The new trend of stealing cryptocurrencies shows no signs of letting up. In the last few hours, the cryptocurrency platform Tech Bureau Cop in Japan has fallen victim to this technique, which is affecting more and more companies. In this case, the cybercriminals made off with 60 million dollars’ worth of Bitcoin, MonaCoins and Bitcoin Cash. However, despite the multi-million dollar loot, this is not the most lucrative crypto-theft so far this year.
Sunday, January 28, 2018. A serious crisis rocks Japan. We’re not talking about a political debate, or a diplomatic conflict, or even any kind of trade wars. What happened was that a cryptocurrency trading and storage platform was hacked.
The protagonist of this disaster was Coincheck, one of the best known in the sector. Suddenly, the platform’s operations were interrupted with little to no explanation. However, it wasn’t long before the worst fears were confirmed: the network had been hacked, and someone had stolen 540 million NEM, the cryptocurrency created in Singapore in 2015, which has become one of the main alternatives to Bitcoin and Ethereum.
For their troubles, the thieves of this cryptocurrency got away with around 535 million dollars, setting an unfortunate record: the largest theft in the history of cryptocurrencies. If anyone thought that assets of this kind would be safe forever, they were sorely mistaken.
850 million in 2018
Though the Coincheck incident is the most striking, it is far from being the only one. According to data compiled by Hackmageddon, in the first nine months of 2018, 854 million dollars’ worth of cryptocurrency has already been stolen worldwide, which gives some idea of the scale of this trend.
What’s more, these hacks mark the inception of a new battlefield: the cryptocurrency ecosystem, which has become a new target since it is no longer inhabited only by individuals; part of it is also made up of a growing number of large organizations, whose IT security may have all kinds of vulnerabilities.
The problem is that, in the end, while cryptocurrencies have unequivocally become an economic and financial trend, they have also become the ideal tool for many cybercriminals, who can take advantage of this boom, to steal data from companies, or even use their resources to mine said cryptocurrencies.
Here’s how cryptocurrencies are stolen:
The popularization of new technologies also implies more sophisticated robberies. In recent times, two strategies for stealing cryptocurrencies have gained special prominence.
1.- Hot wallets. If you currently have cryptocurrencies and you store them on one of these large platforms that offer ‘wallet’ services, it is fairly likely that they are in a hot wallet. A hot wallet is an online wallet whose contents are protected by a password. Hence, in this case, a breakdown in the security of the password would grant access to the wallet. This is exactly what the cybercriminals did in the case of Coincheck.
2.- Malware, phishing… The employees in a company can be recurring victims of this kind of theft, especially if the company operates on the cryptocurrency market or in decentralized environments. Let’s imagine that an employee downloads a program containing malware, which then manages to gain access to the password for a cryptocurrency wallet. In this case, the wallet is as good as gone. Malware doesn’t just get in through apps. In fact, its most likely point of entry is an email, making use of phishing tactics. In all these cases, not only will there be the theft of cryptocurrency, but a serious vulnerability will also be created, and the corporate cybersecurity of the whole company will be jeopardized.
… and this is how hacks can be avoided
No one can ensure that they will never fall prey to this kind of cybercrime, but there are certain measures that will certainly make it much more difficult.
1.- Cold wallets. Unlike hot wallets, which could be compared to the wallet you carry in your pocket, cold wallets are more like standard bank accounts. To begin with, a cold wallet is stored offline, with no kind of Internet connection. This makes accessing it much more complicated. What’s more, it will be subject to many more software security audits to avoid any kind of theft.
2.- Multisig wallets. Multisig, or multisignature, wallets require that any kind of transaction must be signed by several people along the chain. This way, although one of these people may succumb to malware or theft, as long as not all of them do, the contents of the wallet will be safe.
3.- Advanced cybersecurity. Employees in any kind of company must have sufficient understanding so as not to endanger the organization’s IT security. Employees must therefore be prudent with what they do online, and, more importantly, with how they manage their emails: they must be sure not to download files without checking that they are safe; they mustn’t accept any requests if they aren’t sure that the person writing is who he says he is; they must have an action protocol to be able to communicate any incident or danger to someone in charge of cybersecurity. If we add to this an advanced cybersecurity solution, such as Panda Adaptive Defense, our company will be much better protected from cybercriminals.
The trend, therefore, is clear. As cryptocurrency environments become more popular, the possibility of theft also increases. For this reason, both individuals and companies must take appropriate steps to protect their security in the face of cybercrime.