As digital currencies like Bitcoin and Ethereum become increasingly integrated into mainstream business, the cyber threats targeting these crypto assets have evolved in tandem. The lure of quick, often untraceable profits has attracted cybercriminals and advanced persistent threat (APT) groups alike. APTs, often state-sponsored or state-affiliated, bring to bear resources and expertise that far outstrip those of common cybercriminals.
Exploring the Landscape of Crypto Attacks
The list of victims hit by crypto attacks is growing. Mt. Gox, once handling 70% of Bitcoin transactions globally, filed for bankruptcy in 2014 after 740,000 Bitcoins (around 6% of circulation then) were stolen. More recently, the Japanese exchange Coincheck lost $530 million in digital tokens in 2018, marking the largest theft in crypto history.
These large-scale thefts are not the exclusive domain of independent hackers. APT groups have increasingly joined the fray. The Lazarus Group, linked to North Korea, has reportedly stolen over $571 million in cryptocurrency since 2017. This is achieved through elaborate phishing schemes and leveraging highly sophisticated malware to compromise exchange security.
And it's not just exchange platforms that are vulnerable. Businesses holding large amounts of cryptocurrency are becoming attractive targets. APT 38, another group linked to North Korea, has shown a propensity for attacking financial institutions, particularly those dealing in crypto assets.
Crypto Attacks: Going Beyond the Headlines
While the Mt. Gox and Coincheck heists often headline discussions on crypto attacks, many lesser-known breaches have resulted in substantial losses. Cryptopia, a New Zealand-based exchange, suffered a $16 million theft in 2019. Closer to home, the UK-based platform Cashaa lost 336 Bitcoin (over $3 million at the time) to hackers in 2020.
APT groups like Lazarus are renowned for their stealth and sophistication. They use spear phishing techniques, targeting specific individuals within an organization to extract vital information. This often involves carefully crafted emails that mimic legitimate correspondence, tricking recipients into downloading malicious payloads or revealing sensitive data.
In one notable case, Lazarus targeted a crypto company via a job advertisement. The group sent a seemingly innocent email to the company's HR department, which included a document loaded with malware. Once opened, it gave the attackers unfettered access to the company's system.
APT 38 has been implicated in various attacks on financial institutions, leveraging their extensive knowledge of SWIFT banking systems to conduct high-value heists. Their interest in crypto assets is a worrying trend for businesses engaged in this sector.
The Weaponization of Blockchain Technology
In some cases, the blockchain technology that powers these digital currencies is being weaponized against its users. In the infamous DAO attack, an attacker exploited a flaw in the DAO smart contract to siphon off around 3.6 million Ether, roughly equivalent to $60 million at the time.
Other blockchain-specific attacks, such as 51% attacks, also pose risks. In 2018, Bitcoin Gold, a derivative of Bitcoin, suffered a 51% attack that led to double-spending of $18 million worth of the currency. While this type of attack is more difficult to execute on larger, more secure blockchains like Bitcoin, businesses dealing in smaller cryptocurrencies should be aware of this risk.
Blockchain Exploits and Defenses
Blockchain technology, while robust and secure in many aspects, is not immune to exploits. A 51% attack, for example, is a fundamental vulnerability in any Proof-of-Work blockchain. The threat is not just theoretical; it has been executed against several smaller cryptocurrencies, including Ethereum Classic, which lost over $1.1 million in a 51% attack in 2020.
However, this type of attack is currently unfeasible against larger blockchains like Bitcoin due to the astronomical computational power required. Nevertheless, businesses dealing with smaller, less-secure cryptocurrencies must be vigilant against this possibility.
Smart contract exploits are another concern. While the DAO attack is the most notorious, other incidents serve as stark reminders of this vulnerability. In 2020, two hackers exploited a flaw in the dForce DeFi protocol, draining $25 million in assets. Thankfully, unusual circumstances led to the assets being returned, but the incident highlights the importance of stringent smart contract auditing.
Robust Defenses: The Key to Crypto Security
Businesses can employ several strategies to protect their digital assets. Using hardware wallets for storing private keys adds an extra layer of security, as these devices are immune to computer viruses. Multi-signature wallets, which require more than one key to authorize a transaction, can also significantly enhance security.
Employee training is essential, given the increasing sophistication of phishing attacks. Regular, updated training can help your team recognize and respond appropriately to such attempts.
Moreover, businesses should be proactive in ensuring their chosen exchanges follow best practices in security, including cold storage of assets, insurance coverage, and regular independent security audits.
ArrowsGate: Turning the Tide in Crypto Asset Security
ArrowsGate's Blockchain Forensics service is designed to help businesses respond effectively to crypto asset attacks. Our team, equipped with the latest tools, can trace the digital footprint of stolen assets across the blockchain. Not only can this information support law enforcement efforts, but it can also inform your future security strategies, helping prevent repeat incidents.
In the battle to secure crypto assets, ArrowsGate stands as a reliable ally. Get in touch with us today to learn more about our Blockchain Forensics services, and let's strengthen your defenses against the ever-evolving threats in the crypto world.