Cryptocurrency and crime

From Wikipedia, the free encyclopedia
(Redirected from Cryptocurrency and security)

Cryptocurrency and crime describes notable examples of cybercrime related to theft (or the otherwise illegal acquisition) of cryptocurrencies and some of the methods or security vulnerabilities commonly exploited. Cryptojacking is a form of cybercrime specific to cryptocurrencies that has been used on websites to hijack a victim's resources and use them for hashing and mining cryptocurrencies.[1]

According to blockchain analysis company Chainalysis, 0.15% of known cryptocurrency transactions conducted in 2021 were involved in illicit activities like cybercrime, money laundering and terrorism financing, representing a total of $14 billion.[2]

Background[edit]

There are various types of cryptocurrency wallets available, with different layers of security, including devices, software for different operating systems or browsers, and offline wallets.

Novel exploits unique to blockchain transactions exist which aim to create unintended outcomes for those on the other end of a transaction. One of the more well known issues that opens the possibility for exploits on Bitcoin is the transaction malleability problem.[3]

The Immunefi Crypto Losses 2022 Report lists industry losses from frauds and hacking as a combined total of US$3.9 billion for the year, and at US$8 billion for 2021.[4]

Notable thefts[edit]

In 2018, around US$1.7 billion in cryptocurrency was lost to scams, theft and fraud. In the first quarter 2019, the amount of such losses rose to US$1.2 billion.[5] 2022 was a record year for cryptocurrency theft, according to Chainalysis, with US$3 billion stolen during 125 system hacks.[6]

Exchanges[edit]

Notable cryptocurrency exchange compromises resulting in the loss of cryptocurrencies include:

  • In 2015, cryptocurrencies worth US$5 million were stolen from Bitstamp.[7]
  • Between 2011 and 2014, US$350 million worth of bitcoin were stolen from Mt. Gox.[7]
  • In 2016, US$72 million were stolen through exploiting Bitfinex's exchange wallet, users were refunded.[8]
  • On December 7, 2017, Slovenian cryptocurrency exchange NiceHash reported that hackers had stolen over $70M using a hijacked company computer.[9][10]
  • On December 19, 2017, Yapian, the owner of South Korean exchange Youbit, filed for bankruptcy after suffering two hacks that year.[11][12] Customers were still granted access to 75% of their assets.[citation needed]
  • In 2018, cryptocurrencies worth US$400 million were stolen from Coincheck.[13]
  • In May 2018, Bitcoin Gold had its transactions hijacked and abused by unknown hackers.[14] Exchanges lost an estimated $18m and Bitcoin Gold was delisted from Bittrex after it refused to pay its share of the damages.
  • In June 2018, South Korean exchange Coinrail was hacked, losing over $37M worth of cryptos.[15] The hack worsened an already ongoing cryptocurrency selloff by an additional $42 billion.[16]
  • On July 9, 2018, the exchange Bancor, whose code and fundraising had been subjects of controversy, had $23.5 million in cryptocurrency stolen.[17][18]
  • Zaif US$60 million in Bitcoin, Bitcoin Cash and Monacoin stolen in September 2018[19]
  • Binance In 2019 cryptocurrencies worth US$40 million were stolen.[13][20]
  • Africrypt founders are suspected of absconding in June 2021 with US$3.6 billion worth of Bitcoin[21]
  • PolyNetwork (DeFi) suffered the loss of US$611 million in a theft in August 2021.[22]
  • Japanese cryptocurrency exchange Liquid was compromised in August 2021 resulting in a loss of US$97 million worth of digital coins[23]
  • Cream Finance was subject to a US$29 million theft in August, 2021[24] and $130 million October 28, 2021.[25]
  • On December 2, 2021, users of the BadgerDAO DeFi lost around $118,500,000 worth of bitcoin and $679,000 worth of ethereum tokens in a front-end attack. A compromised API key of the Cloudflare content delivery network account allowed injecting of a malicious script to the web interface. BadgerDAO "paused" all smart contracts due to user complaints.[26]
  • On December 6, 2021, the cryptocurrency exchange BitMart lost around $135M worth of Ethereum and an estimate of around $46 million in other cryptocurrencies due to a breach of two of its wallets.[27] Although BitMart stated that it would reimburse its clients, many BitMart clients have not received any money from the exchange as of January 2022.[28]
  • On December 12, 2021, users of VulcanForge lost around $135M worth of PYR due to breaches of multiple wallets. Partering centralized exchanges had been notified of the hack and they have pledged to seize any stolen funds upon deposit.[29]
  • On January 27, 2022, Qubit Finance (DeFi) lost around $80M worth of Binance Coin due to a flaw in the smart contract that enabled withdrawal of the said amount in exchange for a deposit of 0 ETH.[30]
  • In March 2022,[31] the largest cryptocurrency theft of the year, US$625 million in ether and USD coin was stolen from the Ronin Network. Hacked nodes were finally discovered when a user reported being unable to withdraw funds. The heist was later linked to Lazarus Group, a North Korean state-backed hacking collective, by the U.S. Treasury Department.[6]
  • On September 20, 2022, Wintermute was hacked resulting in theft of US$160 million. The company attributed the vulnerability to a service used by the platform that generates vanity addresses for digital accounts.[6]

