MOSCOW, Russia–Cryptocurrency exchanges over the last two years have been hit with $882 million in stolen funds, according to cybersecurity firm Group-IB here.
The company is projecting that figure will only grow in the coming years as veteran groups of hackers, such as Cobalt, Silence and MoneyTaker, which appear to be operating from Russia, as well as North Korea's Lazarus group, pay even more attention to the exchanges and initial coin offerings, according to Group-IB. The company said the hackers are turning some of their attention away from banks to attack the more lucrative—and far more difficult to be tracked—cryptocurrency exchanges.
Surprisingly, according to Group-IB, the cryptocurrency exchanges are falling victim to a simple and old-style attack: phishing emails that trick people into revealing credentials or installing malware.
‘Impossible to Recover’
Many of the losses that have hit cryptocurrency exchanges have been well documented, such as the $361 million loss from an attack on Mt. Gox in 2014, for which one Russian man was indicted in 2017. The man, Aleksandr Vinnik, remains in jail in Greece as the U.S. seeks extradition. In January of this year, CoinCheck, another Japanese exchange, had $530 million stolen by hackers.
What is especially appealing to hackers about cryptocurrency exchanges is most virtual currency transactions are irreversible, meaning after an attacker obtains the funds, the tokens are impossible to recover unless the holder voluntarily returns them. They can also be difficult to trace, while other virtual currencies, such as bitcoin, can be traced using the blockchain.