Useful to knowEditorial office

Crypto hacking: how does it works, and what are the greatest hacks in history

Andrew Zhoao

News editor

Aug 9, 2022 at 07:11

The crypto economy is developing at a tremendous speed, the value of coins, despite the crypto winter, is growing, and fraudsters are coming up with more and more inventive methods of stealing virtual money. So, we at Buidlbee decided to look into crypto hacking, how it works, and some of the examples of how cryptocurrency gets stolen.

What is crypto hacking? 

Cryptocurrencies are based on blockchain technology, which is considered unchanged. However, the growing popularity of cryptocurrencies has prompted cybercriminals to find innovative ways to attack the underlying blockchain. 

Hacks occur by spreading malware. Such viruses can be divided into two types: 

  • Hidden miners. They inject the system and start mining crypto on the injected computer without the computer owner’s awareness and in the interest of the virus owner.
  • Stealers. They steal wallet passwords and wallets themselves. We can also classify primitive viruses, which replace the sender’s address on the clipboard. 

Targeted attacks on specific wallets are much less common. As a rule, these are wallets in which the developers made mistakes, allowing them to seize control over the victim’s funds. These attacks require the hacker to have substantial knowledge of reverse engineering and building financial software. 

The brand new newsletter with insights, market analysis and daily opportunities.

Let’s grow together!

According to experts, cryptocurrency theft has increased, primarily due to the principles of anonymity of cryptocurrencies. This allows cybercriminals to “launder” and cash out stolen funds without difficulty. In the language of hackers, who specialize in stealing money from a credit card: stolen funds don’t need to be “washed,” they can be withdrawn immediately. 

It is reported that this trend affects the cybersecurity industry. Now the “payload” of such viruses after hitting the victim’s computer mainly looks for wallets with cryptocurrencies, and only then for e-banking systems. Antivirus software developers are also noticing that. 

Hackers, in turn, aggressively search for vulnerabilities in smart contracts of popular ICO projects. They often don’t disdain good old-fashioned phishing. To do this, crypto hackers substitute the sites of the ICOs themselves, posting code clones on GitHub and sometimes even replacing fundraising wallets. 

Blockchain security

However, the cryptocurrency community has something to counteract attackers trying to steal their funds. Amid a wave of hacks of popular products, Bug Bounty platforms, and blockchain security, startups are gaining popularity. They do not know just audit code but also audit smart contracts and wallets by hackers.

Several experts are inclined to think that keeping a staff of testers is no longer so profitable in objectively identifying code bugs. Using actual “white” hackers to test the whole product is more advantageous.

Also, first-generation anti-viruses working only with signature analysis have lost their effectiveness. They are not as effective as “behavioral factor” antiviruses.

The experts say a comprehensive approach is essential here: the security of your code in combination with the protection of the development environment and third-party libraries used in creating the product. We also can’t exclude the human factor, which often contributes to active infections.

Types of attacks

Cryptocurrency security is one of the main benefits of blockchain technology, but nothing is perfect. Each algorithm has its vulnerabilities that attackers find. The principle of protection is based on the fact that transaction information is validated by other participants in the network who are unfamiliar with each other, which attackers exploit by intercepting transaction information. Here’s how attackers can get users’ funds.

  • Double spending is the risk that digital currency can be spent twice. This is a potential problem specific to crypto assets because digital information can be easily replicated by experienced people who understand the blockchain network and the computing power required to manipulate it.
  • Finney attack. The attacker prepares a payment transaction and a block containing a transaction to transfer those funds to his other account but does not publish the block online. As soon as the payment transaction is confirmed by one of the miners and the attacker receives the goods, he immediately publishes the pre-prepared block to the network. In this case, there are two chains of blocks of the same length in the network. And if the other miners develop a second chain containing a transaction to transfer money to the attacker’s account, the transaction to transfer money to the seller will be rejected. Consequently, the seller will lose money since the goods have already been sent.
  • 51% attack. This attack supposes that the attacker has more than 50% of the processing power of the blockchain network. In this case, the hacker, with a majority vote, can reject or approve the transactions he wants, creating new blocks faster than other miners. It is impossible to defend against such an attack. It can only be prevented by monitoring the network. In closed blockchains, it is necessary to make sure that network nodes are in trusted locations.

DDoS attacks and time delays. DDoS attacks and time delays. The attack is not performed for economic gain but to hurt the startup or shut down the network altogether. Sending frequent multiple “garbage” data to the node that processes transactions complicates its work and slows down data transfer, network updates, and the formation of new blocks. Each project has its protections for this. For example, Bitcoin has built-in protection against this attack; some cryptocurrencies introduce symbolic commissions that screen out empty transactions generated by robots. The large flow of “junk” transactions leads to higher commissions. In November 2017, IOTA suffered a major DDoS attack.

Where do cryptocurrency hacks happen?

To hack a cryptocurrency wallet, hackers need to know a minimum of information about the user. It can be first name, last name, and phone number. Using network vulnerabilities, it is possible to intercept SMS messages containing one-time passwords to enter the wallet. Unfortunately, the technology of sending temporary messages cannot be rejected yet, because it is simple and, at the same time, quite compelling.

To protect against hackers, it is enough to follow basic cyber-security rules: install all updates on time, use only complex passwords and check the correctness of the configuration settings of the equipment used.

