If you follow the news regularly, it may seem to you as though a new organization in the cryptocurrency space suffers a breach every month.
But how often do crypto companies really get hacked? And why are they being attacked all the time?
Crypto Breaches: Billions Stolen Over a Period of 10 Years
First, let's take a look at some of the largest cryptocurrency hacks that took place over a period of around 10 years.
According to Investopedia, the first notable crypto-related cyberattack happened back in 2011, when a threat actor stole 25,000 bitcoins from the now-defunct exchange Mt. Gox. The same company was attacked again three years later, losing another 750,000 bitcoins.
Another massive breach occurred in 2018, when the Coincheck exchange lost 523 million NEM (XEM) coins. Coincheck somehow survived this attack, and was later acquired by the Japan-based Monex Group.
In 2021, a rather unusual cyberattack shook the decentralized Poly Network, with a threat actor stealing around $600 million worth of crypto. The threat actor later returned most of the stolen assets, and said they executed the massive heist just "for fun." That same year, Bitmart lost nearly $200 million worth of crypto in an attack.
The year 2022 was incredibly profitable for cybercriminals targeting crypto companies. In February, hackers stole $325 million from Wormhole. In a March attack that was allegedly carried out by the North Korean state-backed Lazarus Group, the Ronin Network lost around $625 million worth of digital assets. The market maker Wintermute, meanwhile, lost around $160 million worth of crypto in September. In October, Binance was attacked and lost $570 million. And one month later, FTX lost $600 million in a massive breach.
These are just some of the most notable cryptocurrency hacks that took place between 2011 and 2022. If one were to put together all breaches that occurred during this time period, the value of crypto stolen by criminals would total several billion.
5 Reasons Cybercriminals Target Crypto Companies
The real question is, why? Why do these attacks keep happening? What is it that makes crypto companies such a frequent target of cybercrime? Are they uniquely vulnerable to attacks, or is there something else at play? It's a combination of various factors. Here are five reasons cybecriminals target crypto companies.
1. Crypto Technology Is Still in Its Infancy
The world's oldest cryptocurrency, Bitcoin, was only introduced in 2009. Thousands of cryptocurrencies have popped up since then, but the industry as a whole is still in its infancy. The market is volatile, unregulated, and rife with fraud, which makes it a haven for scammers and different types of cybercriminals.
2. Crypto Is Pseudo-Anonymous
People who deal with crypto understand that most currencies are far from anonymous, but crypto is still more difficult to trace than fiat money, which obviously makes it more attractive to cybercriminals. Plus, there are ways to anonymize crypto transactions. For example, if a hacker steals bitcoin, they will likely try to cover their tracks using a bitcoin mixer, which is a type of service that obscures transactions for a fee.
3. Crypto Companies Handle Valuable Assets
Here's another obvious reason cybercriminals target crypto-focused enterprises: by default, these companies handle extremely valuable assets. Take popular crypto exchanges, for example. The daily trading volume of an exchange like Binance is measured in billions. If a threat actor were to find and exploit a vulnerability in a bridge used by the platform, they'd be able to steal millions.
4. Hot Wallets Are Vulnerable
Crypto companies use both hot and cold wallets to store customers' assets. Hot wallets are digital, online vaults, while cold wallets are physical devices that are not connected to the internet. The former are obviously far more vulnerable to cyberattacks—and no exchange can store all crypto offline.
5. DeFi Is an Easy Target
Decentralized finance (DeFi) protocols, which enable transactions and peer-to-peer lending, have turned out to be an easy target for cybercriminals. They use open-source code, so nothing stops a threat actor from analyzing them for bugs and security holes. Dozens of crypto hacks were carried out precisely because hackers exploited DeFi vulnerabilities.
What You Can Do to Protect Your Crypto Assets
Crypto technology as such definitely has certain built-in vulnerabilities, but that doesn't mean you need to sell your crypto or give up on trading. However, this does underscore the importance of securing your digital assets. So, what can you do to protect your crypto from cybercriminals?
For a start, even if you only trade on the safest exchanges, you should never keep your crypto on one. Instead, withdraw the majority of your funds to a cold wallet, or even multiple cold wallets. Ideally, you should store your wallets in secure places; for example, in a safe or a vault.
Regardless of which crypto platform you use, you should set up multi-factor authentication. Or better yet, use biometrics to secure your accounts. It goes without saying that you should always use strong and complex passwords, and change them periodically.
These measures won't help much if your network is not safe. This means that you should never access your crypto accounts on public Wi-Fi. What you should do, however, is make sure your home network is properly secured.
And whether you're a trader or just someone who has an interest in blockchain technologies and crypto, you should only deal with reputable, well-known entities and avoid random coins that have no real value, but are rather just being promoted by shady characters and scammers looking to get rich quick.
In general, it is a must to maintain cybersecurity hygiene. This entails installing strong anti-malware software, staying away from fishy websites, double-checking emails from unknown addresses, using secure software, and regularly updating all systems.
Stay Safe in the Crypto Space
Critics dismiss cryptocurrency as a scam, claiming that the market is essentially nothing but a bubble waiting to burst. Proponents of crypto, on the other hand, contend that digital currencies could democratize finance.
Whether you fall into one of these two camps or somewhere in between, you should familiarize yourself with cryptocurrency-related cybercrime in order to stay safe online.