Trojan Malware Campaign Attempting to Compromise Cryptocurrency Trading Firms
During the 10 years of its existence, Bitcoin has made waves and has grown in price tremendously, peaking to $20,000 in December. Potential investors couldn’t stay indifferent – all in all, Bitcoin has become one of the most profitable assets ever. However, high profits are always associated with high risks and frauds. Has Bitcoin ever been hacked? Yes! Despite the fact that blockchain is a highly secure technology, digital fraudsters invent new ways of disrupting the system.
Here are the biggest Bitcoin hacks that took place recently.
Bitcoin Savings and Trust
This is the biggest and the cruelest Bitcoin hack ever. The company performed a classic Ponzi scheme: it attracted Bitcoin investors by promising them 7% profit per week, which would result in 365% in a year. It gathered 500,000 BTC before disappearing in August 2012.
Enraged investors managed to sue the company, and a year after, the judge ordered Tendon Shavers, its founder, refund the investors over $40 mln. In 2012, the sum of fraud equaled $6 mln, but in a year it grew to $500 mln because the BTC price was about $100. Turns out, the organizer still managed to make big money even after paying reparations.
Mt. Gox: Bitcoin Hacked Twice!
This Bitcoin exchange based in Japan has a notorious reputation due to being hacked twice – in 2011 and 2014. That’s a rare occasion: no other exchange website suffered from Bitcoin hackers twice. The platform started operating in 2010 and quickly made its way to the top. But in a year, everything changed.
In June 2011, a security breach of the website allowed hackers to drop the price of BTC to $0.01. Then they used a compromised computer belonging to a Mt. Gox auditor to steal a huge amount of Bitcoins. As soon as the transfer was finished, the initial BTC price was restored. The operation took a few minutes only and cost Mt. Gox $8,750,000 back then.
Bitcoin got hacked again in February 2014, when the platform was the biggest Bitcoin exchange and processed about 70% of Bitcoin transactions. Hackers caused technical issues on the Mt. Gox website, and it was suspended for one month. That made Bitcoin’s price fall by 36%: it made Mt. Gox lose about 850,000 BTC after the attack, which equaled $473 back then. After this cryptocurrency collapse, the company had to declare itself bankrupt.
Investors lost their money and did not receive any refunds.
Although Bitfinex is one of the largest cryptocurrency trading exchanges on the market, it also has had problems in the past. In August 2016, hackers attacked the platform by using the vulnerability of its Multisig wallet architecture and stole 120,000 BTC. Because of this hack, Bitcoin dropped in price from $607 to $515 in a few hours. Luckily for traders, the company refunded almost the whole sum using its BFX tokens exchanged for USD.
Estimated to be worth $72 mln, this is the second biggest Bitcoin exchange breach after Mt. Gox.
Other notorious cases
Mt. Gox, Bitcoinica, and Bitfinex aren’t the only exchanges to have had Bitcoin hacked. Here are some other cases in point.
How was Poloniex hacked?
Another biggest cryptocurrency exchange platform, Poloniex, was hacked in 2014. The company didn’t disclose the exact number of coins lost, but a more detailed explanation of this BTC hack was posted on the Bitcointalk forum.
How did the Bitcoin hacker manage to do that? It was simple: hackers exploited the faulty withdrawal code of Poloniex. In comparison with Mt. Gox’s accident, no other Bitcoin hacking seems to be so terrible. However, the outcomes affected all Poloniex users.
Soon after the attack, the platform suspended all operations temporarily and declared on its forum that funds of all Poloniex users would be reduced by 12.3% of all BTCs (97 BTC). It was done to protect users: had all customers withdrawn their funds altogether, there would be nothing left for the rest 12.3% of traders. Eventually, those who lost their money were repaid by the company – it was verified by the customers.
Poloniex often becomes the target of hackers, but most attacks are mitigated successfully
The rumor goes that another Poloniex hack took place in 2017, but the official representatives did not confirm that. Even if the Bitcoin hack did occur, Poloniex continues delivering a sufficient level of service quality.
Bitcoinica: 61,000 Bitcoins hacked
This platform was attacked in March 2012, when Bitcoin was about $5, so the total loss was about $215,000.
Hackers found a vulnerability in the shared online web host Linode and managed to steal about 46,700 Bitcoins from Linode users. The majority of the funds (43,000 BTC) was stored in Bitcoinica exchange platform.
The second attack on Bitcoinica was made 2 months later: hackers stole 18,000 BTC. That finally sank the company and it declared itself bankrupt.
Bitstamp: hacked but recovered
The Slovenian-based startup was established in 2011 to be a safer alternative to Mt. Gox. However, it appeared to be a poor alternative because of the Bitstamp hack that took place in 2015. An anonymous hacker stole 19,000 bitcoins (worth of $5 million) from Bitstamp’s operational hot wallet.
After that, the company suspended its operations and posted the following notice:
That’s what Bitstamp users received after hack
Today, Bitstamp still operates and even managed to get back some of its previous users. After the attack, it took drastic measures to boost security, including the introduction of BitGo multisig wallets for operational purposes.
This cryptocurrency exchange platform was hacked in 2012: hackers accessed unencrypted private keys that were stored online for backups. At that time, loss of 24,000 BTC wasn’t dramatic, and the company managed to refund customers. However, it closed soon due to regulatory measures, as the founder stated in 2013.
Here’s a breakdown of Bitcoin hacks taking place throughout the history of its existence:
Bitcoin hack, minor and major
How to avoid a Bitcoin hack?
All of the above-mentioned cases show that mostly those exchange platforms are to blame for the financial loss; security breaches are found at the application level. The blockchain itself is failure-proof, but the websites where transactions take place rely on different programming languages and technologies. Does it mean you cannot prevent Bitcoin fraud?
No, but you can protect your digital assets in the following way:
Register on reliable and trustworthy platforms only. Read customer reviews, visit forums – find information about the digital security of platforms and their history.
Find out which security measures are taken by the exchange platform: SSL encryption, multisig wallet, and other high-grade technologies are important for keeping website secure.
Store your cryptocurrency on a cold wallet. This is a piece of hardware that ensures rock-solid protection of digital funds because the private keys are available for the wallet owner only. It looks like a USB drive and doesn’t take much place – you can access your funds anytime and anywhere using your PC. Nobody can hack a Bitcoin wallet that’s not accessible online.
Don’t perform cryptocurrency transactions via public Wi-Fi and insecure connections – your traffic and, consequently, wallet address, can be compromised this way.
Do not let anyone know your private keys and login credentials. Don’t set this information on social messengers and email.
Whenever you copy and paste the Bitcoin wallet address, double check its correctness. There’s a malware that can alter the wallet number when you paste it in the wallet field during transactions. If your device gets ‘infected’ with such malware, you will send cryptocurrency to hackers instead without being aware of it.
Set up 2-step authentication on your account. Use the solution from Google or AUTHY application. Such practice usually means an SMS confirmation of login. This way, you will know whenever someone attempts to access your account.
With a cold wallet, your crypto savings will be safe & sound
Can Bitcoin be hacked? These examples show that everything is possible: unsleeping hackers keep finding new ways of compromising the security of crypto exchanges and the PCs of investors. As soon as developers detect vulnerability and eliminate them, malicious programmers find out how to hack Bitcoin in a different way. Therefore, you should always be on the guard.
Bitcoin is not just a good investment opportunity it’s bait for investors that is masterly used by cybercriminals. Don’t let anyone steal your hard-earned Bitcoins take all possible security measures and don’t mess up with such exchange platforms as mentioned above.