$1bn of the cryptocurrency stolen from exchanges last year was the work of two hacking groups, according to a report on cryptocurrency.
Chainalysis, which tracks cryptocurrency movements for forensic investigations, revealed the figures in its Crypto Crime Report. Exchanges, where cryptocurrency owners routinely hold their funds, are the most lucrative target for hackers, the report said.
The $1bn stolen by the two groups represented around 60% of all publicly disclosed hacks, the report added.
The groups had different motives, according to Chainalysis. “We suspect that one of the prominent hacking groups, which we’ll refer to as group Alpha, is a giant, tightly controlled organization partly driven by non-monetary goals,” it said, adding that this was the most sophisticated of the two groups. “They appear as eager to create havoc as to maximize profits.”
Alpha moves its stolen funds early and often to cover its tracks, funnelling pilfered coins through up to 15,000 addresses in one case. It cashes out 75% of its stolen funds in 30 days or less.
Conversely, the Beta group was less organized and completely focused on profit. It relies on fading attention rather than active obfuscation when recovering its coins, often leaving them for up to 18 months before cashing out by selling coins via another exchange.
The two groups stole $90m per hack on average, according to the report. “As other exchanges tend to be the main cash-out point, the industry can chip away at the success of these sophisticated hackers through greater coordination,” it added. Chainalysis is working with exchanges to help them identify transactions involving coins stolen from other exchanges.
Exchange hacking is rife in the cryptocurrency world. Just this month, hackers hit New Zealand-based exchange Cryptopia in what appeared to be an ongoing situation that caused it to suspend trading. In September, Japanese exchange Zaif lost $59m in cryptocurrencies after an attack.
The topic of Threats, Exploits and Vulnerabilities will be covered throughout the free-to-attend conference at Infosecurity Europe in London from 4-6 June. See all the talks on Threats, Exploits and Vulnerabilities here. Infosecurity Europe is the leading European event for information and cyber security; find out more and secure your free visitor badge.
