We all know that the main idea of cryptocurrencies is anonymity and full personal control over finances without the interference of banks and the state. And yet, this does not exclude the fact that in order to store and increase our assets, we have to turn to the help of third parties, which are crypto wallets and exchanges. It is the vulnerability of these third parties that most often becomes the cause of hacker attacks.
In the article, we will recall the most famous cases of crypto scam, analyse its causes and mechanisms, and also we'll tell you how to protect yourself from scammers.
The latest news from crypto hackers' life
In 2022, the attackers managed to steal about $2 billion. In the first quarter, there were 79 hacker attacks, during which $1.2 billion worth of cryptocurrency was stolen. The second quarter was even more successful: the number of attacks increased to 96, but the amount of stolen funds, on the contrary, almost halved and reached $670 million.
2022 was a really happy year for scammers. A new hacking DeFi protocol method of theft became full-blown. The main related incidents are the breaking of the Ethereum sidechain Ronin, which enriched hackers by more than $620 million, and the cracking of the Wormhole protocol by $320 million.
And more recently, the crypto world was shocked by the news of another major attack. On August 3, an assault was made on the Solana blockchain. The company reported that the hackers' raid affected almost 8000 wallets, including Slope, Phantom, Solflare and Trust Wallet. Criminals withdrawn SOL tokens, various NFTs, as well as more than 300 types of tokens based on the Solana blockchain from wallets. The total amount of damage reached $5.8 million.
According to representatives of the organisation, it was not possible to establish the exact cause of the attack, but they are sure that there was an error in the software of the wallets, but not in the Solana system itself. Later it turned out that all transactions were signed by the legitimate owners of the wallets: it turns out that hackers somehow gained access to the private keys.
Large-scale thefts in the history of the crypto world
With the development of the industry, the size of thefts committed by crypto scammers reaches incredible amounts. Criminals withdraw millions of dollars from users' accounts and often go absolutely unpunished. Let's remember the biggest thefts on crypto exchanges:
🥇 Poly Network. The attack on the Poly Network was carried out by an unknown hacker in August 2021. He was able to detect a weakness in the protocol system and withdrew assets worth $610 million. Unfortunately, the attacker failed to escape, and after long negotiations with representatives of the platform, he returned part of the stolen sum. In exchange, he received $500 thousand from Poly Network and an offer to work for the company.
🥈 Coin check. During a hacker break-in in January 2018, the Japanese company Coin check lost its NEM tokens in the amount of $532 million. The weak point of the platform was the assets stored on hot wallets connected to the server. However, the attackers could not fully enjoy the success of the operation, because the value of coins after the attack fell by 80%.
🥉 MT Gox. The funds were leaked for three years, from 2011 to 2014. This was the first large-scale hacking of the exchange in crypto history. Hackers managed to steal 850,000 BTC ($470 million). To date, this is the largest theft of Bitcoin for the entire existence of the cryptocurrency. After the robbery, the MT Gox exchange could not continue to function and was soon liquidated.
🏅 Wormhole. The Wormhole platform is a connecting bridge between Solana and other decentralized networks. On February 2, 2022, crypto scammers hacked it and stole about 120 thousand wrapped Ethereum worth $326 million. Wormhole had to suspend the service until the investigation of the cyberattack was completed.
🎖 Ku Coin. In September 2020, hackers gained access to the hot wallets of platform users and withdrew $281 million worth of ETH, BTC, BSV, Litecoin, XRP, XLM, TRX and USDT. North Korean hackers are considered to be the culprits of the attack.
The main secret of scammers' success
With the development of the cryptosphere, cybercriminals inevitably improve their skills. They find new weaknesses in the systems and increase the amount of theft.
👛 The simplest, but, nevertheless, still one of the most popular types of scam are fake crypto wallets and other applications for working with cryptocurrency. Hackers create programs that look similar to popular official services.
Inexperienced users do not notice the substitution and begin to actively use, for example, the wallet. After a while, when a sufficient amount is collected on the account, hackers simply withdraw funds. Such transactions are almost impossible to cancel, which means it will never be possible to return the stolen funds.