Wallets[edit]

The Parity Wallet has had two security incidents amounting to 666,773 ETH lost or stolen.[32] In July 2017, due to a bug in the multisignature code, 153,037 ETH (approximately US$32 million at the time) were stolen.[33][34] In November 2017, a subsequent multisignature[clarification needed] flaw in Parity led to a lock-up of 513,774 Ether (about US$150 million at the time) to be unreachable;[35][36] as of March 2019, the funds were still frozen.[37]

Energy[edit]

Notable cases of electricity theft to mine proof-of-work cryptocurrencies include:

  • In February 2021 Malaysian police arrested six men involved in a Bitcoin mining operation which had stolen US$2 million in electricity[38]
  • Ukraine authorities shut down an underground gaming and cryptocurrency farm in July, 2021, accused of stealing $259,300 of electricity each month[39]
  • In July 2021 Malaysian authorities destroyed 1,069 cryptocurrency mining systems accused of stealing electricity from the grid[40]
  • In May, 2021 UK authorities closed a suspected bitcoin mine after Western Power Distribution found an illegal connection to the electricity supply[41]

Blockchains[edit]

Bitcoin[edit]

There have been many cases of bitcoin theft.[42] As of December 2017, around 980,000 bitcoins—over five percent of all bitcoin in circulation[a]—had been lost on cryptocurrency exchanges.[43]

One type of theft involves a third party accessing the private key to a victim's bitcoin address,[44] or of an online wallet.[45] If the private key is stolen, all the bitcoins from the compromised address can be transferred. In that case, the network does not have any provisions to identify the thief, block further transactions of those stolen bitcoins, or return them to the legitimate owner.[46]

Theft also occurs at sites where bitcoins are used to purchase illicit goods. In late November 2013, an estimated US$100 million in bitcoins were allegedly stolen from the online illicit goods marketplace Sheep Marketplace, which immediately closed.[47] Users tracked the coins as they were processed and converted to cash, but no funds were recovered and no culprits were identified.[47] A different black market, Silk Road 2, stated that during a February 2014 hack, bitcoins valued at $2.7 million were taken from escrow accounts.[48]

