Criminals from an organization linked to North Korea are responsible for most of the attacks. Is there salvation?
Cybercrimes related to crypto have increased in the last year and the losses from them are for 3.8 billion dollars. This is an increase of $500 million compared to 2021, which highlights the vulnerability of the crypto industry to hacker attacks. Chainalysis, a blockchain analytics firm, has released a report titled "2022: The Biggest Year for Crypto Hackers," which details the different types of crypto attacks. The report identified the exploitation of vulnerabilities in poorly secured smart contracts and poorly secured crypto exchanges as the main reasons for the hacks that occurred. Hackers linked to North Korea are responsible for a large portion of the stolen crypto assets.
Decentralized finance (DeFi) protocols are the biggest target of attacks and crypto-hacking. DeFi is an ecosystem of decentralized financial applications built on blockchain technology, enabling the creation of open-source financial instruments. Sometimes, however, he finds an exploit (hack) that can ruin the specific Defi protocol and drain the funds of users who "locked" their crypto in it. In 2022, several DeFi protocols were hit, resulting in significant losses for users.
Other blockchain protocols, such as those used for non-fungible tokens (NFTs), are also vulnerable to attacks. The growing popularity of NFTs led to the creation of new smart contracts and markets in that hackers also had an interest. In 2022, several NFT markets discovered vulnerabilities the hard way, resulting in the loss of millions of dollars worth of crypto.
Centralized cryptocurrency exchanges are also a prime target for hackers due to the large amounts of funds stored in them. Several exchanges suffered security breaches in 2022, leading to crypto losses. There is a need for better security measures and regulation in the crypto industry when it comes to centralized exchanges. In response to the rise of crypto-hacking, there has been a push for greater adoption of decentralized exchanges (DEXs), which operate without the need for a central authority. DEXs are more secure than centralized exchanges because they do not store users' private keys, which are needed to access their wallets. DEXs also use a KYC-free system, meaning anyone can join and use the platform.
Phishing attacks continue to be the most common form of crypto hacking, with hackers creating fake websites or social media accounts to trick users into giving up their private keys or other sensitive information. These types of attacks are evolving and becoming more sophisticated, with hackers using social engineering techniques and creating highly convincing scams to trick unsuspecting victims. Such are the oft-used AI-generated videos of tech industry leaders like Mark Zuckerberg and Elon Musk just wanting to "double the money you sent them"…
North Korean hackers are breaking their own records
Hackers linked to North Korea, such as those in the cybercrime syndicate Lazarus Group, have been the most successful cryptocurrency thieves in the past few years. In 2022, they broke their own theft records by stealing around $1.7 billion worth of cryptocurrency through several consecutive hacks, according to data from Chainalysis.In 2021, they steal 428 million dollars, and in 2020 - 299 million dollars. For comparison, exports of goods from North Korea in 2020 amounted to a value of 142 million dollars, so it could be that crypto-hacking is a significant part of the country's economy in isolation. Some of the West's biggest concerns are that the stolen assets are used to finance military projects.
According to a United Nations report shared by the BBC, the North Korean government is using these stolen resources to fund its nuclear weapons programs.
Of the total stolen for the entire year, $1.1 billion came from DeFi protocol hacks, making North Korea the driving force here. State-affiliated hackers send much of what they steal to other DeFi protocols. But not because these protocols are effective for money laundering, but because DeFi hacks often lead to the acquisition of large amounts of illiquid tokens that would lose a huge portion of their value if hackers tried to sell them all at once.
So they turn to DEXs (decentralized exchanges) to exchange them for more liquid assets that they can use with crypto mixers. It is to them, in addition to DeFi protocols, that hackers tend to send large sums because, through the proper use of mixers, the stolen crypto becomes practically untraceable.
How does crypto money laundering work?
The blockchain is anonymous, and the identity of the holder is hidden, but the tracking of transactions is not, which means that every transaction that is made on the Ethereum blockchain for example is public. When a user wants to withdraw their money, through a centralized crypto exchange, the exchange can link their wallet and their funds, and if asked by government authorities to share the information of who owns the funds in a particular wallet, the exchanges rarely refuse. This is where crypto mixers come in.