🎣 Another popular method of theft is phishing, that is, an attempt to get users' personal data to steal assets. There are many types of phishing on the Internet: these can be fake emails and messages, links and websites. In any case, the scammers will offer the crypto owners to enter their credentials, passwords and seed phrases, taking possession of which, they can easily empty any wallets.
The main secret of fraudsters' success lies in the choice of victims: most often it falls on inattentive and inexperienced users who do not even immediately notice the loss of assets. We strongly advise you to choose only proven services when working with cryptocurrency. Always look for real reviews on the platform, check its legality and never tell anyone passwords and seed phrases.
Hundreds of hacker attacks occur every year, during which attackers manage to steal multimillion-dollar assets. Major attacks are difficult to classify, because hackers find different weaknesses at each website. Here are some examples.
🎯 The very first hacking of a large cryptocurrency system occurred in 2010. Then hackers attacked the Bitcoin blockchain and withdrew in total 184 billion BTC. The attackers took advantage of a vulnerability in the system, which was subsequently eliminated by the developers.
💌 In 2015, there was a major attack on the Bitstamp crypto exchange. The attacker had stolen more than $5 million from the accounts. He distributed emails with malicious code among the exchange's employees until the message reached the system administrator and gave the thief access to Bitstamp wallets.
👾 In addition, in the history of the crypto world, theft has occurred many times as a result of ICO attacks. Most often, hackers replace the wallet data to collect investments to the addresses of their wallets and get all the depositors' funds.
Even large cryptosystems cannot give their users a 100% security guarantee. The main secret here is that there is nothing perfect, and even the most reliable site can have a weak spot. There can be only one piece of advice here: always think carefully about any investment in cryptocurrency and invest only free money, the loss of which will affect your budget insignificantly. The only thing that investors can count on is the integrity of the exchange's representatives. In most cases, large and well-established companies in the market are trying to fully or at least partially return to their customers the funds lost due to the fault of the developers.
Deal with the Devil, or why do criminals return the loot
Crypto history knows a lot of cases when all the stolen assets were returned back to users. Not only the robbed sites do the return, but also the criminals themselves. It is difficult to say why this happens: someone does not fully think through the crime plan, someone is afraid of exposure and punishment, and someone even commits theft for fun, not for earnings.
Let's recall several high-profile cybercrimes, as a result of which the affected party received back everything that was stolen.
On August 9, 2022, the Cruve Finance DeFi protocol was hacked. The exploit was discovered and eliminated within an hour after the first message about the attack, but the hacker managed to steal about $570 thousand.
The stolen funds were returned to the affected users thanks to the intervention of the Binance crypto exchange, as the hacker used the exchange's accounts to withdraw assets. The Binance administration promptly froze these accounts and returned the funds back to the users almost completely.
In April 2021, a Coinbase network user became a victim of crypto hackers. He made a purchase of 200 BTC, after which he received a fake notification about blocking his wallet with a request to contact the support service by phone. During the conversation, the user provided the interlocutors with all the details of his account, allowing fraudsters to gain access to his assets. The attackers stole 200 BTC and an indefinite number of XLM tokens from the wallet.
The case caused a high-profile trial. It turned out that some of the stolen coins were transferred to the Huobi Global wallet. By a court decision, the exchange was ordered to freeze the wallet and return the assets to the rightful owner. At the time of the trial, 10.2 BTC (~ $600 thousand) was transferred to the criminals' wallet, which is only 5% of the total amount stolen.
On August 10, 2021, an unknown attacker attacked the Poly Network cross-chain protocol and withdrew more than $600 million. It was the largest theft in the history of the crypto market. The blockchain security company Snowmist conducted an investigation and found out that a hacker had exploited a vulnerability in one of the protocol's smart contracts.
The Poly Network team established the address of the attacker, which he published on his Twitter page. Literally the next day, the criminal contacted the representatives of the protocol and said that he was ready to return all the funds back, which he subsequently did. The hacker also stated that he accidentally discovered a vulnerability in the contract and committed theft for fun.
