A total of $882 million worth of cryptocurrency has been stolen since 2017. Of this staggering amount, the state-sponsored hacking outfit from North Korea known only as Lazarus has pocketed $571 million in digital currency—making them the most proficient cybercrime syndicate in the world.
Based on a summary of the research from cybersecurity firm Group-IB, which highlights 14 of the major attacks carried out on cryptocurrency exchanges this year, the North Korean hacking outfit has racked over half a billion dollars in stolen cryptocurrencies in less than a year.
Group-IB says that hacking groups like Lazarus stick to conventional means when targeting exchanges, which makes spear phishing the most common method of hacking alongside the use of malware and social engineering.
A common technique used by hackers when spear phishing is delivering malware in the form of attachments sent through email.
The malware automatically installs itself once the attachment is opened, and once the hackers gain control over the network, all that is left is locating the servers responsible for managing cryptocurrency wallets.
Group-IB warns that attacks on cryptocurrency exchanges are on the rise, and this is because hacking outfits that previously targeted banks and other mainstream financial institutions are now focusing their efforts on the more lucrative cryptocurrency industry.
56 Percent of ICO Funds Lost to Phishing
Group-IB’s annual report on trends in cybercrime reveals that approximately 10 percent of the funds raised in ICOs over the past year and six months have all been lost to phishing attacks.
The cybersecurity firm’s report shows that ICO platforms are not all to blame because some of the attacks capitalize on investors who rush into cryptocurrency projects without conducting enough due diligence.
This and the fact that cryptocurrency hackers are becoming more creative points to a grave trend in cybercrime; already, the more proficient cryptocurrency groups make away with roughly $1 million worth of stolen cryptocurrency every month.
While some hacking outfits have resorted to stealing sensitive information from investor databases and selling it on the dark web, others are building fake websites using the information they have illegally obtained from other ongoing cryptocurrency projects.
These schemes are also well worked out because in most cases, the hackers are in possession of whitepapers as well, albeit plagiarized ones.
They carry on the charade well into the launch of their fake ICO, after which they perform exit scams with all the investor funds.
Attacks on ICOs Expected to Continue
The worst is yet to come, according to Group-IB. The cybersecurity firm believes that phishing schemes are only going to become more advanced with time.
To illustrate their point, the firm noted that “51 percent” attacks, all of which were unsuccessful in 2017, are now on the rise. By nature, 51 percent attacks require control of most of the computing power used in Proof-of-Work blockchains.
Already, five successful 51 percent attacks have been witnessed during the first and second quarters of 2018.
All of them resulted in direct financial losses that ranged from $550,000 to $18 million, according to the report.
This means bad news for mining pools all over the world as they have now become juicy targets for state-sponsored hackers such as North Korea’s Lazarus.
Group-IB warns that even phishing attacks will get more advanced as phishing kits and automated phishing methods become more popular vectors of attack for ICOs.