Sites where users exchange bitcoins for cash or store them in "wallets" are also targets for theft. Inputs.io, an Australian wallet service, was hacked twice in October 2013 and lost more than $1 million in bitcoins.[49] GBL, a Chinese bitcoin trading platform, suddenly shut down on 26 October 2013; subscribers, unable to log in, lost up to $5 million worth of bitcoin.[50] In late February 2014 Mt. Gox, one of the largest virtual currency exchanges, filed for bankruptcy in Tokyo amid reports that bitcoins worth US$350 million had been stolen.[51] Flexcoin, a bitcoin storage specialist based in Alberta, Canada, shut down in March 2014 after saying it discovered a theft of about $650,000 in bitcoins.[52] Poloniex, a digital currency exchange, reported in March 2014 that it lost bitcoins valued at around $50,000.[53] In January 2015 UK-based bitstamp, the third busiest bitcoin exchange globally was hacked and US$5 million in bitcoins were stolen.[54] February 2015 saw a Chinese exchange named BTER lose bitcoins worth nearly $2 million to hackers.[55]

A major bitcoin exchange, Bitfinex, was hacked and nearly 120,000 bitcoins (around US$60 million) was stolen in 2016. Bitfinex was forced to suspend its trading. The theft was the second-largest bitcoin heist ever, dwarfed only by the Mt. Gox theft in 2014. According to Forbes, "All of Bitfinex's customers,... will stand to lose money. The company has announced a cut of 36.067% across the board."[56] Following the hack the company refunded customers.[citation needed] In 2022, the US government recovered 94,636 bitcoin (worth approximately $3.6 billion at the time of recovery) from the 2016 thefts of the Bitfinex exchange. By February 2022, the amount of bitcoin stolen was worth $4.5 billion.[57] Two people were charged for the thefts.[58]

On May 7, 2019, hackers stole over 7000 Bitcoins from the Binance Cryptocurrency Exchange, at a value of over 40 million US dollars. Binance CEO Zhao Changpeng stated: "The hackers used a variety of techniques, including phishing, viruses, and other attacks... The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time."[59]

Thefts have raised safety concerns. Charles Hayter, founder of the digital currency comparison website CryptoCompare said, "It's a reminder of the fragility of the infrastructure in such a nascent industry."[60] According to the hearing of U.S. House of Representatives Committee on Small Business on April 2, 2014, "these vendors lack regulatory oversight, minimum capital standards and don't provide consumer protection against loss or theft."[61]

Ethereum[edit]

In June 2016, hackers exploited a vulnerability in The DAO to steal US$50 million. Subsequently, the currency was forked into Ethereum Classic, and Ethereum, with the latter continuing with the new blockchain without the exploited translations.[62][63]

On November 21, 2017, Tether announced that it had been hacked, losing $31 million in USDT from its core treasury wallet.[64] The company has 'tagged' the stolen currency, hoping to 'lock' them in the hacker's wallet (making them unspendable).[citation needed]

In 2022, hackers created a signature account on a blockchain bridge called "Wormhole" and stole more than $300 million worth of ether.[65]

Fraud[edit]

Josh Garza, who founded the cryptocurrency startups GAW Miners and ZenMiner in 2014, acknowledged in a plea agreement that the companies were part of a pyramid scheme, and pleaded guilty to wire fraud in 2015. The U.S. Securities and Exchange Commission separately brought a civil enforcement action against Garza, who was eventually ordered to pay a judgment of US$9.1 million plus $700,000 in interest. The SEC's complaint stated that Garza, through his companies, had fraudulently sold "investment contracts representing shares in the profits they claimed would be generated" from mining.[66] Garza was later found guilty of fraud and ordered to pay US$9 million and begin serving a 21-month sentence commencing January 2019 by the U.S. Attorney’s Office District of Connecticut.[citation needed]

Fraud warnings in regards to BitConnect, and cease-and-desist orders by the Texas State Securities Board cited the promise of massive monthly returns.[67]

BitConnect founder and promoters diverted $2 billion in investor funds into personally controlled digital wallets between 2017 and 2018, according to the US Securities and Exchange Commission.[68] The scam purported to use a "crypto trading bot" for a guaranteed return on investment. In reality no such mechanism was implemented and a network of promoters was paid a commission to attract new investors. Lead promotor, Glenn Arcaro, pled guilty to criminal charges.[citation needed]

