A research which studied user data leaks from cryptocurrency exchanges has revealed that Americans are the main targets for cryptocurrency hacks.
The study was conducted by Group-IB, a Russian based computer forensics and information security firm, who revealed their findings in a report titled “2018 Cryptocurrency Exchanges-User Accounts Leaks Analysis.”
The firm revealed that in 2017, the number of "compromised login data" increased by 369 percent in comparison to 2016, while in January 2018 alone, there were 212 leaks of login data, which represented an increase of 689 percent to the monthly average experienced in 2017.
The report credits the excitement about cryptocurrencies as a significant factor in the increase of incidents "against the monthly average of 2017." According to the study, the three major countries that are targeted the most by hackers are the United States, Russia, and China. It also revealed that one in every three victims were Americans.
The report says cryptocurrency exchanges have suffered series of hacks due to the sophistication of the tools used. Hackers have now "adapted patterns of attack" used on banks on digital asset platform, which makes them quite vulnerable.
According to the researchers, crypto exchanges have suffered cyber attacks that have resulted in financial losses totaling $80 million through "account leaks" on exchanges. Group-IB says it has identified "at least 50 active botnets" responsible for the leaks and it says the hackers infrastructure spreads across the globe, with the majority based in the United States and the Netherlands. It names popular malicious software such as Pony Formgrabber—a malware that works by retrieving authorization and login credentials.
According to Group-IB, the compromised accounts used in their study featured users of popular exchanges such as Bithumb and CEX.io.
Crypto Interest Related to Increase in Hacks
There is a direct relationship between the growing interest of cryptocurrencies and the number of crypto hacks, claims the experts at Group-IB. Towards the tail end of 2017, the second most popular topic in Global news was 'Bitcoin' and the search query 'How to buy bitcoin' made it into the TOP-3 most searched query in Google.
The Experts of Group-IB believes the sudden interest in bitcoin contributed to the increase in compromised accounts from December 2017 to January 2018. While exchanges such as Binance were struggling to keep up with registration, the focus shifted away to customer onboarding, as information security was neglected.
The report cited the lack of two-factor authentication (2FA) options on the platforms and the use of basic passwords as reasons why the hacks were possible. Director of Special Projects at Group-IB Ruslan Yusufov, however, believes the industry needs to learn from its mistakes and do more to protect itself.
“Increased fraudulent activity and attention of hacker groups to crypto industry, additional functional of malicious software related to cryptocurrencies, as well as the significant amounts of already stolen funds, signals that the industry is not ready to defend itself and protect its users,” Yusufov noted.
Recommendations for Safety
Group-IB recommends the use of separate passwords for different exchanges and enabling the 2FA option. The company also warns against using public Wi-Fi for carrying out exchange transactions. Cryptocurrency exchanges, on the other hand, are advised to make 2FA mandatory for users, conduct regular security audits and create more awareness internally concerning personnel security.