In recent years, over a billion dollars in cryptocurrency has been stolen from the accounts of users of cryptobirth. In this article we will look at the 5 most high-profile and significant hacks that shook the crypto-community and the main strategies of the attackers. The purpose of this article is not to scare you or convince you of the vulnerability of cryptocurrency assets, but, on the contrary, to clearly illustrate why such attacks occurred and how to secure your savings as much as possible.
1. Mt. Gox
- Date of attack: June 2011 and February 2014
- Stolen: 2609 BTC | +750,000 BTC
The most famous and sensational attack was made on Japan's Mt.Gox crypto-exchange, operating since 2010, which is at that time the largest Bitcoin exchange that processes more than 70% of Bitcoin operations in the world.
It is rarely mentioned that the exchange was attacked not once, but twice and, without looking at the fact that the stolen sums differ significantly, both attacks are very indicative for further discussion, therefore we will consider them in more detail.
The first attack was carried out in June 2011. Hackers managed to gain access to an account with auditor access, as a result of which they gained access to a database of exchange users consisting of names and hashed passwords, as well as more than 2,600 BTC.
The second attack occurred in February 2014, when more than 750,000 BTC disappeared from user accounts. The owner of the exchange, Mark Karpeles, said that the attackers managed to find and use the vulnerability in one of the protocols.
After these events, Mark Carpeles announced the bankruptcy of the exchange. Announced a process to recover damages to former customers of Mt.Gox. The lists for reimbursement promise to review until the end of January 2019 and, presumably, the reimbursement plan will be drawn up and approved within a month.
- Date of attack: January 2018
- Stolen: 523,000,000 NEM
In our list, this is the only embezzlement of cryptocurrency assets that occurred not in the BTC Coins, but in the New Economy Movement (NEM). Which, however, did not prevent him from becoming the second in terms of damage in dollars - the losses of users of the Japanese cryptocurrency exchange amounted to more than $ 534 million.
In this case, the hackers again managed to gain access to the “hot” wallet and withdraw funds from it. The experts, reviewing the incident, also refer to Japan’s problems in the field of cyber security. On the one hand, firms have better software, consulting and auditing services, but, on the other hand, responsible employees ignore simple security measures: operating systems are not patched in time, the firewall is not updated after initial configuration, and system backups are not tested.
Coincheck announced their willingness to pay damages and provided a plan for damages, which is valid from March 2018. In connection with the events described, Coincheck was sold to the Japanese brokerage firm Monex Group for $ 33.5 million.
- Date of attack: August 2016
- Stolen: 120,000 BTC
The second in terms of the amount of funds stolen in bitcoins, the attack was made in the summer of 2016 on the Hong Kong-based Bitfinex exchange. 120,000 BTC, which then cost $ 72 ml. dollars were stolen.
In 2016, the majority of exchanges used “hot” wallets, the funds of users which are stored in the network, for carrying out exchange operations, which leads to increased security risks. Bitfinex also found a way to protect its users and the way to improve security by entering into a partnership with BitGo in 2015. Collaboration involves using multi-signatures to confirm cash transactions. The system perceived the transaction as legitimate if it was confirmed by three keys, two of which were stored on Bitfinex servers, and BitGo was responsible for keeping the third one.
Thus, it was assumed that BitGo acts as an additional layer of security and you can get rid of the need to store funds in “cold” or offline wallets.
The idea looked great: to increase the speed of transaction processing, without sacrificing security. No matter how ironic it may sound, this is precisely the approach that provided hackers with a loophole to steal funds. The attackers managed to bypass the BitGo computational algorithm and, after attacking the Bitfinex servers, approve the illegal withdrawal of more than 120,000 BTC.
It is worth mentioning that Bitfinex took measures to compensate for the damage by issuing BFX tokens. The victims could convert them to USD, slowly but surely recovering the stolen funds.
Bitfinex continues to work and is currently one of the most liquid cryptobirds in the world.
- Date of attack: January 2015
- Stolen: 19,000 BTC
Another attack occurred in January 2015 on the exchange registered in Slovenia. Bitstamp was founded in 2011 as an alternative to Mt.Gox, but, unfortunately, also could not resist the attack of hackers. The amount of funds stolen at that time was equivalent to $ 5 million.
It is worth noting the nature of the attack, which became known later. According to the investigation, a massive phishing attack was made on the company's employees. The purpose of this type of attack is in any way to force the user to open the received electronic file on the corporate computer. The user is sure that he opens a long-awaited e-mail or looks at a picture of a cat on the network, but at the same time, the malware is already starting to steal data from the company's servers.
Bitstamp was able to recover from the damage (first of all, reputational damage) and continue its activities. Currently, the security system has been reworked and uses a multi-signature algorithm to confirm transactions.
- Attack date: September 2012
- Stolen: 24,000 BTC
In 2012, attackers managed to kidnap about 24,000 BTC from BitFloor users.
According to reports, hackers gained access to a backup copy of the keys to the “hot” wallet, which was created during the next update of the system.
BitFloor managed to compensate users for the losses, however, soon the exchange was closed due to a request from the US banking regulator to stop any trading operations.
Examples show that attackers use two methods of embezzling funds: hacking a protective algorithm and social hacking.
To protect your savings in a cryptocurrency, it is important to remember about such incidents and not to disdain storing funds on a cold wallet in favor of transaction processing speed and competently diversify funds in vaults. No matter how advanced the protection algorithm is: you can hack it, or people working with it.