OneCoin was a massive worldwide multi-level marketing Ponzi scheme promoted as (but not involving) a cryptocurrency, causing losses of US$4 billion worldwide. Several people behind the scheme were arrested in 2018 and 2019.[69]

The cryptocurrency community refers to pre-mining, hidden launches, ICO or extreme rewards for the altcoin founders as deceptive practices.[70] This is at times an inherent part of the cryptocurrency's design.[71] Pre-mining refers to the practice of generating the currency before its released to the public.[72]

FTX and Alameda Research founder and CEO Sam Bankman-Fried was indicted by the U.S. District Court for the Southern District of New York in December 2022 and charged with commodities and wire fraud, securities fraud and money laundering, as well as with violating campaign finance laws.[73][74]

Malware[edit]

Malware attacks[edit]

Some malware can steal private keys for bitcoin wallets allowing the bitcoins themselves to be stolen. The most common type searches computers for cryptocurrency wallets to upload to a remote server where they can be cracked and their coins were stolen. Many of these also log keystrokes to record passwords, often avoiding the need to crack the keys.[75] A different approach detects when a bitcoin address is copied to a clipboard and quickly replaces it with a different address, tricking people into sending bitcoins to the wrong address.[76] This method is effective because bitcoin transactions are irreversible.[77]: 57 

One virus, spread through the Pony botnet, was reported in February 2014 to have stolen up to $220,000 in cryptocurrencies including bitcoins from 85 wallets.[78] Security company Trustwave, which tracked the malware, reports that its latest version was able to steal 30 types of digital currency.[79]

A type of Mac malware active in August 2013, Bitvanity posed as a vanity wallet address generator and stole addresses and private keys from other bitcoin client software.[80] A different trojan for macOS, called CoinThief was reported in February 2014 to be responsible for multiple bitcoin thefts.[80] The software was hidden in versions of some cryptocurrency apps on Download.com and MacUpdate.[80]

Ransomware[edit]

Many types of ransomware demand payment in bitcoin.[81][82] One program called CryptoLocker, typically spread through legitimate-looking email attachments, encrypts the hard drive of an infected computer, then displays a countdown timer and demands a ransom in bitcoin, to decrypt it.[83] Massachusetts police said they paid a 2 bitcoin ransom in November 2013, worth more than $1,300 at the time, to decrypt one of their hard drives.[84] Bitcoin was used as the ransom medium in the WannaCry ransomware.[85] One ransomware variant disables internet access and demands credit card information to restore it, while secretly mining bitcoins.[83]

As of June 2018, most ransomware attackers preferred to use currencies other than bitcoin, with 44% of attacks in the first half of 2018 demanding Monero, which is highly private and difficult to trace, compared to 10% for bitcoin and 11% for Ether.[86]

Unauthorized mining[edit]

Cryptojacking is the act of hijacking a computer to mine cryptocurrencies against the users will, through websites,[87][88][89] or while the user is unaware.[90] One notable piece of software used for cryptojacking was Coinhive, which was used in over two-thirds of cryptojacks before its March 2019 shutdown.[91] The cryptocurrencies mined the most often are privacy coins--coins with hidden transaction histories--such as Monero and Zcash.[88][92]

Like most malicious attacks on the computing public, the motive is profit, but unlike other threats, it is designed to remain completely hidden from the user. Cryptojacking malware can lead to slowdowns and crashes due to straining of computational resources.[93]

Phishing[edit]

A phishing website to generate private IOTA wallet seed passphrases, and collected wallet keys, with estimates of up to US$4 million worth of MIOTA tokens stolen. The malicious website operated for an unknown amount of time and was discovered in January 2018.[94]

Fraud factories[edit]

Fraud factories in Asia traffic workers to scam westerners into buying cryptocurrencies online.[95]

Other incidents[edit]

