News-making incidents in 2017Below is a rundown of malicious events that took place on the cryptocurrency arena last year.
- In February, hackers stole personal records of more than 30,000 customers of Bithumb, one of the world’s largest cryptocurrency exchanges based in South Korea. They reportedly did this by compromising the home PC belonging to one of the service’s employees. The attackers then used the data and some social engineering to steal about $1 million worth of Bitcoin from victims’ accounts.
- Threat actors made about $7 million worth of Ether, a popular type of virtual currency managed by the Ethereum platform, by pulling off a high-profile fraud in July. This incident occurred in the course of an ICO for a brand new trading platform called CoinDash. The black hats were able to trick early investors of the startup into submitting a specified amount of Ether to a rogue address.
- By circumventing the defenses of another Initial Coin Offering campaign held in July, cybercriminals stole tokens worth $8.4 million. This ICO was set up by proprietors of the Ethereum-based peer-to-peer platform called Veritaseum. The felons stole 37,000 tokens called VERI, quickly exchanged them for Ether, and vanished.
- A flaw in the code of a popular Ethereum wallet application called Parity allowed perpetrators to steal about 150,000 coins and get away with it. At the time of the heist, this amount was approximately worth a whopping $30 million.
- One more ICO ended up becoming a rip-off for investors in August. The fraudsters were able to brainwash potential backers of another Ethereum platform derivative called Enigma. In the upshot of this scam, investors were tricked into sending $500,000 worth of cryptocurrency as part of a “pre-sale” of tokens. In order to implement this con, the threat actors compromised Enigma’s domain and sent phishing emails to interested parties.
- The Hong Kong-based operator of Tether, a virtual currency whose coin value is pinned to that of the U.S. dollar, stated that cybercrooks stole about $31 million worth of tokens in November. The funds were surreptitiously withdrawn from one of the company’s “treasury wallets” and then submitted to an unidentified Bitcoin address.
- A coding imperfection in Parity wallet software led to disastrous consequences in November, leaving $280 million worth of Ether frozen. According to official reports, the bug was set off when an unsuspecting user accidentally wiped out library code – as prosaic as that. As a result, all multi-signature wallets created since July 20 became unusable.
- Online malefactors compromised a Bitcoin mining platform called NiceHash in December. In the aftermath of this hack, customers lost some 4,700 Bitcoin, which was worth about $64 million at the time of the incident. According to the Slovenia-based company in question, the incursion involved sophisticated social engineering.
What does the future hold for Cryptocurrencies?The ubiquity of cryptocurrencies appears to be a mixed blessing. On the one hand, this innovative framework makes it easy and fairly safe to transfer funds with low processing fees. The security facet of these transactions is backed by cryptography, so the probability of perpetrators meddling with the underlying protocol and the blockchain technology is negligible. The weak link in this whole chain is the myriad of exchange services, wallet providers, and payment systems that are much easier to compromise. Furthermore, anonymity (that comes from the combined usage of cryptocurrencies, TOR network, and even the best VPN services) has helped to facilitate shady activities, including money laundering, tax evasion, and extortion through ransomware. All of this has led governments to monitor this domain more closely. In fact, the central banks of some countries, including the United States, Sweden, China, and Japan, are reportedly planning to develop their own digital coins in an attempt to stay on top of this volatile marketplace. Time will tell whether these initiatives can address cryptocurrency-related security concerns. Meanwhile, traders, ICO backers, and other interested parties should be on the lookout for scams, adopt hacking countermeasures, store their private keys reliably, and have a plan B for the worst-case scenario.