The crypto exchange frauds and thefts have spread wide and far across the world. Recently America’s Justice department said that it has seized more than $3.6 billion worth of digital currency that was stolen during a hack of crypto exchange. In this case, the fraudsters were even trying to launder the stolen coins before they were arrested.
The fraud dates back to 2016 when two fraudsters, who posed as entrepreneurs, tried to transfer around 1,20,000 bitcoins stolen from Bitfinex, a crypto exchange. The theft had happened when a hacker breached the systems of exchange and carried out more than 2,000 illegal transactions. Sadly, this was not an aberration.
In 2021 alone, scammers stole $14 billion in crypto. This was around twice the amount taken by fraudsters in 2020, according to ‘2022 Crypto Crime Report’ by Chainalysis, a blockchain data firm. There is no doubt that these scams are perpetrated by a slew of highly sophisticated hackers, which William E Quigley, co-founder of Wax Blockchain, refers to as 'Olympic-level' fraudsters.
For instance, Squid Game crypto scam was a high-level scam where a fake currency was sold to fleece hundreds of thousands of gullible investors by the creators' rug pull after the currency spiked to astronomical levels.
Technology or wallet?
But how do these frauds happen? How can the blockchain technology, believed to be safe and infallible by some, be breached and compromised? The inbuilt safety measures ensure that any illegitimate transaction is rejected and only genuine transactions which are approved by the connecting systems, or nodes, go through.
So, at what level does the anomaly take place?
There are several reasons for losing the money to hackers. First of all, investors must understand that the technology of blockchain is secure and all transactions are recorded in a public ledger for the others to see. However, the currency tokens can be stolen from crypto wallets or even from an exchange just as conventional currency can be stolen from a bank account when the inbuilt security measures are weak.
More often than not, the investors park their tokens either in crypto exchanges or in their wallets. If some hacker manages to hack the private key of wallet, the tokens can be siphoned off. So, this doesn't necessarily mean there is anything wrong in the technology that created these tokens, but the breach happened at the level of platform where the tokens were parked – be it an exchange or wallet.
For instance, US-based YouTuber and blockchain entrepreneur Ian Balina in April 2018 lost $2.5 million following a hack into his cloud storage app Evernote account.
Experts often advise to keep large crypto deposits only in cold wallets where passwords are not saved online. Cold wallets are devices or applications that store your private keys offline. These are like an application on your device which doesn't connect to the internet, or a device similar to a USB thumb drive that stores your keys.
To avoid what happened to Ian Balina, it is not advisable to keep passwords of crypto wallets on an email or cloud service. A hot wallet, which is connected to the internet, is always vulnerable to hack, advise experts.
So, those who invest large amounts in cryptocurrencies must bear in mind that at the end of the day, any large deposit kept in an online wallet can be accessed by a hacker who can outsmart the exchange's safety mechanisms.