In 2015, two members of the Silk Road Task Force—a multi-agency federal task force that carried out the U.S. investigation of Silk Road—were convicted over charges pertaining to corruption.[96] Former DEA agent, Carl Mark Force, had attempted to extort Silk Road founder Ross Ulbricht ("Dread Pirate Roberts") by faking the murder of an informant. He pleaded guilty to money laundering, obstruction of justice, and extortion under color of official right, and was sentenced to 6.5 years in federal prison.[96] Former U.S. Secret Service agent, Shaun Bridges, pleaded guilty to crimes relating to his diversion of $800,000 worth of bitcoins to his personal account during the investigation, and also separately pleaded guilty to money laundering in connection to another cryptocurrency theft. Bridges were sentenced to almost eight years in federal prison.[97]

Gerald Cotten founded QuadrigaCX in 2013, after graduating from the Schulich School of Business in Toronto. Cotten was acting as the sole curator of the exchange. Quadriga had no official bank accounts since banks at the time had no method of managing cryptocurrency. In late 2018, Canada's largest crypto exchange QuadrigaCX lost US$190 million in cryptocurrency when the owner died; he was the only one with knowledge of the password to a storage wallet. The exchange filed for bankruptcy in 2019.[98]

Michael Terpin, the founder and chief executive officer of Transform Group, a San Juan, Puerto Rico-based company that advises blockchain businesses on public relations and communications, sued Ellis Pinsky in New York on May 7, 2020, for leading a "sophisticated cybercrime spree" that stole US$24 million in cryptocurrency by hacking into Terpin's phone in 2018.[99][100] Terpin also sued Nicholas Truglia and won a $75.8 million judgment against Truglia in 2019 in California state court.[100]

On July 15, 2020, Twitter accounts of prominent personalities and firms, including Joe Biden, Barack Obama, Bill Gates, Elon Musk, Jeff Bezos, Apple, Kanye West, Michael Bloomberg and Uber were hacked. Twitter confirmed that it was a coordinated social engineering attack on their own employees. Twitter released its statement six hours after the attack took place. Hackers posted the message to transfer the Bitcoin in a Bitcoin wallet, which would double the amount. The wallet's balance was expected[according to whom?] to increase to more than $100,000 as the message spread among the Twitter followers.[101]

In 2022, the Federal Trade Commission reported that $139 million in cryptocurrency was stolen by romance scammers in 2020.[102] Some scammers targeted dating apps with fake profiles.[103]

In early 2022, the Beanstalk cryptocurrency was stripped of its reserves, which were valued at more than US$180 million, after attackers had managed to use borrowed US$80 million in cryptocurrency to buy enough voting rights to transfer the reserves to their own accounts outside the system. It was initially unclear if such an exploit of governance procedures was illegal.[104]

See also[edit]

Notes[edit]

  1. ^ As of supply count of Bitcoin, 2021-09-23

References[edit]

