Last year saw the highest number of cryptocurrency hacks than any of the preceding years
It was a bountiful year for Cryptocurrency hackers as far as exploiting vulnerabilities in digital exchange was concerned. Although better safeguards were put in place, the attacks remained rampant, probably in the wake of nefarious players getting smarter at breaking into these safety nets.
The silver lining out of all this that value of stolen funds dropped significantly from 2018 as outlined in the “The 2020 State of Crypto Crime” published by Chainlysis — a blockchain analysis company, which provides compliance and investigation software to the world’s leading banks, businesses & governments.
The data for the report was based on the exploitation of technical vulnerabilities and attacks on cryptocurrency exchanges only, and it did not include any exit scams or cases of users exploiting an exchange error. Also, attacks, where the stolen amount was measured & publicly confirmed by multiple sources were only included.
Below is the list of Crypto exchanges that were attacked in 2019, followed by the types of digital tokens stolen & USD value reported and the point of attack:
❶ Coinbene — 109 types of ERC-20 tokens, $105,000,000 (hot wallet)
❷ Upbit — Ethereum tokens, $49,000,000 (hot wallet)
❸ Binance — Bitcoin, $40,000,000 (hot wallet)
❹ BITPoint — (BTC, BCH, ETH, LTC & XRP), $32,000,000 (hot wallet)
❺ Bithumb — EOS and XRP, $19,000,000 (hot wallet, insider job)
❻ Cryptopia — ETH and ERC-20 tokens, $16,000,000 (tens of thousands of exchange accounts)
❼ GateHub — XRP, $ 10,000,000 (100 XRP ledger wallets)
❽ DragonEx — (BTC, EOS, ETH, LTC, USDT, XRP & others), $ 7,090,000 (hot wallet)
❾ Bitrue — ADA and XRP, $4,000,000 (hot wallet)
❿ VinDAX — 23 different cryptocurrencies, $500,000 (no details provided)
⓫ LocalBitcoins — Bitcoin, $27,000 (user accounts, phishing)

Number of Attacks & total value:
The first chart compares the number of attacks vs. the total dollar value of the digital coins stolen by the nefarious players. As I mentioned before, there were a total of 11 crypto exchange attacks, which is the highest since 2011. However, the total value of funds stolen was $282.6 million, which was paltry considering crypto exchanges lost a massive $875.5 million in 2018. More funds were actually stolen in 2014 than in 2019 — mostly due to the infamous $473 million Mt. Gox hack.

Average & Median Value per attack:
The same trend was replicated for the average & median value of funds stolen from the exchanges. The average value was the highest for 2014 when the Mt. Gox hack took place since there were only two other attacks that year. The average value of funds stolen in 2019 was only $26 million as compared to $146 million in 2018, while the median values were $16 million and $50 million respectively for these two years.

Destination of Stolen Funds:
And the final chart highlights the growing problem for crypto exchanges to stop the flow of stolen funds to these entities. From roughly 30% in 2015, these stolen funds are heading to the mainstream crypto exchanges more than 80% of the time. Illicit services & high-risk exchanges have seen their share dwindle significantly as the destination for stolen funds.
The report made notable mention of the Nation-state hacker group Lazarus — a cybercriminal syndicate most often linked to the North Korean government. Chainalysis determined that Lazarus made three changes to its nefarious activities — utilizing sophisticated phishing techniques, employing privacy techniques like CoinJoin wallets & the user of mixers and employing faster liquidations to avoid being tracked.
It is evident from the report that while privacy safeguards & safety nets put in place have reduced the ability of hackers to make away with bigger bounties, the problem of attacks is still at large & growing.
Medium | Twitter | LinkedIn | StockTwits | Telegram