Oops, something went wrong, please try the following steps:

  1. Reload the page;
  2. Clear the cache in your browser;
  3. Try another browser;
  4. Disable/Enable VPN.

If these steps do not help, please contact our support at: [email protected] or use this link. We will get back to you as soon as possible.

  • Main
  • Blog
  • Market
  • $25 Billion of the World’s Crypto Belong to the Dark Side

$25 Billion of the World’s Crypto Belong to the Dark Side

A recent report from Chainalysis explores all the different ways illicit crypto are procured, and cites hacks as the bigger source over the darknet.

On May 7, 2021, the most disruptive cyberattack in the United States took place. Colonial Pipeline, a major oil pipeline company, had suffered a ruinous ransomware attack that forced the company to shut down about 5,500 miles of pipeline. This caused Southeastern states in the US to suffer gasoline shortages. DarkSide, the group behind the attack, demanded a Bitcoin ransom worth $5 million. And Colonial had no choice but to pay to regain control.

The Colonial Pipeline attack is only a glimpse to the dark side of cryptocurrency. While it is true that no financial system is crime-proof, the decentralization and anonymity offered by the crypto space make it a convenient cavern for cybercriminals.

$25 Billion of the World’s Crypto Belong to the Dark Side

Since 2011, crypto crime has become a sinister niche within the industry. A lucrative niche that keeps growing exponentially. Chainalysis’s 2022 Crypto Crime Report revealed that in October 2021, cryptocurrency crime hit an all-time high value of $14.8 billion — a 79% increase from 2020’s $7.8 billion. The report also showed that criminal whales alone (which represent 3.7% of all crypto whales) hold over $25 billion worth of cryptocurrency. Crypto money laundering was not left out in the mix. Money laundering with crypto rose by 30% in 2021 with criminals racketeering $8.6 billion in crypto.

Crypto criminals accrue these huge sums through different cybercrimes — from direct theft and darknet market funds to scams and ransomware.

Inside this Sinister Niche: The Top Sources of Illicit Crypto Stash

Crypto crimes manifest in different forms. And these methods are geared toward one goal: obtaining the crypto assets of unsuspecting victims. According to Chainalysis’s report, the top sources of illicit crypto wealth in 2021 include: darknet market funds, scams, fraud shops, ransomware, and cryptocurrency heists.

The dark web market is a thriving marketplace for all sorts of illegal products and services including prescription drugs, weapons, pornography, and hack-for-hire services. Users of the dark web purchase these products and pay in crypto. The market accounted for $448 million out of the $11 billion crypto stash illicitly acquired in 2021.

Following the darknet market funds were crypto scams. In 2021, cybercriminals accrued $192 million through a myriad of crypto scams including fake websites, phishing scams, and pump and dump schemes. Fraud shops brought in $66 million, while ransomware attacks like that of Colonial Pipeline accounted for $30 million. But these figures were nothing compared to what was accrued through cryptocurrency heists.

Chainalysis reported that the biggest crypto heists in history took place on centralized exchanges. And this is not just a random occurrence; there’s a reason for it.

The Role of Centralized Exchanges in Crypto Hacks

Satoshi wanted a financial system where users had control and bore full responsibility for their money. However, this aim was defeated when centralized exchanges served as the first set of platforms for crypto adoption. These exchanges not only provided a marketplace for crypto transactions, they also served as custodial wallets for users. By using these wallets, users ceded the security of their funds to these exchanges — trusting them to protect their assets. These exchanges had custody of users’ private keys, APIs, and sensitive data pertaining to the wallets. In other words, users yielded most of the responsibility regarding security and control to these exchanges. A scenario that is impossible with non-custodial exchanges like ChangeNOW, which offer users full control.

To be fair, many of these exchanges did (and still do) their best to protect the funds of users. But concentrating thousands of private keys in one place is all the scent a crypto predator needs. And many crypto predators have pulled off some of the biggest crypto heists because of this.