  1. ^ Lachtar, Nada; Elkhail, Abdulrahman Abu; Bacha, Anys; Malik, Hafiz (2020-07-01). "A Cross-Stack Approach Towards Defending Against Cryptojacking". IEEE Computer Architecture Letters. 19 (2): 126–129. doi:10.1109/LCA.2020.3017457. ISSN 1556-6056. S2CID 222070383.
  2. ^ Smagalla, Mengqi Sun and David (2022-01-06). "Cryptocurrency-Based Crime Hit a Record $14 Billion in 2021". Wall Street Journal. ISSN 0099-9660. Retrieved 2022-01-16.
  3. ^ Andrychowicz, Marcin; Dziembowski, Stefan; Malinowski, Daniel; Mazurek, Łukasz (2015), "On the Malleability of Bitcoin Transactions", Financial Cryptography and Data Security, Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 1–18, doi:10.1007/978-3-662-48051-9_1, ISBN 978-3-662-48050-2
  4. ^ Melinek, Jacquelyn (2023-01-05). "Crypto losses in 2022 dropped 51% year on year to $4B". TechCrunch. Retrieved 2023-01-20.
  5. ^ Chavez-Dreyfuss, Gertrude (30 April 2019). "Cryptocurrency thefts, fraud hit $1.2 billion in first quarter: report". Reuters. Retrieved 8 June 2019. Original reports: Schlabach, Adam (2019-01-29). "Cryptocurrency Anti-Money Laundering Report – Q4 2018". CipherTrace. Retrieved 2019-06-08., Schlabach, Adam (2019-05-01). "Q1 2019 Cryptocurrency Anti-Money Laundering Report". CipherTrace. Retrieved 2019-06-08.
  6. ^ a b c Bambysheva, Nina; Santillana Linares, Maria Gracia: "Over $3 Billion Stolen In Crypto Heists: Here Are The Eight Biggest" Forbes; December 28, 2022. Retrieved January 7, 2023.
  7. ^ a b Zack Whittaker (5 January 2015). "Bitstamp exchange hacked, $5M worth of bitcoin stolen". Zdnet. CBS Interactive. Retrieved 6 January 2015.
  8. ^ "Bitcoin Worth $72M Was Stolen in Bitfinex Exchange Hack in Hong Kong". Fortune. Archived from the original on November 20, 2016. Retrieved October 26, 2016.
  9. ^ Iyengar, Rishi (2017-12-07). "More than $70 million stolen in bitcoin hack". CNNMoney. Retrieved 2022-03-02.
  10. ^ Browne, Ryan (2017-12-07). "More than $60 million worth of bitcoin potentially stolen after hack on cryptocurrency site". CNBC. Retrieved 2022-03-03.
  11. ^ Haselton, Todd (2017-12-19). "A South Korean cryptocurrency exchange files for bankruptcy after hack, says users will get 75% of assets for now". CNBC. Retrieved 2022-03-02.
  12. ^ "South Korean cryptocurrency exchange to file for bankruptcy after hacking". Reuters. 2017-12-19. Retrieved 2022-03-02.
  13. ^ a b "Coincheck Says It Lost Crypto Coins Valued at About $400 Million". Bloomberg L.P. January 26, 2018.
  14. ^ Cimpanu, Catalin (4 September 2018). "Bitcoin Gold delisted from major cryptocurrency exchange after refusing to pay hack damages". ZDNet.
  15. ^ Shane, Daniel (2018-06-11). "Billions in cryptocurrency wealth wiped out after hack". CNNMoney. Retrieved 2022-03-02.
  16. ^ Eric Lam, Jiyeun Lee, and Jordan Robertson (10 June 2018), Cryptocurrencies Lose $42 Billion After South Korean Bourse Hack, Bloomberg News, archived from the original on 12 June 2018, retrieved 12 June 2018{{citation}}: CS1 maint: multiple names: authors list (link)
  17. ^ Roberts, Jeff John (9 July 2018). "Another Crypto Fail: Hackers Steal $23.5 Million from Token Service Bancor". Fortune. Archived from the original on 10 July 2018. Retrieved 10 July 2018.
  18. ^ Young, Joseph (2017-06-24). "Cornell Professor: $150 Million Bancor is Flawed". CCN.com. Retrieved 2022-03-02.
  19. ^ Reidy, Gearoid (2018-09-19). "Hackers Steal $60 Million From Japanese Crypto Exchange Zaif". Bloomberg.com. Retrieved 2018-09-20.
