Crypto Hackers work as a big company every year

7 years ago - Published in Fintech Land

Digital currencies and the software developed to track them have become attractive targets for cybercriminals while also creating a lucrative new market for computer-security firms. In less than a decade, hackers have stolen $1.2 billion worth of Bitcoin and rival currency Ether, according to Lex Sokolin, global director of fintech strategy at Autonomous Research LLP. Given the currencies’ explosive surge at the end of 2017, the cost in today’s money is much higher.

It looks like crypto hacking is a $200 million annual revenue industry,” Sokolin said. Hackers have compromised more than 14 percent of the Bitcoin and Ether supply, he said. All told, hacks involving cryptocurrencies like Bitcoin have cost companies and governments $11.3 billion through lost potential tax revenue from coin sales and illegitimate transactions, according to Susan Eustis, chief executive officer of WinterGreen Research. The blockchain ecosystem – the decentralized ‘distributed ledgers’ that track crypto transactions – is also vulnerable.

Many blockchains started as forks that diverged from existing crypto ledgers, and as Taiwanese security researchers have pointed out, every fork gives hackers a new way to try to falsify data. In a December 25 paper, researchers at the Institute of Electrical and Electronics Engineers outlined ways hackers can spend the same Bitcoins twice, the very thing blockchains are meant to prevent. In a Balance Attack, for instance, hackers delay network communications between subgroups of miners, whose computers verify blockchain transactions, to allow for double spending.

“We have no evidence that such attacks have already been performed on Bitcoin,” the IEEE researchers said. “However, we believe that some of the important characteristics of Bitcoin make these attacks practical and potentially highly disruptive.” A researcher from Cisco Talos, a security group, found vulnerabilities in Ethereum clients, including a bug that “can lead to the leak of sensitive data about existing accounts.” A security hole in the Parity wallet resulted in losses of $155 million in November.

Meanwhile, the report pointed to research from security group Cisco Talos, which identified Ethereum vulnerabilities that can result in leaks of sensitive account data.