2019 Saw Most Exchange Attacks Ever, With Hackers Becoming More Savvy

2020-1-23 00:39

As cryptocurrency exchanges beef up their security to defend themselves against cyberattacks, hackers are responding in kind by amping up their techniques — and the data shows that they’re finding success.

Cryptocurrency exchanges faced more successful attacks in 2019 than in any other year since bitcoin began trading on public exchanges in 2011, according to data compiled for a recent report from blockchain analytics firm Chainalysis. While the 11 attacks recorded in 2019 nearly doubled those conducted in 2018, the total damage ($282.6 million stolen in cryptocurrency in 2019 versus $875.5 million in 2018) was drastically less. 

The total amount of funds stolen in both 2014 and 2018 — which each superseded the amount looted in 2019 — were the result of the industry-altering Mt. Gox hack in 2014 and the half-billion dollar Coincheck hack (from which the spoils were mostly in NEM), respectively. 

Excluding these two hacks, 2019 was actually the worst year for the total amount of assets seized through hacks or similar attacks, such as phishing. However, the average number of assets stolen per hack decreased last year from 2018. This damage was partly mitigated, Chainalysis points out, by enhanced security measures and more appropriate custody practices; more exchanges, for instance, are storing fewer funds in hot wallets than they did in previous years.

“Only 54% of the hacks we observed in 2019 took in more than $10 million, compared with all hacks in 2018,” Chainalysis’ blog post reads. “While the increase in the number of individual hacks should be concerning, the data indicates that exchanges have gotten better at limiting the damage any one hacker can do.”

Cryptocurrency Exchange Hackers Improve Tactics

Still, as exchanges improve their defenses, hackers are improving their offensive strategies as well.

During a $40 million hack of the cryptocurrency exchange Binance in 2019, for instance, the attackers used a combination of malware and phishing to bypass security and override the multisignature key signing that is required for withdrawals.

In this war of data, as evidenced by the hard numbers Chainalysis’ research has produced, blockchain analysis is also becoming more sophisticated as attacks become more complex. And yet again, malicious actors have responded to the intensified scrutiny with greater agency to obscure funds. 

Specifically, they are using CoinJoin and mixers (which were practically never used prior to 2019, in part because reliable joining markets didn’t manifest until late 2018) to muddy the trail — to little avail, though, as Chainalysis can still trace funds with relative certainty. 

In fact, to ensure that its methods aren’t exposed, “[they] have to be very careful when publishing research so [they] don’t give [hackers] a blueprint,” Chainalysis economist Kim Grauer told Bitcoin Magazine. “To what extent are we allowing criminals to know what we’re capable of so that they can adapt their strategy accordingly?”

She added that “there’s reason for us to believe that they know what we’re capable of doing,” referring to the newfound urgency of hacking syndicates to not only mix coins but move them to exchanges for liquidation. Before 2019, it was not uncommon for the infamous North Korean Lazarus Group, for instance, to wait 500 days before moving funds. But last year it spared less time, often moving them in under two months post-hack to liquidate them on exchanges with relatively loose KYC requirements.

While Chainalysis believes that Lazarus is behind more attacks, Chainalysis has only published data on its $7 million DragonEx hack — as stated before, it doesn’t want to expose its hand on the other hacks that it believes Lazarus is involved in for fear of giving it a chance to circumvent surveillance. 

Cashing Out 

While unable to speak directly about the Lazarus Group, who is believed to have been involved in numerous exchange hacks to help North Korea fund its nuclear program, Grauer said that “Tether is a big part of” cashing out for most other syndicates. In other cases, the criminals are looking to convert altcoins to bitcoin. 

These on- and off-ramps are proving to be the last line of defense in the war against cybercrime. Indeed, Chainalysis and law enforcement can’t control what happens after funds are stolen, but with cooperation from exchanges, it can stanch the flow of funds through these exit points. 

These incidents are “already very much on the radar” of law enforcement, Grauer said, citing active investigations into 2019 hacks. Now, Chainalysis hopes exchanges will adopt its know-your-transaction (KYT) tools to keep tabs on stolen funds and to flag high-volume transfers directly from mixers — a tell that these funds may have come from illicit seizure.

With some 50 percent of funds stolen in 2019 still waiting to be liquidated, according to Chainalysis data, these KYT measures, which Binance alone is currently employing, could help officials find funds after the fact. But it will be up to law enforcement agencies to track down and book the culprits because, as Grauer reminded us, blockchain analysis is just one of the weapons in their arsenals.

The post 2019 Saw Most Exchange Attacks Ever, With Hackers Becoming More Savvy appeared first on Bitcoin Magazine.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Safe Exchange Coin (SAFEX) на Currencies.ru

$ 0.0054306 (-0.25%)
Объем 24H $1.742k
Изменеия 24h: 1.41 %, 7d: -8.63 %
Cегодня L: $0.0053635 - H: $0.0055227
Капитализация $6.099m Rank 99999
Доступно / Всего 1.123b SAFEX

hackers attacks exchange saw 2019 becoming savvy

hackers attacks → Результатов: 110


Kaspersky: Lazarus Hackers To Steal Crypto Using Telegram in ‘Operation AppleJesus Sequel’

The Moscow-based cybersecurity firm Kaspersky has informed cryptocurrency users that North Korean hackers have developed new ways of delivering malware through Telegram. Kaspersky has been looking at the latest attacks of the Lazarus Group, a North Korea-related cybercrime organization that has also conducted the AppleJesus attack on some of the most important crypto exchanges in […]

2020-1-10 22:16


VeChain Foundation BuyBack Wallet Hacked, $6.6 Million in VET Stolen, Investigation Underway

Hackers have continually gone after the cryptocurrency industry, making many cryptocurrency opponents concerned over the possible attacks that can be inflicted upon exchanges and online wallets. On Friday, December 13th, as if to commemorate the superstitious day, a hacker infiltrated the buyback wallet launched by VeChain Foundation.