  20. ^ "Hackers Stole $40 Million from Binance Crypto Exchange". Wired.
  21. ^ "South African brothers disappear along with $3.6 billion in Bitcoin". Fortune. Retrieved 2021-08-31.
  22. ^ Welle (www.dw.com), Deutsche. "Hackers steal $600 million in record-breaking cryptocurrency heist | DW | 11.08.2021". DW.COM. Retrieved 2021-08-31.
  23. ^ Browne, Ryan (2021-08-19). "More than $90 million in cryptocurrency stolen after a top Japanese exchange is hacked". CNBC. Retrieved 2021-08-31.
  24. ^ "Hackers steal $29 million from crypto-platform Cream Finance". The Record by Recorded Future. 2021-08-30. Retrieved 2021-08-31.
  25. ^ Ongweso Jr., Edward. "Cryptocurrency Loan Platform Implodes In $130 Million Hack". Vice.
  26. ^ "Hackers Steal $119M From 'Web3' Crypto Project With Old School Attack". The Verge. 2022-03-23. Retrieved 2021-12-09.
  27. ^ "Hackers Steal $150M From Crypto Exchange Billed as 'Most Trusted'". The Verge. 2021-12-06. Retrieved 2021-12-14.
  28. ^ Sigalos, MacKenzie (2022-01-07). "Iranian immigrant lost $53,000 in crypto hack, says he faces ruin if BitMart doesn't pay him back". CNBC. Retrieved 2022-01-08.
  29. ^ "Hackers Steal $140 Million From Users of Crypto Gaming Company". The Verge. 2021-12-13. Retrieved 2021-12-14.
  30. ^ "Hackers have stolen $80 million in cryptocurrency from the Qubit DeFi platform". The Verge. 2021-01-28. Retrieved 2022-01-29.
  31. ^ "Crypto Year Ender: Here’s A Look At Major Crypto Scams Of 2022" Outlook India; December 30, 2022. Retrieved January 7, 2023.
  32. ^ "Major issues resulting in lost or stuck funds". Ethereum Wiki.[better source needed]
  33. ^ Hern, Alex (8 November 2017). "'$300m in cryptocurrency' accidentally lost forever due to bug". The Guardian.
  34. ^ "The Multi-sig Hack: A Postmortem". Parity. 20 July 2017. Archived from the original on 27 February 2021.
  35. ^ Destefanis, Giuseppe; Marchesi, M.; Ortu, Marco; Tonelli, R.; Bracciali, A.; Hierons, R. (2018). "Smart contracts vulnerabilities: a call for blockchain software engineering?". 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE): 19–25. doi:10.1109/IWBOSE.2018.8327567. hdl:1893/27135. ISBN 978-1-5386-5986-1. S2CID 4569204.
  36. ^ "A Postmortem on the Parity Multi-Sig Library Self-Destruct". Blockchain Infrastructure for the Decentralised Web. 15 November 2017. Archived from the original on 20 January 2021.
  37. ^ Wieczner, Jen (4 March 2019). "Ethereum Fork Could Help Restore Frozen Parity Cryptocurrency". Fortune.
  38. ^ Tan, Ben (17 February 2021). "Johor police chief: TNB lost RM8.6m to alleged electricity theft by bitcoin mining syndicate | Malay Mail". www.malaymail.com. Retrieved 2021-08-31.
  39. ^ "Take a look inside this underground crypto mining farm in Ukraine with its 3,800 PlayStations and 5,000 computers". news.yahoo.com. Retrieved 2021-08-31.
  40. ^ "Police steamroll 1,000 bitcoin mines after 'electricity theft' prompts power outages". finance.yahoo.com. Retrieved 2021-08-31.
  41. ^ "Sandwell Bitcoin mine found stealing electricity". BBC News. 2021-05-28. Retrieved 2021-08-31.
  42. ^ "Bitcoin: Bitcoin under pressure". The Economist. 30 November 2013. Retrieved 30 November 2013.
  43. ^ Harney, Alexandra; Stecklow, Steve (2017-11-16). "Twice burned - How Mt. Gox's bitcoin customers could lose again". Reuters. Retrieved 2018-09-06.
  44. ^ Jeffries, Adrianne (19 December 2013). "How to steal Bitcoin in three easy steps". The Verge. Retrieved 17 January 2014.
  45. ^ Everett, David (April 2012). "So how can you steal Bitcoins". Smartcard & Identity News. Retrieved 17 January 2014.
