Crypto assets are often associated with numerous advantages, including the transparency and security of transactions. However, these don’t mean that cryptographic assets have immunity from theft. They can be stolen by cybercriminals in more ways than one.
According to a report by cybersecurity firm CipherTrace, cryptocurrency theft amounted to $1.7 billion in 2018. This figure is more than 400% higher than the amount of stolen crypto money in the previous year. The bulk of the amounts stolen is attributed to thefts from cryptocurrency exchanges and cryptocurrency infrastructure services -- online wallets in particular.
On the other hand, cybersecurity company Carbon Black reported that while the most common targets of cryptocurrency theft are exchanges (27%), businesses are a close second (21%). It only makes sense for cryptocurrency-owning businesses to put security measures in place as a growing number of businesses are already accepting bitcoins and other crypto assets as payments. These include Microsoft (NASDAQ:MSFT), Overstock, and Expedia (NASDAQ:EXPE). Even KFC-Canada, Virgin Galactic, and several branches of Subway already include cryptocurrency in their list of payment options.
The Nature of Crypto Asset Theft
How are cryptocurrencies and other cryptography-based assets stolen? Before going into the details of this topic, it’s important to know the basics of how the supposedly unbreakable encryption behind bitcoin and other cryptography-based assets is defeated. With all the lengthy strings of characters used to identify a transaction and the similarly kilometric private keys needed to access wallets, how come cryptocurrencies are still compromised?
A good way to answer this question is by comparing cryptocurrency to a fortress with indestructible walls. Attacks may not be able to pierce through the walls, but the fortress has openings intentionally added for the entry and exit of the users. These points of entry/exit are what hackers exploit. Cryptography, at least before quantum computers become viable, is still virtually impenetrable. That’s why it’s not what cybercriminals attack, it’s the specific accounts whose owners fail to take advantage of security measures.
One of the common ways to steal cryptocurrency is clipboard hijacking. This is done by introducing “clipper” malware to computers. These “clippers” copy and submit data stored in the clipboard, which may include the private keys for cryptocurrency wallets. Many of the malware used to steal crypto asset details are concealed as cryptocurrency trading add-ons, slack bots, and supposedly mundane apps laced with malicious codes.
Some attacks may be o...