Blog $400 million worth of cryptocurrency stolen by hackers
Robert Siciliano January 26, 2018

$400 million worth of cryptocurrency stolen by hackers

Cryptocurrency is hot right now, and whenever something is hot, hackers pay attention. Research by Ernst & Young has shown that more than 10 percent of all the funds that were raised through initial coin offerings (ICOs), worth around $400 million, simply disappeared—and experts are pointing to hackers as the likely culprits.

It remains popular for ICO’s to be used as a form of early-stage investment. So, instead of buying shares in a company, investors buy digital tokens. However, the companies that sell these ICOs don’t actually have any product to give investors—except a whitepaper. This whitepaper tells them how things could theoretically work and the proposed investment scheme, but, as with all cryptocurrency, it offers nothing tangible.

Ernst & Young recently took a look at over 370 ICOs. The firm found that out of the $3.7 billion raised through these offerings, about $400 million vanished. Where did it go? Research suggests it went to hackers via phishing attacks.

Whether all the $400 million went to hackers, however, is currently not clear. For instance, one company, Tezos, pulled in about $232 million during an ICO. Investors got nothing and are now issuing lawsuits, pointing to this particular case appearing to be fraudulent. Ernest & Young did not state whether cases like these were included in their research.

How malware is responsible for missing money

At this point, you might be wondering how these scams are happening. One way is for criminal hackers to use malware—specifically, malware called Satori. Satori is wreaking havoc with investors. Netlab 360, a Chinese-based company, released a report recently pointing the finger at Satori for affecting the Claymore Miner software.

By using mining software, investors are able to obtain (or ‘mine’) cryptocurrency. However, malware like Satori is making this impossible by getting in the middle of the transaction. After the malware gets control of the software, it replaces the address of the user’s wallet with one that is controlled by the hacker. Thus, the crypto you thought you purchased and sent to your digital crypto wallet was anonymously rerouted elsewhere.

What’s worse, the owners of these wallets don’t even realize that this is happening unless they look at their software configuration.

Hackers, though, are not just intercepting transactions; they’re also finding their way into the actual wallets themselves to steal whatever’s there. One way is by hacking a person’s computer via an unsecured WiFi network, like when at a coffee shop or at the airport.

Stealing crypto isn’t like stealing a credit card, for example; it’s incredibly tough, if not impossible, to do anything about it—what’s gone is gone. Which points to the importance of keeping your security software up to date, and using a VPN such as Hotspot Shield to encrypt and protect your devices from hackers when on unprotected WiFi.

With at least $400 million having vanished already, this is probably just the tip of the iceberg. Do not become part of this statistic—protect your data and funds with a reliable security solution.

Robert Siciliano
About Robert Siciliano

Robert Siciliano is an Identity Theft expert consultant to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him discussing internet and wireless security on Good Morning America. FInd Robert Siciliano on Google+

View all posts by Robert Siciliano
Subscribe to our newsletter

Become a Hotspot Shield insider to get the latest news, updates, and special offers delivered directly to your inbox.

  • Subscribe to our newsletter
  • This field is for validation purposes and should be left unchanged.