Although there have been over $882 million cryptocurrencies stolen from online exchanges since 2017, Lazarus, a North Korean, state-sponsored group is responsible for the majority of stolen tokens. According to an article published by The Next Web on October 19, 2018, the Lazarus Group took over $571 million cryptocurrencies and will continue to do so in the future.
Targeted Attacks On Cryptocurrency Exchanges Will Rise
According to cybersecurity company Group-IB, and their annual report on hi-tech cybercrime, since January 2017, there have been over 14 attacks on online cryptocurrency exchanges. Group IB noted that Lazarus was responsible for over half a billion dollars of stolen tokens.
Lazarus managed to hack into Yapizon, a South Korean cryptocurrency exchange in April 2017 and stole 3,816 Bitcoins valued at $5.3 million. Later in the year, in September and December 2017, they also hacked into other South Korean exchanges, Coinis, and YouBit, respectively.
Lazarus was also responsible for the January 2018 hack into Japanese cryptocurrency exchange Coincheck, stealing 523,000,000 NEM which was valued at $534 million. In June 2018, they also hacked into South Korean exchange Bithumb and took approximately $32 million in tokens.
While Lazarus attacked and stole a large number of cryptocurrency tokens, Group-IB expected targeted attacks towards online exchanges to rise over time. Not only will Lazarus, continue to attack cryptocurrency exchanges, Group-IB believes that extremely aggressive hacking groups that currently target banks will begin to attack online exchanges since these exchanges hold a lot of money. Hackers looking to steal from large cryptocurrency exchanges will use many traditional approaches such as spear phishing, social engineering, and malware.
Majority of ICO Funds Lost To Phishing Attacks
Unfortunately, it’s not just cryptocurrency exchanges who are falling victim to hackers and fraudsters. According to Group-IB’s report, 10 percent of funds raised through ICO platforms were stolen since 2017. They were lost primarily due to phishing, a technique designed to obtain sensitive information from an individual or company by posing as an institution.
Phishing often happens when individuals, due to a fear of missing out, rush to support emerging cryptocurrency projects without checking the correct domain name. When investors input data into the wrong website, phishers can gain access to their sensitive information. Not only can cryptocurrency hackers use the information to log in and steal existing funds, but they can also re-sell this information on the darknet or even use blackmail tactics to trick the victim.