|
The price of Bitcoin once exceeded $8,800 this morning, and the price of the currency has more than doubled since the beginning of 2019. The voice of the bull market is endless, and along with the throbbing of the currency price, the long-standing haze of exchanges and users has returned: the return of hackers.
Can hackers’ theft of coins be stopped? Could their resurgence be a sign of a bull market?
Hackers are more accurate than analysts
Since January this year, the market has gradually warmed up. The rising coin prices and new users have made a once-dormant group active again - hackers.
Digital currency is the product of technology geeks and cypherpunks, and data is stored on the chain. However, the existence of centralized exchanges gives hackers an opportunity to take advantage of it.
Looking back at the history of exchange thefts, it is quite shocking.
According to incomplete statistics, at least 22 exchanges have been successfully attacked by hackers, with more than 30 thefts, and a total of approximately 1,000,000 bitcoins and $800 million worth of digital currency have been stolen by hackers.
These include not only leading exchanges such as Binance, OKEx, Mt.Gox, Bitfinex, and Bithumb, but also Indian exchange Coinsecure, Japanese exchange Zaif, Italian exchange BitGrail, etc.
According to the data provided by Beosin Chengdu Lianan: Coinrail exchange hot wallet was attacked, losing about 1,766 bitcoins;
The Zaif exchange was attacked, with losses of approximately $59.67 million, of which $19.59 million was the exchange’s own funds;
Cryptopia exchange is suspected to have been stolen, with an estimated loss of about $16 million in ETH and ERC-20 tokens;
Mercatox exchange was hacked, losing thousands of EOS;
BiKi.com exchange was stolen, with a loss of 123,300 USDT;
DragonEx exchange was hacked, losing about $6 million worth of digital currency ...
The record of stolen cryptocurrencies has become the epitaph of bankrupt exchanges and another record of hackers' evil deeds.
In fact, thefts at exchanges are closely correlated with market changes.
In August 2016, about 120,000 bitcoins were stolen from Bitfinex, one of the largest exchanges, and the price of bitcoin subsequently fell by about 13%. Prior to that, from June to mid-July, bitcoin rose from $450 to around $760, an increase of about 60%.
On January 26, 2018, 523 million NEM coins were stolen from Coincheck, one of Japan's largest exchanges, resulting in a loss of at least US$426 million.
Subsequently, the price of Bitcoin plummeted by about 52.4%, falling from $11,920 to $6,250. Before this incident, Bitcoin reached its historical high of $20,000 per unit.
Back in May this year, 7,000 bitcoins were stolen from Binance. Bitcoin has just rebounded from its 2018 low of $3,155 to $6,000, becoming the product with the highest return on investment this year.
After this black swan event, the price of Bitcoin rose instead of falling, and it has been trading sideways around $8,000. It successfully broke through today and stabilized at $8,500.
Every time the cryptocurrency market rises or recovers, it attracts hackers to plunder the hot wallets of exchanges and brings about a wave of panic pullbacks in the market.
The recent coin theft incidents have not affected the rise in coin prices. Perhaps this is a sign that a bull market is coming?
Are the assets on the exchange safe?
Thefts from exchanges happen frequently, but there are also exchanges that refuse to acknowledge the stolen coins. The reason is that users will doubt the security of their assets.
Looking back at previous coin theft incidents, hot wallets are the main targets of hacker attacks and are also the main storage location for user assets in exchanges.
So can the asset risks in the exchange be properly controlled?
Beosin Chengdu Lianan said: "In general, users' assets on the exchange are relatively safe. What ordinary users need to do is to protect their personal information as much as possible."
“If the assets are mainly in the exchange, you should pay attention to the protection of the exchange account password and security (mobile phone or email, etc.). If conditions permit, separate the mobile phone email related to the assets from the daily email. If the assets are mainly stored in your own account or wallet, you need to pay special attention to the storage of the private key. It is recommended to encrypt and isolate the storage.”
No matter how many security mechanisms an exchange has in place, it is still within the “range” of hackers.
Zhao Dong, founder of DGroup, once said on Weibo, "There is a saying in the hacker circle that all websites can be hacked for $1 million. No security solution can prevent itself from being hacked."
“What can be done is: 1. Reduce the probability of being hacked; 2. Minimize the losses when being hacked.”
Therefore, if you are optimistic about and believe in digital currency , you should stock up on a certain amount of mainstream coins, store them in your own cold wallet and keep your own mnemonic phrases.
Reduce operational errors, stick to regular investments and hoard coins, and believe that your returns and security will lead the vast majority of investors in exchanges.
International thieves hoard digital currency
Since no hacker group has claimed responsibility for the theft, and due to the anonymity of blockchain .
Exchanges can often only use profits to offset losses, and exchanges that are unable to bear the costs, such as Bitcoinnica, Bitfloor, BitGrail, Mt.Gox, Youbit, etc., have no choice but to close or go bankrupt and liquidate.
Since the owner of the address cannot be traced, are the methods used to steal from exchanges similar? Take the Binance exchange theft on May 8 this year as an example. The hacker initiated the withdrawal operation through the API interface at the same time and dispersed the Bitcoin from the attack account.
"The hacker's attack method this time is similar to the attack in the early morning of July 4, 2018. Binance has deleted the API records once before and required users to recreate and properly keep their API KEYs. On May 8, 2019, Binance removed all API records again." Beosin Chengdu Chain Security explained.
Since the previous theft method is similar to this one, we can roughly draw two conclusions: 1. This may be done by the same hacker group.
Second, even if such loopholes have occurred before, exchanges and users still find it difficult to limit and prevent them, and are repeatedly targeted by hackers.
According to media reports, the hacking behavior of stealing coins from exchanges came from APT organizations.
APT (Advanced Persistent Threat) refers to advanced persistent threats, which are essentially targeted attacks.
APT organizations are active in the United States, Europe and other regions, and their main attack targets are encrypted intelligence at the government level.
According to information from Green Alliance Technology, the "Internet Finance Thief" developed by the APT organization has gradually shifted to the field of Internet finance, and has continuously collected and captured 12 digital assets including Bitcoin, Litecoin , Ethereum , 22 third-party wallets, and sensitive files of 8 trading platforms.
Compared with the national level Internet protection, the protection capabilities of exchanges seem to be stretched. So was the exchange theft the work of APT organizations? Beosin Chengdu Lianan said, "This is possible."
Through the analysis of attack traces and tools, it was found that the hacker's attack behavior characteristics are similar to those of previously exposed APT organizations. However, one of the characteristics of APT organizations is the extensive use of open source attack tools and methods, which can also be imitated and used by hackers outside the APT organization.
It is still difficult to confirm whether the notorious APT organization is the culprit of the theft. What can be confirmed is that the anti-theft measures of exchanges and the anti-theft awareness of users still have a lot of room for improvement.
Source: Deepchain |
![[Update] Grayscale increased its holdings by 994 BTC and 1,787 BCH](/upload/images/67e68bc430701.webp)
