In 2019, hackers have successfully breached 11 major cryptocurrency exchanges and have stolen more than $283 million worth of cryptocurrency, according to blockchain analysis firm Chainalysis.
The 11 hacks represent the highest number of security breaches at cryptocurrency exchange portals recorded in a single year in the last decade, up from six incidents recorded in the previous year, in 2018.
However, despite a rise in the number of reported hacks, attackers didn’t make the profits they expected, netting only $283 million. The number is far below the $875.5 million hackers made in 2018 from just six hacks, and the $483 million they made in 2014, from only three breaches.
According to Chainalysis, the sharp rise in the number of successful hacks can be attributed to attackers evolving to use more sophisticated methods for infiltrating cryptocurrency exchanges, which allowed them to carry out more hacks than before.
On the other hand, cryptocurrency exchanges didn’t sit idly either. Chainalysis reports that many invested in improved security features and transaction verification systems, which, in turn, reduced the amount of funds hackers managed to steal before being detected and transactions reversed and funds recovered.
But when hacks are successful, Chainalysis reports that “the majority of funds stolen in exchange attacks end up being sent to other exchanges, where they’re likely converted into cash.”
However, Chainalysis also reports that “a substantial portion of funds sit unspent, sometimes for years.”
“In those cases, there may still be an opportunity for law enforcement to seize the stolen funds,” researchers say.
Most illegal funds are being laundered through two exchanges
Chainalysis experts report that over the course of 2019, they traced more than $2.8 billion in Bitcoin that moved from known criminal entities to a few exchange portals, where they were quickly cashed out into fiat currency.
The $2.8 billion figure, besides funds hacked from cryptocurrency exchanges, also includes other types of illegal transactions, such as ransomware payments, funds from phishing operations, online scams, and funds associated with known criminal and terrorist groups.
Of these $2.8 billion, Chainalysis says that more than 50% of the funds were transferred to accounts on the Binance and Huobi exchange platforms — two of the internet’s largest cryptocurrency exchanges — where crooks laundered the stolen coins into cash.
“Overall, just over 300,000 individual accounts at Binance and Huobi received Bitcoin from criminal sources in 2019,” Chainalysis reported.
“That may come as a surprise given that Binance and Huobi are two of the largest exchanges operating, and are subject to KYC [Know Your Customer] regulations,” experts added.
KYC regulations, which are in effect in almost all countries over the world, mandate that companies require customers to authenticate and verify their identities before doing business on their platforms.
OTC brokers are aiding money laundering operations
However, Chainalysis reports that many criminal groups are skirting this requirement by using entities called OTC (Over The Counter) brokers.
OTC (Over The Counter) brokers are entitites that operate on classic exchange portals and act as intermediaries that can facilitate trades between buyers and sellers who don’t want their identity or accunts associated with transactions on open blockchains.
“The problem, however, is that while most OTC brokers run a legitimate business, some of them specialize in providing money laundering services to criminals,” the Chainalysis team says.
“OTC brokers typically have much lower KYC requirements than the exchanges they operate on,” researchers added. “Many of them take advantage of this laxity and help criminals launder and cash out funds, usually first by exchanging Bitcoin and other cryptocurrencies into Tether as a stable intermediary currency before they presumably cash out into fiat.”
Ransomware groups made at least $6.6 million in 2019
But tracking illegal transactions on public blockchains isn’t an accurate science. Researchers need to discover and then track the blockchain addresses used today’s secretive criminal and terrorist operations.
Of all illegal activities and transactions happening on public blockchains, ransomware payments are the easiest to track, as the ransom payment address is usually included in ransom notes that cyber-security firms can obtain from analyzing malware samples.
The Chainalysis team says that based on their data, in 2019, ransomware gangs received just over $6.6 million in ransom payments, “largely driven by an October surge in attacks carried out using the Bitpaymer, Ryuk, and Defray777 ransomware strains.”
However, Chainalysis is the first one to admit that this number is “almost certainly an underestimate” and that ransomware gangs most likely earned a figure larger than the $6.6 million they managed to confirm and track.
More details on the blockchain ecosystem and the criminal underground will be available later this month when Chainalysis publishes its 2020 Crypto Crime Report.