A new report from blockchain forensics firm Ciphertrace has revealed a significant surge in cryptocurrency theft throughout 2019, with $4.4 billion in crime-related losses in the first nine months of 2019. According to the report, the increase in crime is largely due to an increase in the amount of capital flowing through exchanges and criminals seeking to pull of larger-scale heists.
“There is a relatively consistent increase in criminal activity year over year and we don’t expect that to change overnight,” said CipherTrace CEO Dave Jevans to Reuters. However, Jevans also noted that Q3 of this year saw just $15.5 million in crime-related losses, the lowest quarterly figure in two years.
— CipherTrace (@ciphertrace) November 27, 2019
How did the crypto industry get to $4.4 billion in crime-related losses?
The surge to $4.4 billion worth of losses represents a 150 percent increase from the $1.7 billion worth of crime-related crypto losses that took place over 2018. Jevans said that “the 150% increase in crypto theft and fraud reflects how criminals are adapting for bigger and better scores.”
Jevans also said that criminal strategy appears to have evolved to become more effective over time. “Today’s attackers are patient and willing to spend more time waiting for a payout,” he explained. “Not only have we seen more and more $100 million thefts and scams, those responsible are acting carefully, only cashing out small amounts to stay under the radar.”
Pure Markets' CEO Talks Business Model, 2020 OutlookGo to article >>
Additionally, “little attacks are often easy to defend against, but targeted attacks are far more lucrative.” Jevans also noted a shift away from hack-related thefts toward socially-engineered crimes, including exit scams and other kinds of fraud. This could be considered as evidence of improved security on crypto exchanges.
Therefore, while there may be fewer attacks overall, the attacks that are executed tend to result in “bigger wheelbarrows of cash” being stolen. Indeed, roughly 65 percent of the $4.4 billion figure can be attributed to cryptocurrency wallet and exchange PlusToken, which is alleged to be a massive Ponzi scheme.
According to Reuters, the next-largest singular source of loss took place as the result of the alleged death Gerald Cotten, the QuadrigaCX CEO who allegedly took the exchange’s cold wallet keys with him to the grave. $195 million, roughly 4.4 percent of the $4.4 billion, was lost as a result of Cotten’s sudden passing.
Still, Jevans noted that even without the year’s two largest singular losses, “we are still witnessing many multi-million dollar crimes.” He also said that crimes that amount to less than $5 million are generally under-reported.
65 percent of cryptocurrency exchanges have “weak” KYC
CipherTrace’s report also found that 65 percent of cryptocurrency exchanges have “weak” KYC requirements that “allowed CipherTrace researchers to withdraw at least .25 BTC daily with very little to no KYC.”
However, not everyone in the cryptocurrency industry is in support of stronger KYC measures. Earlier this month, Interdax CTO Charles Phan told Finance Magnates that “Know Your Customer practice is in opposition to the underlying values of the cryptocurrency movement.”
“Bitcoin provides a permissionless payment system that no-one is banned from using,” he explained, commenting on the leak of thousands of BitMEX customers’ personal email addresses.
“Companies that collect sensitive personal information are a gold mine for hackers and often customer data is leaked – Bitcoin gets around this by not requiring personal identification to setup an account and transact.”