Introduction
The Ukraine -Russia war has triggered questions about safety throughout the world. The world economies are adjusting to the sanctions and are still dynamic, affecting properties and asset value. The Cryptocurrency sector has also faced its due share of price fluctuations.
Due to startling price drops, constant fluctuations and the present crisis doesn’t make cryptocurrencies the best investment option. Being completely digital, stored and traded online, cryptocurrencies have a greater risk of being hacked. In this article, I have discussed five thefts in the cryptocurrency sector that resulted in huge losses.
Poly network Hack
This Hack took place in August 2021 and is one of the biggest heists in the cryptocurrency sector. Poly network is an online platform that supports Defi and crypto transactions in different blockchains. It facilitates inter chain cryptocurrency transfer using smart contracts. More than $600 million of Cryptocurrencies were lost in the cyber-attack.
The hackers misused the access rights between two high contracts called EthCrossChainManager and EthCrossChainData. The crucial point to note is the latter contract cannot be accessed by anyone within the network and can be accessed only by its owners. The former contract can trigger messages from another chain to poly chain units.
I highly recommend having a look at this video from coffeezilla, a channel dedicated to crypto-related heists. In this video, the speaker clearly explains the hacking. The best part is, you get to see the actual images of the hacker’s conversation with the poly network team.
The issue was initially identified by Mr white hat, who became the whistleblower. In a turn of events, he was also tipped a ransom by the hacker. The Poly network scam turned out to be a game when the hacker continued with a question and answer session explaining that the goal behind the hack , which is to bring out the vulnerability of the crypto world to the public.
Impressed with the hacker’s talent, the firm offered a designation of chief security officer. The hack flashed the lights on the drawbacks of the system. As per poly network request, the hacker returned 342 million worth of assets.
$260 million (As of 11 Aug 04:18:39 PM +UTC) of assets had been returned:Ethereum: $3.3MBSC: $256MPolygon: $1MThe remainings are $269M on Ethereum, $84M on Polygon
— Poly Network (@PolyNetwork2) August 11, 2021
KuCoin crypto heist
It was named to be the biggest cryptocurrency exchange hack of 2020. A North Korean-based hacker group called Lazarus managed to steal $275 million worth of Cryptocurrency from KuCoin.
This group is famous for conducting other Cryptocurrency thefts like the 2019 UpBit hack. It caused a loss of 49 million dollars worth of Cryptocurrency. Experts believe that this group hacks and provides funds to North Korea’s Nuclear weapon program.
The Lazarus group passes on the stolen funds to mixers in structured payment that can be higher or lower based on the size of the total amount. It awaits for each payment’s output to be confirmed by the mixer. Subsequently, the funds are passed onto the OTC brokers. But as soon as the issue occurred, the firm recovered 240 million dollars by freezing the assets.
BitGrail scam
BitGrail is an Italian company that traded Bitcoin and Nano coin. Nano was the new Cryptocurrency on the block and popularly traded on the crypto exchange in Italy. At one point, the Nano cryptocurrency price boomed to $33, and precisely at this moment, the hack happened.
Francisco Firano– the founder of BitGrail, halted all the operations and gave a public statement stating the Nano wallets hack. Nearly 17 million coins were stolen, and the overall loss is estimated to be around $170 million. Unlike other hacks, officials believe that this one was staged, the timeline of events also supported their claim. Nano Development team accused the company of the implying brink of insolvency. In 2020, the Italian police began investigating the company regarding the theft.
Months before the hack, most of the users had transactional problems, and the limit to withdraw was slashed from 10 BTC to 1 BTC. Another event that triggers questions is the ban placed on non-European users. Each transactional activity followed vigorous protocols. However, Firanos request to alter the ledger to cover the losses turned all the doubts towards him.
The Nano development team has revealed the issues in a detailed medium post. They have also publicly informed about Firanos request to alter the ledger to cover the losses. This is unethical, so the team decided not to do it and started retaliating against the founder. This request from Firano backfired and has shifted the focus towards him.You can read the medium post written by the Nano developer team and posted on February 9, 2018: An official statement regarding Bitgrail insolvency. Till now the case is under investigation, and Firano is slapped with fraud charges.
CoinBene hack
CoinBene is one of the popular exchanges in the world supporting cryptocurrency trading and exchanges in more than 190 countries. In March 2019, the crypto exchange was hacked by cybercriminals resulting in a loss of $105 million worth of Cryptocurrencies. Initially, the crypto exchange didn’t expose the news, instead, they closed down the exchange, in a disguise of maintenance activity.