Tornado Cash is the most famous crypto mixer and was sanctioned by the US Department of the Treasury's Office of Foreign Assets Control (OFAC) on August 8, 2022, that its protocol allowed hackers to launder $7 billion in cryptocurrency since its launch in 2019. Two days later, on August 10, 2022, its creator Alexey Pertsev was arrested in Amsterdam on suspicion of "participation in concealing criminal financial flows and facilitating money laundering by mixing cryptocurrencies through the decentralized Ethereum mixing service Tornado Cash".
Since then, the Tornado Cash token has fallen from around $23 to a low of $4 and has recovered in recent weeks to around $9 per token. Despite the recovery of the token price, the number of transactions is far from what it used to be, and this, as well as misuse, due to ignorance, misunderstanding or haste, can compromise the functionality of the service. While Tornado Cash and other mixers may be used by some people only as a legitimate way to protect their privacy, someone governments believe it encourages illegal activity and bans their use by mandating the ban on wallet services, that have used certain smart contracts and the funds are blocked.
Cryptomixers are services designed to increase the anonymity of cryptocurrency transactions. They work as a user sends his cryptocurrency to the mixer's address, then he uses that cryptocurrency to combine it with other users' cryptocurrency. The mixer then sends the mixed cryptocurrency to a new crypto wallet, usually with a small fee deducted for the service. As blockchain tracking technologies are advancing extremely fast, for a crypto mixer to be successful, it must have as many transactions as possible.
Sinbad is a relatively new bitcoin mixer that began advertising its services on the BitCointalk forum in October 2022. A blockchain investigation revealed that hackers linked to North Korea were using it to launder some of the crypto stolen from the Axie Infinity hack. Between December 2022 and January 2023, hackers linked to North Korea sent a total of 1,430 bitcoins worth approximately $24.2 million to the mixer. Last year we witnessed the first-ever seizure of funds stolen by hackers linked to North Korea, when US agents recovered $30 million worth of crypto stolen from the Axie Infinity blockchain game hack, Chainalysis also points out in its analysis.
How to protect your funds from crypto hacks?
No matter what you do, you cannot be 100% sure that your crypto funds will never be stolen one way or another. But if you follow certain rules, the chance of losing your funds is reduced to an absolute minimum. Let’s start with some of the security basics:
- Use as few centralized exchanges and other centralized players as possible and rather use DeFi projects.
- Still, you would need to have an account in a centralized exchange in order to buy crypto with fiat. Make your password as hard to break as possible, and add all possible security methods like 2FA, and others.
- If you don't intend to actively trade it, don't keep your cryptocurrency on a centralized exchange.
- Protect your "seed phrase," a sequence of words that enables a user to access all assets in a crypto wallet. Newcomers to crypto are frequently fooled to put their seed word phrase into what they believe to be a legit website, but which is actually a fake phishing copy of the original site.
- While making cryptocurrency transactions, use a Virtual Private Network (VPN) to encrypt your payment information.
What are the risks in DeFi projects?
Those that are maximally decentralized carry smart contract risk. That is, hackers could find a possible loophole in the code that they could use to siphon the funds of users who are on the protocol. When choosing a DeFi project to invest in, be sure to DYOR and check:
- Who are the people behind the project? What are their reputation and past experience? Are they public figures or are they hidden behind pseudonyms?
- How long has a protocol been in operation? The longer, the better chance he has of being safe.
- Are there any audits and if so by which auditors? Some of the auditors have a much better reputation than others.
- Do they have detailed User Docs? In which you can find details about how the protocol works. What are the protocol data/statistics? You can use tools like DeFi Llama, Token Terminal, Etherscan, and others to make sure everything looks okay.
Want to Keep Reading?
- How to stay safe from crypto exchange bankruptcies?
- Offshore Crypto Wallet: What the Crypto-Rich Know That You Don't!
- OpenSea Trust Wallet Guide
- What Is Gas in Cryptocurrency? Gas Fees Explained
- Halal Cryptocurrency List: Do's & Don'ts of Islamic Crypto Investing
Want to know how you can support Crypto Fireside?
Sign up below. It's free, it's easy, and it allows you to comment and join the discussion 🔥!