. The gang is suspected to have stolen more than $200 mln from cryptocurrency exchanges globally, mostly using the technique of spear-phishing email. Within these techniques, hackers impersonate high-ranking employees. After the links or document attached to the email is downloaded or opened, criminals get hold of the exchange’s system.
As of now, law enforcement agencies have failed to identify group members. However, they are allegedly the residents of East European countries.
Generally, digital currency exchange platforms are perceived as less protected from being attacked than traditional banking institutions as well as other business. One of the reasons why cryptocurrency exchanges are more attractive for hackers is that since the exchange platforms are relatively new to the finance sector, the lack of security experience puts these infrastructures in a more attractive and vulnerable place for hackers and other cybercriminals.
Even though it is easy to trace the pilfered cryptocurrency via blockchain and distributed ledger technology (DLT), identifying and attributing wallets to entities and individuals is still very problematic. Cryptocurrencies, once stolen, are very hard to track and trace back and attackers exploit and abuse this illicit luxury for their own benefit.
According to a report by NormShield risks rating platform, cryptocurrency exchanges possess three basic weaknesses often used by hackers, namely, Content Delivery Network (CDN) security, exposure to fraudulent domains, and weak credential management. Nevertheless, the assessment made by the platform showed they still perform better than traditional banks.
Basically, this is because banks are highly exposed to a third-party risk as they involve a large number for third-party vendors to ensure their operation. Thus, this gives hackers more opportunities to break into the system. Besides, banks are mostly much larger than any cryptocurrency exchange in terms of the number of employees. This also makes it easier for hackers to get inside the institution disguised as an employee or having stolen credentials of an employee.
To perform better, digital currency exchanges should dynamically assess cyber risks. This would allow them to lessen exposure to cyber-attacks, advance incident response time, endure with the use of essential security services, and gung ho take measurements against would-be cyber threats.
However, despite some differences in arrangement and operation, both banks and cryptocurrency exchanges are exposed to similar types of risks common for all financial institutions as hackers also use similar types of attacks aimed at one single thing - stealing money.