You don’t have to be a hacker to get hold of someone else’s cryptocurrency. People are so naive that they are willing to give it away voluntarily, hoping to get some easy money. Here are a few traditional scammers use to get not only BTC but other altcoins as well:

  • ICO. Initial coin offering, which in most cases is more of a marketing move. Developers choose decentralized networks like Ethereum for placement, then convincingly spread the word about the potential of their tokens. Investors happily exchange ETH for tokens, and developers, even those who haven’t passed the beta testing stage, dissolve into the virtual space.
  • Shadow exchangers and exchanges. It is enough to offer investors lower commissions or additional “benefits” to draw them to their side. After collecting enough cryptocurrency, the exchange or exchanger goes “accidentally” bankrupt.
  • Phishing. Fraudsters create a copy of the site of the exchanger. The site is just a slightly different address and is a “fake,” shallow copy, which has almost nothing working except for API (add-on) for money transfer. An inattentive investor enters the personal data at the copy website and then either transfer the cryptocurrency to scammers, or scammers read the data and passwords of his wallet and then transfer the coins themselves.

It is worth mentioning the classic fraud schemes in which scammers convince to transfer BTCs or other coins to support some promising project. Or to give them money for trust management because they (scammers) have some insider information. Surprisingly, such schemes, despite their simplicity, are still working. Alas, the desire for easy money is more vital than rationality.

How to secure your cryptocurrency?

Cryptocurrency worth hackers stole a record $14 billion in 2021. That’s 79% more than in 2020. In 2022 hackers stole nearly $1.3 billion worth of crypto assets during the first quarter of 2022 and $670 million in cryptocurrency in Q2 2022. Hackers’ appetites are growing, so it’s important to know how to protect your money.

Recently 8000 Solana wallets suffered a hack. Experts estimate that the criminals stole about $6–8 million from wallets such as Phantom, Trust Wallet, and Slope during a massive hacker attack. So, at first, we recommended using reliable wallets.

It is equally important to protect the seed phrase.

  • What is a seed phrase? It is a mnemonic passphrase consisting of 12 random words. It is a backup measure to ensure the user can always access his funds.
  • Why do users need it? If a user loses his wallet ID (or worse, his password), the seed phrase is the only way to recover access to funds.
  • Why write it down? Anyone who knows your seed phrase can access your funds and transaction history. To protect your savings from online hacking or accidental data loss, experts recommend keeping it in a non-electronic form: for example, in a notebook or on a piece of paper.

You can find more information on how to protect your seed phrase in our article.

From traditional banks to crypto wallets

The stealing of money from bank accounts is gradually receding into the background, as many cybercriminals are switching to stealing money from cryptocurrency wallets. But why doesn’t the same happen to traditional banks at a similar scale? According to Reddit user GrammelHupfNockler, being decentralized, crypto requires users to take care of their security. But most people are just not competent enough to safely use such currencies.

“The complex process for using them lead many people to use exchanges that take care of their wallets. But since a lot of money is involved, there are many incentives to attack these exchanges, and even the best IT security experts make mistakes sometimes — attackers only need to get it right once,” he said.

But there is a reason why we can’t reverse these attacks: the blockchain technology underlying every cryptocurrency is append-only. What has been written to the chain cannot be changed without a hard fork. GrammelHupfNockler says that an essential concept in the space is also that code is law, so if your code does something wrong, it’s your fault.

The banks have government regulations requiring IT security, traceability, and similar things, making reversing transactions or finding perpetrators of such attacks possible in many cases. The author thinks that banks are just not lucrative with this much higher risk and lower attach surface.

Cryptocurrency steal examples

The cryptocurrency community and companies have long been a target for hackers. According to analysts, the blockchain industry has lost more than $13.6 billion by October 2020 if you add up all attacks since 2012. And here are some of the cases where companies have lost a lot of money due to hacks.

  • KuCoin. Losses — $280 million. The damage was initially estimated at $150 million, but analysts later increased the estimate to $280 million. The hackers who hacked KuCoin laundered funds through mixers and the decentralized exchange Uniswap.
  • Dforce. Losses — $25 million. He took advantage of a vulnerability in the ERC-777-based imbtc token and a critical vulnerability in the Lendf.me platform’s smart contracts, which is responsible for updating user balances. In addition to the damage caused by dForce, the hacker snatched all Lendf.me tokens (291 imbtc or $2 million at the time of the attack).
  • Pickle Finance. Losses — $19.7 million. DeFi project, which suffered significant losses due to a hacker attack. At the time, hackers stole more than $19 million. The token price collapsed soon after the hack Pickle Finance announced its merger with yearning.Finance.
  • Binance. Losses — $40.5 million. Hackers were able to obtain some user data and withdraw 7,000 BTC from the exchange’s hot wallet due to the hack. According to the exchange’s statement, the attackers managed to get hold of a significant number of users’ API keys, as well as two-factor authentication codes, as a result of which the withdrawal was made in one transaction.
  • Mt.Gox. Losses — $450 million. In 2013, Japan’s Mt. Gox passed through more than 70% of all Bitcoin transactions. As the most popular exchange, the same year, Mt.Gox ran into many problems. U.S. federal agents withdrew $5 million from the company’s bank account because Mt. Gox was not an official financial intermediary. Later, Coinlab’s former partner demanded $75 million from the site for violating the terms of the agreement. But the exchange’s bankruptcy was caused by a hacker hack in February 2014.

And here you can read about 6 investors who lost their crypto in the stupidest ways.

Thus, the cryptocurrency system is still relatively young and largely unregulated. This opens up opportunities for criminal attempts to defraud investors through various schemes and methods aimed at gaining access to wallets or pulling in their hard-earned money by promising attractive but unrealistic profits. Nevertheless, this does not make cryptocurrency a less attractive investment tool. Still, it should encourage investors to learn more about how such fraudulent schemes work and how they can be proactively avoided. We hope you agree with us, guys.

All information provided on this website is for educational and informational purposes only. Please consult with our Disclaimer.

Home » Useful to know » Crypto hacking: how does it works, and what are the greatest hacks in history

Your complaint has been sent to a moderator