Bitcoin’s legendary ascension to the $20,000 mark a little more than a year ago inspired legions of fast-buck makers to hop on the bandwagon and invest in this intriguing yet volatile asset.
Mining cryptocurrency worked for a while, but it is no longer feasible because of the increasing complexity behind the algorithms, especially in the case of Bitcoin. So players in the cryptocurrency market are now (loosely) divided into two categories: those who trade it and those who steal it.
And the line between the ICOs and exchanges in the former group and the thieves, scammers and hackers of the second group is blurring by the day. Some exchanges and initial coin offerings are now entirely set up to perform an exit scam.
Playing with digital currency today is like playing with fire, as the risks now outweigh the benefits. New research reveals that thieves and scammers stole $1.7 billion in cryptocurrency in 2018. Theft from cryptocurrency exchanges accounted for most of the criminal activity: more than $950 million was stolen by hackers in 2018 – 3.6 times more than in 2017. Investors and exchange users lost at least $725 million in cryptocurrency in 2018 to exit scams, phony exchange hacks, and Ponzi schemes, according to CipherTrace.
Criminals now need to launder all these funds to cash out before a wave of crypto-centric regulations go into effect this year.
CipherTrace has also identified the top 10 trending crypto threats (below) in an effort to provide “actionable threat intelligence for anyone dealing with cryptocurrency.” From the report:
- SIM swapping: An identity theft technique that takes over a victim’s mobile device to steal credentials and break into wallets or exchange accounts to steal cryptocurrency.
- Crypto dusting: A new form of blockchain spam that erodes the recipient’s reputation by sending cryptocurrency from known money mixers.
- Sanction evasion: Nation states that use cryptocurrencies promoted by the Iranian and Venezuelan governments to circumvent sanctions.
- Next-generation crypto mixers: Money laundering services that promise to exchange tainted tokens for freshly mined crypto, but in reality cleanse cryptocurrency through exchanges.
- Shadow money service businesses (MSBs): Unlicensed MSBs that bank cryptocurrency without the knowledge of host financial institutions, exposing banks to unknown risk.
- Datacenter-scale cryptojacking: Takeover attacks that mine for cryptocurrency at a massive scale and that have been discovered in datacenters, including AWS.
- Lightning Network transactions: Enabling anonymous bitcoin transactions by going “off-chain” and now scaling to $2,150,000.
- Decentralized stable coins: Stabilized tokens that can be designed for use as hard-to-trace private coins.
- Email extortion and bomb threats: Mass-customized phishing email campaigns by cyber-extortionists using old passwords and spouse names to demand bitcoin. Bomb threat extortion scams spiked in December.
- Crypto-robbing ransomware: New malware distributed by cyber-extortionists that empties cryptocurrency wallets and steals private keys while holding user data hostage.
In the wake of numerous such incidents, countries around the world are accelerating the adoption of anti-money-laundering regulations and cryptocurrency forensics. However, as in the classical monetary system, some countries are lagging behind in regulating cryptocurrency, serving as potential havens for money laundering, fraud, and tax evasion.