Cryptocurrency Heists: The First Major Hack and the Biggest Crypto Heists in History

Crypto thieves need no red overalls or Dali masks to steal crypto assets worth millions of dollars. All they need to do is to gain illicit access to a wallet and transfer funds out of it. They can gain access through phishing attacks or exploiting a coding flaw on the platform. Last year, a DeFi platform Poly Network suffered one of the biggest crypto heists in history. The thieves exploited a loophole in the platform’s code and transferred over $600 million worth of crypto assets to their own wallets.

Chainalysis pointed out that 93% of criminal balances came from stolen funds. As of December 2021, cryptocurrency theft accounted for $9.8 billion out of the total $11 billion from criminal sources. Since 2011, the cryptoverse has suffered several security breaches, starting with the crypto exchange, Mt. Gox.

From Biggest Exchange to Bankruptcy: The Mt. Gox Story

Launched in Tokyo in 2010, Mt. Gox handled 70% of crypto transactions worldwide. But little did they know that only a year later, the world would come to know and remember them by something far less glamorous. Mt. Gox fell prey to the first major security breach in the crypto space.

In 2011, the exchange was hacked and lost $8.75 million worth of Bitcoin. The attackers compromised a computer of one of the exchange’s auditors and changed the Bitcoin pricing to one cent. Then, they proceeded to obtain the private keys of the Mt. Gox’s users, created selling orders, and bought 2000 Bitcoins, each valued at an artificial price of one cent. For context, Bitcoin was between $13 - $15 in 2011. This means that the hackers stole about $30,000 worth of Bitcoin. Three years later, this sum would look like a few cents compared to the amount stolen in the next heist Mt. Gox suffered.

In 2014, Mt. Gox was breached again. This time, the hackers inundated the exchange with fake Bitcoins and stole nearly 850,000 Bitcoins worth $615 million. Mt. Gox never recovered from the attack. The exchange filed for bankruptcy that same year and went out of business.

The Bitfinex Hack

On 2nd August, 2016, Bitfinex announced that they had “discovered a security breach that requires us to halt all trading on Bitfinex, as well as halt all digital token deposits to and withdrawals from Bitfinex.”

We are investigating the breach to determine what happened, but we know that some of our users have had their Bitcoins stolen,” they stated further.

The Hong Kong-based exchange lost 119,756 Bitcoins worth about $72 million. The company handled the crisis pretty well. First, they spread the losses to all clients and company assets. Second, affected customers received BFX tokens. Each customer received 1 BFX for every 1 dollar lost. Customers could redeem the tokens in the exchange or trade them for shares in the parent company, iFinex. Within eight months, all BFX tokens were either redeemed or traded for shares. Furthermore, those who traded for iFinex shares received a Recovery Right Token which qualified them to receive funds recovered from the hack.

Coincheck Hack: The Biggest Non-Bitcoin Heist in History

Coincheck, a Japanese exchange, discovered that its system had been infiltrated eight hours after the damage was done.

In what some have called the largest crypto attack in history, the company lost about $534m of NEM in January 2018. The theft occurred through a phishing attack that gave the hackers access to Coincheck’s hot wallets.

Binance Not Spared from Attacks

In 2017, Binance slipped into the crypto space. A year later, it grew to become the world’s largest exchange. In 2019, two years after its initial launch and early mainstream acceptance, it was hit by a major hack. The hackers broke into Binance's security systems and obtained two-factor codes, API, and other key security data. With this vital data, they accessed the exchange’s hot wallet and withdrew over 7000 Bitcoins worth approximately $40m dollars.

Unlike the Bitfinex hack, where every client bore the brunt of the hack, Binance clients didn’t feel the impact of this hack because of two reasons. One: the stolen Bitcoins were linked to one wallet. Two: Binance covered the losses with its secure asset fund for users (SAFU).

