The number of hacked accounts on Bitcoin-exchanges in early 2018 increased by 689%
Right now, the cryptocurrency market situation is undoubtedly not so impressive. Anyway, some time ago the sharp increase in interest in cryptocurrencies led to dozens of attacks on cryptocurrency services. The number of compromised user accounts of crypto-instruments increased by 369% from 2016 to 2017. Moreover, in January 2018, the number of incidents increased by 689% compared with the average monthly indicator of the previous year. The report data was provided by the international company Group-IB, specializing in cyber attacks prevention.
Company experts analyzed the theft of 720 user accounts of the 19 largest crypto exchanges and found that the leaders in the number of cyberattack victims were mostly from the United States, Russia, and China.
Moreover, 50 active botnets, used for cyber attacks on users of crypto-exchange exchanges, had been identified. The infrastructure used by cybercriminals is mainly based in the USA (56.1%), the Netherlands (21.5%), Ukraine (4.3%) and Russia (3.2%).
The report states that the number of malicious programs used by attackers is continually increasing, and the tools themselves are constantly being modified. However, among the most frequently used malicious programs are the AZORult Trojans and Pony Formgrabber, as well as the Qbot bot.
At the same time, researchers add, cybercriminals continue to use tools that were previously used to attack banks, and now successfully use them to crack crypto exchanges, wallets, and gain access to personal user data.
The first and foremost reason for successful theft: ignoring of two-factor authentication, both by users and by the exchanges themselves. The second is the neglect of simple security rules, such as the use of complex and unique passwords for various services. The analysis of the sample, consisting of 720 accounts, showed that one in five users considered the password to be shorter than eight characters are sufficient.
“At the moment, not one crypto exchange, regardless of the scale and duration of the operating history, does not provide absolute security to its users,” the Group-IB experts summarized.
At least five of the 19 exchanges analyzed were victims of targeted cyber attacks: Bitfinex, Bithumb, Bitstamp, HitBTC, Poloniex and, probably, Huobi.
The reasons for the hacking are different: errors in the source code of the program, phishing attacks, unauthorized access to the database of users of exchanges, the vulnerability in the storage and withdrawal of funds. However, all of them are the result of insufficient attention to information security and protection of their digital assets.
The wave-like activation of scammers and the increased attention of hacker groups to the crypto industry, the modification of malicious programs for crypto-currencies, as well as the significant amounts of stolen funds – all these signals that the industry in question is not yet ready to protect itself and its users.
The Group-IB experts suggest that in 2018 the number of incidents will increase, which will require a prompt and effective response from the community, including analysts and scientists.
Fact is that, in March, experts from Group-IB suggested that by the end of 2018 the number of cybercrime in Belarus could grow by 25%.
Speaking about the world scale, the reminder needs to be put – as the worldwide crime scene sees a lot of hacking and fraud regarding the holders of main cryptocurrency and other digital assets owners.