This year is poised to go down in fame as the worst in terms of cryptocurrency theft, with cybersecurity firm Carbon Black reporting a whopping $1.1 billion in stolen or lost crypto—and we’re only half way through the year.
If it’s not theft by hacking, then it’s phishing attacks and Ponzi scams, but the most worrying aspect isn’t the theft itself, it’s how easy (and cheap) it’s become to pull it off.
(Click to enlarge)
Carbon Black says there are now an estimated 12,000 marketplaces and 34,000 offerings related to crypto-theft for hackers to choose from. And the malware used to steal crypto costs about $224. Not only is it cheap, but according to the research firm, it’s also easy to do, even for those without technical skills.
The available dark web marketplace represent a $6.7 million illicit economy built from cryptocurrency-related malware development and sales.
“Our analysis of the marketplace suggests cryptocurrency related malware listings are designed to cater to unskilled cyber actors, or those looking to make a quick buck from highly vulnerable victims,” Carbon Black wrote.
The most vulnerable group in the study were crypto exchanges, which were victim to 27 percent of this year’s attacks. Businesses were the second hottest target, making up 21 percent of those hacked.
More than two million computers were estimated to be targeted by cryptocurrency mining malware attacks so far this year. But that’s probably only the tip of the iceberg since some attacks are not made public. Related: Where Is Gold Heading After Fed Rate Hike?
Geographically, the most vulnerable was the United States, as the victim of the largest number of crypto-related attacks, followed by China and the UK.
And this year’s attacks had plenty of competition for audacity, still they managed to break a new record.
The most notable heists to date include:
• The theft of 165 bitcoin mining rigsfrom BTCS at a facility in North Carolina in 2016
• The arrest by Russian security officers of several scientists working at a top-secret Russian nuclear warhead facility in Sarov for allegedly mining crypto-currencies on the job in April 2018
• The theft of nearly $50 million in bitcoin by hackers who broke into Slovenian-based bitcoin mining marketplace NiceHash in December 2017; only a day later, the stolen bitcoin was worth more than $70 million
• The hacking of the digital wallet of Japanese cryptocurrency exchange Coincheck in which nearly $530 million in digital tokens were stolen in what was likely the biggest crypto heist to date.
All of these heists spurred calls among several world leaders for regulating the cryptocurrency market, because right now, crypto buyers have no protection at all.
Unless they go underground…
The wealthy can afford underground bunkers packed with encrypted computer servers storing cryptographic keys for billions in bitcoin, courtesy of startup Xapo, which has built these new age crypto vaults on five continents, with some estimates suggesting it’s housing some $10 billion in bitcoin for the wealthy.
The bunkers house encrypted computer servers that are not connected to the internet or networked with any other external computers, and its systems store the cryptographic keys that make bitcoin real and determine ownership.
Related: Why Gold Isn’t Working As Stock Hedge
But for those who aren’t uber wealthy, crypto insurance may be one way to buy some protection, as global insurance companies seek a piece of the crypto pie.
It’s easier said, than done, though, and the options for now are limited, with Reuters noting that insurance companies are only “gingerly” testing the bitcoin business with heist policies.
A few insurance providers--XL Catlin, Chubb, and Mitsui Sumitomo Insurance—are selling crypto packages, but there are indications that others may jump on this opportunity in the near future.
“The first challenge for us was to figure out if there was a product here,” Reuters quoted Greg Bangs, head of XL Catlin’s North American crime coverage, as saying. XL Catlin now offers annual crime coverage of up to $25 million per incident.
By Michael Kern for Safehaven.com
More Top Reads From Safehaven.com: