According to a report by US blockchain forensics firm CipherTrace, crypto asset exchange platforms have already lost $1.2 billion in the first three months of 2019. This represents a substantial increase from last year.
Hackers make light work of compromising the often inadequate security precautions implemented by crypto exchanges. Those responsible also frequently make off without detection and funds are incredibly difficult to recover.
CipherTrace: Crypto Asset Thefts on Track to Smash 2018 Figures
As reported in the Nikkei Asia Review earlier today, incidents of crypto asset theft from digital currency exchanges are well on track to dwarf those seen in 2018. Whereas the whole of last year had around $1.7 billion stolen from exchanges, in just the first few months of 2019 there have been $1.2 billion stolen.
Already in 2019 $1.2 billion has been stolen from cryptocurrency exchanges.
Given that the figures presented by CipherTrace only cover January to March of 2019, and in May one of the industry’s largest names, Binance, had around $40 million taken by cyber criminals, it seems highly likely that the figures for the end of 2019 will be far higher than the $1.7 billion reported last year.
The exchanges hacks frequently involve private keys and passwords of hot wallets being taken by criminals using malware distributed throughout the companies’ computer systems via emails.
Even when more advanced security precautions are taken, hackers can often make off with funds. Last Tuesday, Genki Oda of Bitpoint Japan, commented on the firm’s own recent compromise:
“We encoded our secret keys to make them unusable if they are stolen, but they were decoded.”
Once the attacker has the password and the hot wallet’s private key, they can simply send the contents to wallets under their own control. Although transactions made using blockchain-based digital currencies are all posted to a digital public ledger, criminals can make use of elaborate coin mixing services to eventually disappear into a sea of other transactions. This makes recovery of funds very difficult.
In fact, although the UN Security Council stated in March that it strongly believed North Korean hackers to be involved with a reported $571 million theft from crypto asset exchanges, it has been unable to recover any of the missing assets and the identities of those behind other high profile attacks remain a mystery.
Hacks Reflect Weak Exchange Security, Not That of Digital Assets
The ever-increasing incidents of exchange compromises serve once again to highlight the need for cryptocurrency users to observe good security practice themselves. Chief amongst the precautions they can take for themselves is to store their crypto holdings in an appropriate cold storage wallet that they themselves possess the private keys to. If your private key has never been online then it simply cannot be stolen digitally.
Not only do cold wallets protect crypto users from exchange security compromise, they also allow for users to make use of the more revolutionary qualities of digital assets – truly permissionless value transfer. If you need to request a withdrawal from Coinbase, Binance, or another exchange to send money, you really are not using crypto to its full potential.
Related Reading: What Can We Learn From Bitcoin’s Birthday Bank Run?
Featured Images from Shutterstock.