The losses of cryptocurrency exchanges from cyber and hacker attacks in 2017 and 9 months of 2018 almost reached $1 billion. Phishing and social engineering remain the favorite and most effective tools of cybercriminals.

North Koreans are attacking

According to the cybersecurity company Group-IB, in 2017 and 9 months of 2018, 14 cryptocurrency exchanges lost $882 million due to hacker attacks. Five of those exchanges, including Coincheck, Yapizon, Coinis, YouBit, Bithumb, were attacked by Lazarus, the hacker group from North Korea, whose activities are allegedly funded and supported by the North Korean authorities. This information is stated in the annual report of Hi-Tech Crime Trends 2018, presented at the international conference CyberСrimeCon2018.

The most popular methods of hacking are targeted phishing, social engineering, malware downloads, site flaw. Using these tools, hackers manage to hack not only user accounts but also the cryptocurrency exchanges' corporate networks. For example, malicious actors send fake resumes titled “Engineering Manager for Cryptocurrency job” with the document attached “Investment Proposal.doc”, which hides a malicious program.

“Last year, we warned that hackers who can professionally execute a targeted attack, have a new goal, which is cryptocurrency exchanges,” Dmitry Volkov, technical director of Group-IB, said. “Major trading platforms suffered from organized hacker groups over the past few years, with some of them declaring bankruptcy after hacker attacks. For example, Bitcurex, YouBit, Bitgrail. At the beginning of 2018, hackers interest in cryptocurrency exchanges only intensified, so we expect such groups as Silence, MoneyTaker, and Cobalt to execute several successful hacks of cryptocurrency exchanges.”

Holes in security systems of ICO projects

ICO projects remain another favorite object of hackers, as they often do not have the necessary knowledge and skills to ensure the safety of funds raised during the crowdsale. According to Group-IB, in 2017, more than 10% of all attracted investments were stolen, and 80% of the projects did not fulfill their obligations to investors and disappeared after fundraising. Phishing remains the most popular tool for attacks on ICO: it accounts for about 56% of stolen funds.