Crypto Thefts, Scams On The Rise Finds New Research

Crypto Thefts, Scams On The Rise Finds New Research

By Diana Ngo - min read
Updated 22 May 2020

Thefts and scams are plaguing the crypto space, which saw US$1.7 billion worth of cryptocurrencies being stolen and scammed in 2018, a sharp increase despite a slump in the market, according to the CipherTrace 2018 Q4 2018 Cryptocurrency Anti-Money Laundering Report.

Theft from cryptocurrency exchanges accounted for the majority of last year’s criminal activities with more than US$950 million being stolen by hackers in 2018, representing 3.6 time more than in 2017. Korea and Japan were home to most of the thefts, or 58% of all of last year’s cryptocurrency exchanges heists, the research found.

Cryptocurrency thefts from exchanges and infrastructure since 2016, CipherTrace
Cryptocurrency thefts from exchanges and infrastructure since 2016, CipherTrace, January 2019

Meanwhile, cryptocurrency exit scams such as fraudulent initial coin offerings (ICOs), phony exchange hacks and Ponzi schemes, generated US$725 million worth of cryptocurrencies in 2018.

One recent exit scam involved a Korean group called Pure Bit, which raised nearly US$3 million in an Ethereum ICO purported to be used to build a cryptocurrrency exchange. The founders were quick to disappear with all the funds before suddenly changing their minds and announcing plans to refund investors.

In Vietnam, a company named Modern Tech launched an ICO raising US$660 million before the team disappeared with the funds.

Cryptocurrency related crimes continue to increase despite the so-called “crypto winter.”

The cryptocurrency market continues to decline this year after loosing 84% of market capitalization in 2018, according to data from CoinMarketCap.

Bitcoin has lost 81% of its value since its peak of 19,600 USD on December 17, 2017. The cryptocurrency was trading at about 3,500 USD on February 1, 2019.

Ether has taken even a bigger hit, loosing 92% of its value between January 13, 2018 at an all-time high of 1,360 USD to now trading at around 106 USD.

Hacks and crimes remain one of the industry’s biggest challenges to mainstream adoption and acceptance by regulator with criminals continuously developing ingenious new techniques to drain millions more from user accounts and wallets, the research found.

“Cryptocurrency criminal activity continues to evolve and accelerate,” said Dave Jevans, CEO of CipherTrace and co-chair of the Cryptocurrency Working Group at the APWG.org.

“Fortunately, pending global legislation will hamstring many criminals, global gangs, and terrorist groups by greatly reducing their opportunities to launder. These tough new laws will drive bad actors to not only innovate but also flock to jurisdictions with weak regulatory oversight, as we have shown in earlier research.”

2018 saw many regulators around the world address the issue of cryptocurrencies, some taking a leadership position in regulating the space while others grappled with the complexities.

Several nations are accelerating the adoption of strict anti-money laundering (AML)/combating the financing of terrorism (CFT) requirements while others appear to be potential havens for money laundering, fraud, and tax evasion, the report notes.

Global Cryptocurrency AML Timeline, CipherTrace, January 2019
Global Cryptocurrency AML Timeline, CipherTrace, January 2019

Among the top 10 trending crypto threats, the CipherTrace research mentions SIM swapping, an identity theft technique that takes over a victim’s mobile device to steal credentials and break into wallets or exchange accounts; crypto dusting, a new form of blockchain spam that erodes the recipient’s reputation by sending cryptocurrency from known money mixers; shadow money service businesses (MSBs) where unlicensed MSBs bank cryptocurrency without the knowledge of host financial institutions; next-generation crypto mixers, or money laundering services that promise to exchange tainted tokens for freshly mined crypto, but, in reality, cleanse cryptocurrency through exchanges; mail extortion and bomb threats where mass-customized phishing email campaigns by cyber-extortionists use old passwords and spouse names to demand bitcoin; and crypto robbing ransomware, where malware distributed by cyber-extortionists empties cryptocurrency wallets and steals private keys while holding user’s data hostage.