In the first half of 2024, the world of cryptocurrency faced significant challenges as hackers managed to double their illicit gains compared to the previous year. According to blockchain analysis firm TRM Labs, $1.38 billion was stolen by hackers from January 1 to June 24, a substantial increase from the $657 million reported during the same period in the previous year. This surge in crypto theft was primarily driven by a few major attacks, with the top five incidents accounting for 70% of the total stolen funds.
Key Methods of Attack
The primary methods employed by hackers in these attacks were breaches of private keys and seed phrases. Seed phrases, which are collections of random words used to access and recover crypto wallets, became a significant target. The largest heist of the year involved the theft of $300 million in bitcoin from the Japanese crypto exchange DMM Bitcoin. Hackers used stolen private keys or engaged in address poisoning, a tactic where they trick users into sending funds to the wrong wallet by sending a small amount of cryptocurrency from a wallet that looks similar to the legitimate one.
Consistent Security Challenges
Despite these alarming figures, TRM Labs noted that the overall security landscape in the crypto ecosystem remained largely unchanged. The attack methods and frequency of incidents were consistent with previous years. However, the increase in the average value of cryptocurrencies earlier in the year may have amplified the financial impact of these thefts. Cyberattacks on cryptocurrency firms have become a common occurrence. For instance, in November, the HTX exchange and Heco Chain, both associated with Justin Sun, suffered a loss of $115 million. The infamous collapse of the Mt. Gox exchange in 2014, which resulted in the loss of up to 950,000 bitcoins, continues to highlight the vulnerabilities within the industry.
Recommendations for Crypto Firms
To combat these threats, TRM Labs recommends that cryptocurrency businesses conduct frequent security audits and implement robust encryption measures. Additionally, comprehensive employee training programs and a well-prepared crisis response strategy are essential to protect against potential breaches. ATYXIT, a Chicago based business technology company, recommends that all businesses conduct security audits and implement cyber security strategies and training.
Notable Historical Hacks
The cryptocurrency sector has witnessed several high-profile hacks over the years. In March 2022, the largest crypto hack on record occurred on the Ronin network, which supports the popular Axie Infinity blockchain gaming platform. Hackers made off with $625 million in Ethereum and USDC, involving approximately 173,600 ETH and $25.5 million USDC. U.S. authorities attributed this heist to the Lazarus Group, a hacking organization backed by North Korea.
Legal Actions Against Hackers
In related developments, two Russian nationals faced charges for hacking into a company’s system in the Philippines and stealing XRP cryptocurrency valued at approximately $5.8 million. The Department of Justice charged these individuals, who were former advisors to Coins.ph, with multiple criminal offenses. Coins.ph is involved in remittance, money transfer, foreign currency exchange, and other financial services. In another case, a former compliance officer from Crypto.com in Singapore was charged with extortion and money laundering in Malta. The individual, Jose Luis Alonso Melchor, allegedly used his position to access confidential corporate information and attempted to extort the company for compensation after his dismissal. Following his arraignment, the court denied his bail application, citing him as a flight risk, and imposed a €2 million frozen order.
Conclusion
The first half of 2024 has underscored the persistent threat of cybercrime in the cryptocurrency sector. With hackers doubling their loot compared to the previous year, the need for robust security measures and vigilant oversight has never been more critical. As the industry continues to grow and evolve, both companies and regulators must work together to protect digital assets and maintain trust in the burgeoning world of cryptocurrency. Businesses should spend more resources on preventative measures to prevent their funds or business secrets being stolen by hackers.
ATYXIT is a security-first Business IT Solutions Provider and Chicago Cloud Provider. We excel in supporting and evolving company networks. Our technical support, technology consulting, project management, cyber security and IT strategy services make us the ideal IT resource for local small and medium sized businesses.
Reach out today if you need any assistance with your business technology!