2019-12-14 23:42


Фото:

Russian cyber spooks piggyback Iranian hackers to spy on 35 countries

Cybercriminals with ties to the Russian government have been found to piggyback on hacking tools developed by Iranian threat groups to mount their own attacks against 35 countries. The findings — based on a joint report by the US National Security Agency and the UK’s National Cyber Security Centre (NCSC) — reveal the focus of the activity was largely in the Middle East, where the targeting interests of both Advanced Persistent Threats (APTs) overlap.

2019-10-22 10:07


Фото:

State-sponsored Chinese hackers have been targeting Southeast Asia since 2013

Researchers have revealed a previously undocumented threat actor of Chinese origin that has run at least six different cyber espionage campaigns in the Southeast Asian region since 2013. The research — disclosed by Palo Alto Networks’ threat intelligence team Unit 42 — linked the attacks to a group (or groups) it called PKPLUG, named after its tactic of delivering PlugX malware inside ZIP files, which are identified with the signature “PK.

2019-10-4 15:23


In-person meatspace protocol to prove unconditional possession of a private key

Recommended pre-reading: https://ethresear. ch/t/minimal-anti-collusion-infrastructure/5413 Alice slowly walks down the old, dusty stairs of the building into the basement. She thinks wistfully of the old days, when quadratic-voting in the World Collective Market was a much simpler process of linking her public key to a twitter account and opening up metamask to start firing off votes.

2019-10-2 04:03


Фото:

Cryptojacking Campaigns Rose 29% in Q1, McAfee Says

In the first quarter of 2019, cryptojacking campaigns aimed at victims’ PCs to mine cryptocurrencies rose 29%, according to a recent report by security software provider McAfee. Hackers Target Windows PCs to Mine Monero The antivirus maker founded by crypto fan John McAfee discovered that both Windows and Apple ecosystems are equally vulnerable to cryptojacking campaigns.

2019-8-30 16:00


Фото:

US preps voting systems against ransomware attacks ahead of 2020 elections

The US government is looking to protect voter registration databases and systems from ransomware threats ahead of the 2020 presidential election. The Cybersecurity Infrastructure Security Agency (CISA) — a division of the Homeland Security department instituted by president Donald Trump in November last year — fears the databases could be at the receiving end of a ransomware attack.

2019-8-27 09:31


UN Accuses North Korea Of Being Responsible for Cyberattacks in 17 Countries

The United Nations have recently accused South Korean hackers and the government of being responsible for carrying out 35 cyberattacks. According to the UN, 17 countries were affected by the attacks, which were allegedly orchestrated in order to fund the development of mass destruction weapons. Now, a new report has been published and they claim […]

2019-8-13 22:10


Фото:

Microsoft: Russian government hackers are targeting IoT devices

Microsoft today warned that Russian government hackers have been using video decoders, printers, and internet of things devices to breach computer networks. In a blog post, the Microsoft Threat Intelligence Center wrote that the “devices became points of ingress from which the actor established a presence on the network and continued looking for further access.

2019-8-6 03:36


Malwarebytes Labs Report: Electrum Wallet Bitcoin Phishing Attacks Account for $4 Million in Theft

The cryptocurrency market has had their share of scams through the years, with hackers attacking at every single weak point they can find. Hackers have plagued this nascent industry frequently, and a recent report from Malwarebytes Labs says that one of the recent groups of victims is that of the users of the Electrum Bitcoin […]

2019-4-17 23:56


Фото:

Behind the scenes: Electrum hackers steal $4M with Bitcoin phishing attacks

Electrum Bitcoin wallet users have lost 771 BTC (approximately $4 million) since late December 2018, in an ongoing series of targeted phishing attacks. According to research released by Malwarebytes Labs, fraudsters were able to trick unsuspecting users into downloading a malicious version of the wallet by exploiting a weakness in the software.

2019-4-16 18:02


Фото:

North Korean Hackers Pivot Towards Cryptocurrency to Fund Country’s Nuclear Program

North Korean hackers with the backing of Pyongyang are targeting cryptocurrency exchange platforms as part of efforts to raise funding for the country’s nuclear weapons program. Wired reports that several international cybersecurity experts believe a hacking syndicate based in the country is also responsible for attacks against banks across the globe.

2019-4-5 13:00


The Hacking of Dragonex: What’s The New Call for Better Exchange Security Look Like?

Security breaches to online cryptocurrency exchange platforms is not new. Infact, many hackers specifically devote their time, energy and resources in targeting exchange with big assets to attack and this act calls for improved awareness and cryptographic innovations that would protect blockchain platforms from such malicious attacks. As encrypted as the blockchain system is, it […]

2019-4-5 01:05


Фото:

Lazarus Hacker Group Continues to Target Crypto Using Faked Trading Software

This article was originally published by 8btc and written by Lylian Tang. The Chinese security service provider 360 Security has issued a warning that a large number of crypto exchanges have been targeted by the North Korean hacker group Lazarus and that the number is still rising after the recent hacks of crypto exchanges DragonEx, Etbox and BiKi.

2019-4-2 21:54