cryptocurrency theft

CipherTrace: Cryptocurrency Theft Alarming at $4.4 Billion in 2019

According to a reportby CipherTrace, a blockchain forensics company, the cryptocurrency sector has lost a whopping $4.4 billion in scams and thefts so far this year, up by more than 150% from $1.7 billion in 2018.

The study dubbed the “Q3 2019 Cryptocurrency Anti-Money Laundering (AML) Report,” which covers various issues, such as cryptocurrency regulation, prevailing sentiments, international trends, and impending legislation, among others.

The report reveals that cryptocurrency theft has risen at an alarming rate in 2019 compared to 2018 because malpractices have been happening through crypto exchanges. This trend has been instigated by the urge of criminals to undertake bigger heists.

Dave Jevans, CipherTrace CEO, noted: “The 150% increase in crypto theft and fraud reflects how criminals are adapting for bigger and better scores.”

He added: “Criminals chase money and the money is right here and ripe for the taking. Little attacks are often easy to defend against, but targeted attacks are far more lucrative.”

CipherTrace stipulated that some of the biggest crypto thefts in 2019 included PlusToken, a Ponzi scheme involving crypto exchange and wallet, and customers lost $2.9 billion. Another one entails the loss of $195 million by QuadrigaCX customers that served as a Canadian crypto exchange before the abrupt death of its CEO and co-founder, Gerald Cotten.

Regulatory scrutiny in the cryptocurrency sector is, however, being stepped up across the globe, as market participants and developers are seeking to penetrate the crypto space.

Image via Shutterstock

Two US Nationals Charged With SIM-Swap Cryptocurrency Theft

The US District Court for the District of Maryland has charged 19-year-old Kyell A. Bryan of Pennsylvania and 21-year old Jordan K. Milleson of Maryland in connection with an alleged phishing fraud and SIM card scheme that led to a theft of thousands of dollars’ worth of cryptocurrency.

According to the US. Attorney for the District of Maryland, Milleson hacked into financial and electronic accounts and computer networks and Bryan participated in helping such deals succeed.

The court documents show that from September 2017 to January 2020, Milleson set up fraudulent websites and internet domains and used phishing techniques to deceive victims into visiting the fraudulent websites and giving their credentials so that he could access their electronic accounts. Bryan and Milleson conspired to take over electronic accounts belonging to people and sent phishing emails to steal cryptocurrencies to enrich themselves.

The court document also alleged that Bryan, Milleson, and others used stolen credentials from employees of wireless service providers to hack into computer networks of those companies and take over customers’ accounts through “SIM swapping”. The culprits used such techniques to give them control over individuals’ phone numbers and other electronic accounts, including social media and cryptocurrency.

In this particular case, Bryan and Milleson reportedly stole over $16,000 from a crypto account after gaining access to the account information of a victim who is an operator of a cryptocurrency investment firm.

The two have been held in custody pending trial. The court charged them with 15 counts, including wire fraud conspiracy, intentional damage to protected computers, wire fraud, aggregated identity, unauthorized access to protected computers to commit fraud, and aggravated identity theft.

If convicted, then Bryan and Milleson face up to 30 years in jail for allegedly stealing cryptocurrency by hacking mobile phones and other electronic accounts and “phishing” emails to steal sensitive or personal information from victims, and other charges leveled against them.

North Korean Crypto Thefts in 2023: A $700 Million Cyber Menace

In 2023, the cryptocurrency world was shaken by a startling revelation from TRM Labs, a blockchain intelligence firm. The report indicated that groups linked to the Democratic People’s Republic of Korea (DPRK) were responsible for approximately 33% of all cryptocurrency thefts during the year, potentially amassing up to $700 million through these illicit activities.

The gravity of this situation is highlighted by the fact that nearly $1.5 billion was stolen by DPRK in the previous two years, marking a significant and worrying trend in cyber theft. This alarming increase in cyber thefts by North Korean operatives demonstrates their growing proficiency in this illicit domain.

The Methods of DPRK’s Crypto Heists

The tactics employed by DPRK in these heists have evolved over time, showcasing a sophisticated understanding of cryptocurrency and blockchain technology. In 2023, major thefts involving platforms such as Atomic Wallet, Alphapo, and CoinsPaid were attributed to North Korean operatives, causing a loss of approximately $197 million in cryptocurrencies.

Interestingly, one of their favored methods included the use of crypto mixers like Tornado Cash. However, following sanctions imposed on Tornado Cash in August 2023 by the US Department of Justice, DPRK hackers explored alternative methods for their operations. This adaptation to changing circumstances underlines the resilience and cunning of these cybercriminals in circumventing security measures.

The Crypto Conversion Strategy

A crucial aspect of these thefts involved converting the stolen assets to cryptocurrencies like Tether or Tron, although specific details on this conversion process in 2023 are not explicitly mentioned in available sources. This strategy likely served the dual purpose of laundering the stolen funds and evading detection by law enforcement agencies. The use of such cryptocurrencies, known for their stability and widespread acceptance, might have facilitated the seamless integration of these illicit funds into the global crypto economy.

The Ongoing Threat

Despite international sanctions and vigilance, North Korea remains a significant cyber threat, with their tactics continuously evolving to evade law enforcement. This persistence poses a continuous challenge to the global community, especially in the realm of cybersecurity and financial regulation.

In conclusion, the events of 2023 serve as a stark reminder of the ever-present danger posed by state-sponsored cybercriminals, especially those backed by regimes like DPRK. The crypto community, regulators, and international bodies must remain vigilant and collaborate to counter these sophisticated threats.