3 minute read
12.2 Key categories of cyberattacks related to cryptocurrency
Cyberattackers are likely to take advantage of the digital asset transaction system vulnerabilities to commit crimes. Here are the different types of vulnerabilities that attackers and some specific examples frequently target.
Figure 116. Cybersecurity for digital assets – Common vulnerabilities to cyberattacks
Advertisement
Key cybersecurity vulnerabilities for digital assets
Digital asset accounts
Digital asset exchanges
Fraud or scams
Detail
Digital asset accounts are accessible and secured via private key. However, some users tend to store these keys on their PC, making them easily accessible for hackers.
Certain digital asset exchanges are centralized, making them vulnerable to hacks and ransomware attacks.
Frauds or scams are rampant in the digital assets space, such as in ICOs, fraudulent addresses.
Source: Gemini, Forkast, Crypto Head
Selected examples
April 2019 – A thief stole almost 45,000 ETH by successfully guessing weak private keys.
2019 - Hackers stole $40 million from Binance through phishing
US Federal Trade Commission (FTC) estimated that US consumers lost US$80 million to cryptocurrencyrelated scams in the period between Oct 2020 and May 2021; 2021 – South Korea has a crypto fraud case estimated to have involved a total of US$3.85 billion, taking the country’s losses in crypto scams to US$5 billion over the past five years.
Cyberattackers adopt various techniques to penetrate digital assets transaction systems, with the end goal of stealing funds. Below are the common types of cyberattacks related to digital assets.
Figure 117. Common cybersecurity risks related to cryptocurrency exchanges
Common cybersecurity risks Definition Notable example(s)
Ransomware A ransomware attack restricts a user from accessing a computer system unless paid. First, the attacker hacks into a private network, then encrypts essential files within the network. The attacker demands a ransom from the owner, who otherwise could not access the files. May 2020 – One of the largest US fuel pipelines, Colonial Pipeline paid approximately US$5mn to the ransomware group that forced the temporary shutdown of all operations.
Phishing
Hack of trading platforms
Compromised registration forms
Third-party applications
Malware A phishing campaign targets trading platforms with the primary goal of stealing users’ credentials that scammers can use to ask for profit or ransom.
Cybercriminals compromise trading platforms and steal funds.
Cybercriminals steal users’ information. They then sell it in the black market for profit.
Cybercriminals use third-party applications to steal user data which is used in further attacks.
Cryptocurrency-related malware can be used to steal cryptocurrencies from online wallets. Malware can also enter mining machines and steal the infected computer's mining resources. 2020 – A phishing scam has stolen over 1,150,000 XRP from Ledger users.
September 2020 – Singapore-headquartered digital asset exchange KuCoin reported US$281mn of funds compromised in a security breach
The lack of regulatory oversight has caused the ICO space to be fraught with scams, whereby users are misled by links and popups to fill in personal and financial details. A 2018 report by Satis Research identified 78% of a sample of 1,500 ICOs as scams, collectively valued at US$1.3bn.
As of July 2021, security researchers reported that over 170 fraudulent Android apps purported to offer cloud crypto-mining services have collectively scammed victims $350,000.
June 2021 – Avast estimated that the scam using Crackonosh, a malware, has cost victims over US$2mn worth of Monero (XMR).
Cryptojacking Cryptojacking is the malicious use of an individual or organization’s computing power to mine cryptocurrencies without consent
Source: CryptoSlate, Coindesk
2019 – Two members of hacker Bayrob Group were sentenced after their malware mined crypto on 400,000 infected computers. 2018 – Miners reportedly hacked over 2,000 computers of the Aditya Birla Group to mine cryptocurrencies.
