As part of a report that serves as a stark reminder of how the cryptocurrency market is still mired in criminal practices, in more ways than one, cybersecurity firm CipherTrace estimates that the theft of digital currencies through the hacking of exchanges and trading platforms in 2018 amounts to $927m.
Just three-quarters of the way through the year, that figure represents a 250% increase on that of 2017. While here at The Block we’ve endeavored to keep track of the larger and more public of these hacks, CipherTrace identified a steady increase in ‘smaller’ thefts of between $20-60m totaling $173m in the third quarter.
Last month, hackers stole an estimated $59m (£45m) from Japanese cryptocurrency exchange Zaif, while at the start of the year, Coincheck’s loss of $530m (£397m) to criminals ranked it as the largest theft of its kind on record. Those are just two of at least five hacks on cryptocurrency exchanges reported this year.
The ripples of these attacks spread far and wide; the breach of Coinrail in June this year saw the price of Bitcoin fall $500 (£372) in the hour after the news was announced, constituting a two-month low at the time.
The lack of adequate security serves as a crucial barrier to cryptocurrencies’ lack of adoption among professional investors, and that’s just the breaches that are made public; CipherTrace said it was aware of some $60m in cryptocurrency that was stolen but not reported, and estimates there are at least 50% more criminal transactions occurring than were cited in the report.
The cybersecurity firm owes the surging increase in hacks this year to the growth in popularity of Bitcoin, and the 1,600 or so other digital coins or tokens in circulation, drawing more hackers into the space.
Research earlier in the year from cybersecurity firm Carbon Black – whose estimates for total cryptocurrency stolen this year exceeded £1bn (not just in regard to that taken from exchanges) – argued that exploitation of new, less security-savvy investors accounted for around a fifth of cryptocurrency stolen, exacerbated by the ease of acquiring malware tools for as little as $1.04.
While that same report suggested that in those cases, adequate security was in the hands of the individual, CipherTrace noted that in regard to larger breaches, regulators in many countries are still “a couple of years behind” in enforcing adequate security measures among businesses.
In an example of potential action those regulators could be taking, Japan’s Financial Services Agency recently enforced tighter screening measures for applicants looking to open cryptocurrency exchanges to ensure they are conducting proper risk management. That included a review of boardroom minutes relating to strategic financial decisions and a fourfold increase in screening questions.
Another issue to that the report highlights, however, is the use of cryptocurrency exchanges for money laundering.
In countries with weak anti-money laundering laws, CipherTrace identified that the world’s leading exchanges have been used to launder $2.5bn worth in bitcoins since 2009. “All exchanges get these money-laundered funds,” the company’s chief executive officer, Dave Jevans, told Reuters.”You really can’t stop them.”
CipherTrace designated money-laundered funds as those which appeared “criminal or highly suspect”, making its estimates based on 350m transactions from 20 exchanges. The group then cross-checked the 100m of those transactions with counterparties with its own data on criminal activity.
These exchanges have also been used to purchase 236,976 bitcoins worth of criminal services, according to the report, or roughly $1.5bn in currency prices.
Interested in hearing leading global brands discuss subjects like this in person? Find out more at the Blockchain Expo World Series, Global, Europe and North America.