Group-IB, a resident company of the Skolkovo Foundation that specializes in preventing and investigating cyberattacks, has released a new report showing a “massive surge” of cryptocurrency exchange user data leaks.
The number of data leaks from cryptocurrency exchanges soared by 369 percent last year, with most victims in the U.S., Russia and China, Group-IB said in the report released Monday.
Most of the users affected by the leaks are in the U.S., followed by Russia and China. Photo: Group-IB.
“In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services,” the company said in a statement announcing the report, which is based on the findings of Group-IB experts who analysed the theft of 720 user accounts from the 19 largest cryptocurrency exchanges.
Every third victim (34.3 percent) of cryptoexchange hacks was in the U.S., according to Group-IB’s data, while 10.5 percent were in Russia, and 5 percent in China.
The infrastructure used by cybercriminals is mainly based in the U.S. (56.1 percent), the Netherlands (21.5 percent), Ukraine (4.3 percent) and Russia (3.2 percent), the report says.
“Cybercriminals have modified tools previously used for attacks on banks and now successfully use them to hack cryptocurrency exchanges and gain access to users’ personal data,” says Group-IB, which investigates about 80 percent of high-profile cybercrimes in Russia and the CIS, and predicted last year that cryptocurrency exchanges would be the most likely hacking targets in the near future, along with banks and power stations.
The new report examines at what is making these attacks possible, and its authors conclude that there are two main factors.
“The first and main cause is that both users and exchanges omit to use two-factor authentication. The second cause is disregard for basic security rules such as the use of complex and unique passwords. Group-IB has analyzed 720 accounts and found that one out of five users chose a password shorter than 8 characters,” the company reports.
Ruslan Yusufov, director for special projects at Group-IB, warned that 2018 will bring even more incidents.
“Increased fraudulent activity and the attention of hacker groups to the cryptoindustry, additional functions of malicious software related to cryptocurrencies, as well as the significant amounts already stolen signal that the industry is not ready to defend itself and protect its users,” Yusufov was quoted as saying in the statement.
Group-IB’s cybersecurity experts advise users that their passwords should contain at least 14 unique symbols, and that they should never use the same passwords for different exchanges, while always enabling 2FA (two-factor authentication). They also recommend avoiding carrying out exchange transactions using public Wi-Fi networks, and that people should not advertise on social media that they possess any cryptocurrency.
Group-IB regularly helps law enforcement to identify and prosecute hackers. It has developed software and hardware solutions to help international companies protect themselves against cyber threats and financial losses, and has clients in countries including the U.S., U.K., Canada and Australia, as well as Russia. The company is one of 50 European scale-ups recently selected to take part in SuperNova, a major new tech fair taking place in Antwerp next month.
The full report on cryptocurrency exchanges, including recommendations for both users and exchanges, is available in English and Russian at Group-IB’s website.