On April 18 and 19, 2020, two attacks were carried out. The first is for the Uniswap decentralised exchange, and the second is for the dForce DeFi protocol Lendf.Me. In total, the hacker withdrew assets worth $25 million. Lend job.Me had to be paused.
Representatives of dForce asked for help from the police, asset issuers and exchanges, thanks to which it was possible to mark the stolen coins. It also helped to reveal the identity of the hacker during his attempt to transfer stolen assets to a number of decentralized exchanges. The dForce administration entered into negotiations with the criminal and convinced him to return the stolen, which the attacker soon did.
🤠 During discussions around such cases, more and more versions and assumptions appear. So, recently, the opinion has become popular in the community that large cryptosystems themselves are directly related to scammers' attacks. The heroic return of stolen assets to its users undoubtedly commands respect. So why not use it to boost the reputation?
📉 Another version is that hacking systems and theft of crypto assets are committed in order to intentionally reduce the cost of some coins and, taking advantage of the opportunity, buy a large amount of ones. This theory has a smaller number of followers, since the value of the cryptocurrency may not always increase in the future and so it may not bring profit to its owner.
How not to become a victim of a hacker attack
Unfortunately, there are no guaranteed ways to secure your assets from cybercriminals, but there are some tips that will help you to reduce the risks significantly.
👛 Think over which wallet the coins will be stored on
All crypto wallets are divided into cold and hot. The difference between them is that hot 🥵 wallets are connected to the Internet and are always online, when cold 🥶 wallets do not have a connection to any of the networks and are similar in properties to ordinary flash drives, on which crypto assets are stored instead of files.
Experienced investors advise using a cold wallet to store large sums, and storing a small amount of assets for frequent use on hot ones.
🧐 Choose a crypto exchange carefully
Each of them has its own significant differences, but they are all divided into two types: centralised (CEX) and decentralised (DEX).
👨💼 CEX is an online platform designed for trading and exchanging cryptocurrencies. All private keys from the wallets of users of such an exchange are integrated into exchange accounts. The users themselves do not have access to them, and all operations are controlled by the company that manages the exchange. Such exchanges include Binance, Bybit, OKX, Currency.com , Huobi, MEXC, BitMEX, LocalBitcoins and EXMO.
🌐 DEX is a trading platform that is not subject to any regulatory authority. Such exchanges do not store user data on their services, which allows traders to independently be responsible for the security and storage of their assets. Decentralized exchanges function thanks to a distribution registry, which helps to find matches for users' requests to buy or sell cryptocurrencies and helps to conclude transactions. These include Binance DEX, IDEX, Cyber NetWork, Bancor NetWork and Waves DEX.
If we talk about protection from cybercriminals and asset security, experts advise not to keep all your assets on the servers of one crypto exchange. It is better to use third-party services for storage, and the funds should be withdrawn on the server as soon as it's needed.
🕵️ Always explore and check the projects you are joining
All official projects are absolutely transparent. Every investor has the right to receive from the administration any information of interest to him, up to the amount that other users have already invested in the startup.
It's best best to invest in projects if you are personally or in absentia familiar with the developers. You can also choose startups from large well-known companies, whose security you will be 100% sure of.
🧑💻 Be sure to check the links that you click on, especially in cases where personal data is required on the site
Very often, scammers use powerful targeted advertising in social networks and search engines or use network marketing to spread false links. Before you click on the link and enter your account details and give out all personal data, make sure that the site is really official and secure.
📑 Use only verified licensed services for the purchase and exchange of cryptocurrencies
Use only such exchange offices that give a full guarantee of transaction security, have a licence and a lot of real positive reviews. Before purchasing assets, make sure that you are working with an officially registered service.
In the cryptocurrency industry, the abbreviation DYOR is very common. It stands for «do your own research». In other words, in order to survive in the crypto world and not to fall into the hands of scammers, first of all you need to think with your own head.
This article is not an investment recommendation. The financial transactions mentioned in the article are not a guide to action. Itez is not responsible for possible risks. The user should independently conduct an analysis on the basis of which it will be possible to draw conclusions and make decisions about making any operations with cryptocurrency.