The analytical company Chainalysis estimates that in 2019, hackers successfully hacked 11 large cryptocurrency exchanges and stole cryptocurrencies worth more than $ 283,000,000.
Although 11 hacks per year are a lot, both in comparison with the number of incidents recorded in 2018, and retrospectively, compared with the average number of hacks per year over the past 10 years, hackers managed to steal less money. The fact is that 283 million dollars, which is much lower than 875.5 million dollars (that is how many hackers managed to steal in 2018, for just six hacks) or 483 million dollars (obtained by attackers in 2014, for only three hacks).
According to Chainalysis, a sharp increase in the number of successful hacks may be due to the fact that attackers began to use more sophisticated methods to attack cryptocurrency exchanges. However, exchange developers, too, are not idle. Experts write that many of the exchanges have invested in improving security and transaction verification systems, which led to a decrease in the amount of money that hackers managed to steal, before the attacks discovered, the transactions were canceled and the funds returned.
Chainalysis notes that “most of the funds stolen during the attacks are ultimately sent to other exchanges, where they are likely to be converted into cash,” but a significant portion of the stolen is not spent over the years.
According to Chainalysis statistics, in 2019, more than $ 2.8 billion in bitcoins switched from well-known criminal groups to several exchange portals, where they were quickly converted to fiat currencies. In addition to funds stolen on exchanges, these $ 2.8 billion also included other types of illegal transactions, such as payments to ransomware, funds from phishing transactions, online fraud and funds associated with well-known criminal and terrorist groups. More than 50% of the amount mentioned was transferred to accounts on large exchange platforms Binance and Huobi, where fraudsters laundered stolen money. So, in 2019, more than 300,000 individual accounts on Binance and Huobi received cryptocurrency from criminal sources.
Of all the illegal actions and transactions in the blockchain, it is easiest to track payments to cryptographic operators, since the addresses for paying the ransom are usually included in the extortion messages themselves, which ultimately fall into the hands of information security specialists. According to Chainalysis estimates, in 2019, extortion groups received just over $ 6.6 million in ransoms. Basically, such an amount was gained thanks to the October surge in attacks carried out using the ransomware Bitpaymer, Ryuk and Defray777. Moreover, the researchers emphasize that this amount most likely does not quite match really and is greatly underestimated, and in fact ransomware operators “earn” much more.