The KuCoin Hack: A Plethora of Digital Assets Stolen

What makes the KuCoin heist different from the previous heists mentioned is the diverse crypto assets stolen. In September 2020, hackers infiltrated KuCoin and stole several crypto assets to the tune of $281 million. Coins and tokens stolen in the hack include Bitcoin (BTC), Ethereum (ETH), Tether (USDT), Bitcoin SV (BSV), Litecoin (LTC), Tron (TRX), Ripple (XRP), and Stellar Lumen (XLM). It is suspected that a North Korean hacker group was responsible for the heist.

North Korea: A Crypto-Crime Mastermind

It is convenient to assume that all crypto crimes are perpetrated by an average Joe (be it an individual or a group) with a devious mind. But the United Nations’ inquiry into the KuCoin hack renders the assumption fallible. Results of the inquiry suggested that the KuCoin hack had strong links to North Korea. And this is not the first time the Asian nation led by Kim Jong-Un has been linked to crypto crimes and other cybercrimes.

Another UN report published in 2019 revealed that North Korea generated about $2 billion through sophisticated cyberattacks on banks and crypto exchanges. This money was used to fund their weapons program.

Furthermore, the infamous WannaCry ransomware attack was linked to North Korea. The FBI also connected the recent Ronin heist to the same country. In March this year, Ronin, the side chain powering Axie Infinity, was hit by a major hack. A total of $615 million comprising 173,600 ETH tokens and 25.5 million USDC tokens was stolen in the heist.

For now, it looks like North Korea is the sole mastermind behind politically-related scams. But will it remain this way for a long time? Would other nations follow North Korea’s footsteps, thus carving a more sinister crime niche? If this is the case, would this niche “thrive” in an ecosystem where industry players and government agencies are seriously clamping down on crypto criminals?

Crypto Crime: A Battle the Crypto Industry is Not Ready to Lose

During the early days of cryptocurrency, many believed that stolen crypto assets could never be recovered. But that’s no longer the case. The many stories of crypto heists and other crypto crimes may be disheartening, but there is a silver lining to some of them. For instance, KuCoin recovered over $204 million of its stolen funds weeks after it launched an investigation. Also, US law enforcement officials recovered $2.3 million worth of Bitcoin paid to DarkSide. Not only were funds recovered, DarkSide had to shut down after they lost access to their servers and had their wallets emptied.

These instances show that crypto criminals are not as invincible — and sometimes, invisible — as they pose themselves to be. In fact, they all face a major challenge after perpetrating a crime: how to liquidate their loot to cash — or weapons. And in this challenge lies their Achilles heel. Because of this weakness, law enforcement agents around the world are investing in blockchain analytics to track and recover stolen assets at the point of a liquidation attempt. In the Colonial-DarkSide case, for example, it was London-based analytics firm, Elliptic, that traced the Bitcoin wallet that received the ransom.

The Evolution of Anti-Laundering Measures

Several reputable exchanges now have sophisticated algorithms that can help flag suspicious activities. ChangeNOW, for one, recently assisted in returning more than $100,000 worth of XRP tokens to their rightful owners. This happened after ChangeNOW’s advanced anti-money laundering security protocols detected dubious transactions that were apparently linked to a phishing scam.

In a similar fashion, the exchange’s AML system also flagged a suspicious 60 ETH transaction in April. Anti-money laundering measures often employ sophisticated software to trace back the origin of tokens being exchanged. This is to say one effective way to nab crypto thefts are at liquidation points, like an exchange. ChangeNOW ultimately linked the 60 ETH case to the unfortunate rise of Uniswap phishing scams.

Regardless, crypto criminals wouldn’t give up. This is why legitimate crypto players must keep thinking of ways to outsmart criminals. Shifting to the use of non-custodial wallets is one way to do this. These wallets give the user complete control over their assets. And unless the user is careless with their private keys, they can rest assured that their funds are safe at all times.

Market
Exchange Crypto
icon-btc
BTC
icon-eth
ETH

Unlock the power of exchange with Pro features

  • Exchange history
  • Cashback
  • VIP plan for free
  • 🎁 Airdrop 50 000 NOW Prize pool
  • More benefits