Americans are the main targets for cryptocurrency-related hacks, according to a study by Group-IB, a Russian-based computer forensics and information security firm. The study used data leaks from cryptocurrency exchanges. Its findings were published in a report titled “2018 Cryptocurrency Exchanges-User Accounts Leaks Analysis.”
According to the report, 2017 saw a 369 percent increase in “compromised login data” hacks over 2016. In January 2018 alone, Group-IB found 212 leaks of login data – an increase of 689 percent to the average monthly leaks experienced throughout 2017.
The study states that the cybercriminals’ “Command and Control” (C&C) servers (centralized machines that send commands and receive outputs of machines part of a botnet) are largely located in the USA, the Netherlands, Russia, and the Ukraine. Not surprisingly, these are the countries most targeted by hackers. The study also says that one third of cryptocurrency-related cyberattack victims were Americans.
The report says that the dramatic rise in hacks is partly due to excitement about cryptocurrencies: simply, a larger field of potential victims. By the end of 2017, the second-most popular global news topic was ‘Bitcoin’ and “How to buy bitcoin” was among the top three search queries in Google.
The increased criminal activity is also due to the ever-growing and adapting sophistication of the tools used. Hackers have “adapted patterns of attack” used on traditional banks to digital asset exchanges.
Crypto exchanges have reportedly suffered “account leaks” that resulted in financial losses totaling $80 million. The report studied compromised accounts in popular crypto exchanges Bithumb and CEX.io, and identified over 50 active botnets and malware that retrieves authorization and login credentials. Increased interest put a strain on crypto exchange resources; and while the exchanged struggled to keep up with exploding registration numbers, their focus shifted onto customer onboarding and away from information security.
The primary reason for the relative ease of the hacks was lack of two-factor authentication (2FA) options on the platforms, as well as the use of simple, basic passwords. Ruslan Yusufov, Director of Special Projects at Group-IB, believes the crypto industry needs to learn from its mistakes and adapt quickly to protect itself and its customers.
“Increased fraudulent activity and attention of hacker groups to crypto industry, additional functional of malicious software related to cryptocurrencies, as well as the significant amounts of already stolen funds, signals that the industry is not ready to defend itself and protect its users,” Yusufov said.
What can you do to protect yourself? Group-IB recommends:
- Use separate passwords for different exchanges (and use complex passwords)
- Enable the 2FA option
- DO NOT use public Wi-Fi to carry out exchange transactions.
Group-IB urges crypto exchanges to make 2FA mandatory for all users, conduct regular and frequent security audits, and promote internal awareness around personnel security.