The scam came to light after conducting a complete investigation of every transaction, On March 25, 2019, a massive outgoing transaction occurred from CoinBene hot wallet, and they halted all activities masking under the name of maintenance. However, on March 27, 2019, Elementus data scientists published a report describing the fund transfers from the CoinBene hot wallet.
In this report, they have mentioned the date and time regarding all the transactions in the crypto exchange. On the 25th of March 2019, multiple transactions summing up to $105 million was transferred from the hot wallet into three different addresses. On the same day around 6:24 p.m., the hack was discovered from the company’s end and stopped all hot wallet activity. The hot wallets didn’t function for whooping 8 Hours. The next day, all the amount from the hot wallet was transferred directly to cold wallets.
By this time the criminals have already exchanged stolen coins like huobipole token, Pundi X, maximize coin, and Udoo in multiple crypto exchanges. CoinBene has claimed the maintenance downtime as a preventive measure and is working to enhance the overall security in the exchange wallets. Until now The lost coins are not yet traced.
Coincheck scam
CoinCheck is one of the famous digital currency exchanges in Japan. CoinCheck crypto exchange hack was one of the largest digital currency heists of all time, resulting in a loss of $500 million in digital tokens. As soon as the hack was analyzed, deposits and withdrawals were halted in all the cryptocurrencies. Coincheck has not officially released the reason for the hack. However, experts say that it all started with a phishing email that affected the servers and laptops of the users.
It’s worth 58 bn yen as per the calculation at the rate when detected- Yusuke Otsuka- the CEO of CoinCheck.
The team has traced the movement of the funds and a trying to recover them. The team has analyzed and published 11 addresses where all the stolen coins are stored. On the downside, the ownership of the accounts was not traceable. The hackers can still cash in from the cryptocurrencies using various services.
How do cryptocurrency thefts occur?
Cryptocurrencies have become more mainstream investment tools now. They have gained major attraction from the investors and Cybercriminals. Being a complete online entitiy they are highly prone to cybercriminal activity and hacks. It results in the loss of billions of dollars.
The standard crypto exchange hacking occurs through phishing and malware. The users are closely traced and are sent phishing emails with malicious payloads. As soon as the user clicks the mail, it opens the gateway for cybercriminals to hack all your details and log into your crypto assets to loot them. Another method is by conducting double spending , and it occurs in cryptocurrency ATMs. Defaulters initiate a transaction, receive a cash payout, and cancel it. This scam occurs in unconfirmed crypto transactions.
In case, the defaulter gains 50% of all the mining power resulting in the vulnerability of the coins getting hacked. It may cause alteration of the financial history and is technically called a 51% hack. Secret key theft is also a technique used in hacking cryptocurrencies. The keys are stored in crypto wallets, and there are high chances of getting the seed phrase.
Tips to protect your Cryptocurrency.
These Cryptocurrency thefts clearly show that the crypto exchanges are not safe. In most cases, the lost tokens were not replenished.If you are interested in investing in cryptocurrencies, you should know these tips to protect your investment.
If you observe closely, there is a similarity between all the hacks. The Cryptocurrency stored in the hot wallets is the first target of cybercriminals. Using a cold wallet is the best choice to secure your Cryptocurrency. Unlike hot wallets, cold wallets are not connected to the internet and cannot be hacked, it is much safer than hot wallets.
Using a secured internet for trading and making crypto transactions can prevent your wallet from getting hacked. Never use public Wi-Fi networks, and even when accessing home Wi-Fi make sure to use a VPN for additional security. It alters the IP address and location. Another important thing is to own multiple wallets; this can diversify the cryptocurrency investment and reduce the risk of losses due to security breaches.
Modifying your password regularly and making sure that it is strong enough can drastically reduce the chances of your wallet being hacked. It is crucial to avoid pishing, malicious emails in the cryptocurrency world.I will highly recommend this video from Full value Dan, for more tips on increasing the safety of your Cryptocurrency.
Conclusion
The main intention is to educate you as a reader and investor to know how cryptocurrency exchanges are prone to hack. Some of the biggest crypto exchange hacks and security breaches clearly show that the crypto world is not completely reliabole. However, with improvements implemented every day, this may change.
It is crucial for crypto firms and exchanges to be highly vigilant and constantly monitor the activities occurring in the sector. Even being transparent, it is prone to cyber-attacks. Robust security aspects sometimes may fail to protect against cybercriminals. Even the latest executive order signed by Joe biden is focused to regularize the cryptocurrency sector and improving its realiability and investors safety along with several other factors. This will defenitely help the investors to make a well informed decision.