  46. ^ Grocer, Stephen (2 July 2013). "Beware the Risks of the Bitcoin: Winklevii Outline the Downside". The Wall Street Journal (Moneybeat). Retrieved 21 October 2013.
  47. ^ a b Hern, Alex (9 December 2013). "Recovering stolen bitcoin: a digital wild goose chase". The Guardian. Retrieved 6 March 2014.
  48. ^ "Silk Road 2 loses $2.7m in bitcoins in alleged hack". BBC News. 14 February 2014. Retrieved 15 February 2014.
  49. ^ Hern, Alex (8 November 2013). "Bitcoin site Inputs.io loses £1m after hackers strike twice". The Guardian. Retrieved 18 September 2015.
  50. ^ "When bitcoins go bad: 4 stories of fraud, hacking, and digital currencies". The Washington Post. Archived from the original on 1 January 2015. Retrieved 6 March 2015.
  51. ^ "MtGox bitcoin exchange files for bankruptcy". bbc.com. BBC. 28 February 2014. Retrieved 18 April 2014.
  52. ^ Ligaya, Armina (5 March 2014). "After Alberta's Flexcoin, Mt. Gox hacked, Bitcoin businesses face sting of free-wheeling ways". Financial Post. Retrieved 7 March 2014.
  53. ^ Truong, Alice (6 March 2014). "Another Bitcoin exchange, another heist". Fast Company. Retrieved 7 March 2014.
  54. ^ Whittaker, Zack (5 January 2015). "Bitstamp exchange hacked, $5M worth of bitcoin stolen". Zdnet. CBS Interactive. Retrieved 6 January 2015.
  55. ^ Millward, Steven (16 February 2015). "Nearly $2M in bitcoins feared lost after Chinese cryptocurrency exchange hack". techinasia.com. Tech In Asia. Retrieved 18 February 2015.
  56. ^ Coppola, Frances (6 August 2016). "Theft And Mayhem In The Bitcoin World". Forbes. Retrieved 15 August 2016.
  57. ^ Vigna, Paul (9 February 2022). "How the Feds Tracked Down $3.6 Billion in Stolen Bitcoin". The Wall Street Journal. Retrieved 3 March 2022.
  58. ^ Samira Sadeque and agencies (February 8, 2022). "US married couple arrested for allegedly conspiring to launder $4.5bn in bitcoin". www.theguardian.com. Retrieved February 9, 2022.
  59. ^ Barrett, Brian (2019-05-08). "Hack Brief: Hackers Stole $40 Million from Binance Cryptocurrency Exchange". Wired.
  60. ^ Heller, Matthew (4 August 2016). "Bitfinex Hack Fuels Bitcoin Security Concerns -". CFO. Retrieved 11 January 2017.
  61. ^ "Testimony of Mark T. Williams Bitcoin: Examining the Benefits and Risks for Small Business" (PDF). U.S. House of Representatives Committee on Small Business Hearing. 2 April 2014. Archived from the original (PDF) on 23 September 2018. Retrieved 10 January 2017.
  62. ^ Popper, Nathaniel: "Hacker May Have Taken $50 Million From Cybercurrency Project" The New York Times. June 18, 2016. (Archived from the original June 20 2017.) Retrieved January 7, 2023.
  63. ^ Price, Rob: "Digital Currency Ethereum is Cratering Amid Claims of a $50 Million Hack" Business Insider. June 17, 2016. (Archived from the original June 11, 2017.) Retrieved January 7, 2023.
  64. ^ Russell, Jon. "Tether, a startup that works with bitcoin exchanges, claims a hacker stole $31M". TechCrunch. Archived from the original on 21 November 2017. Retrieved 22 November 2017.
  65. ^ Goodin, Dan (2022-02-04). "How $323M in crypto was stolen from a blockchain bridge called Wormhole". Ars Technica. Retrieved 2022-03-03.
  66. ^ Farivar, Cyris (October 5, 2017). GW Miners founder owes nearly $10 million to SEC over Bitcoin fraud]. Ars Technica. Archived from the original on 2017-12-29.
  67. ^ "5 reasons to tread carefully in cryptocurrencies". CBS. January 5, 2018.
  68. ^ "SEC Charges Global Crypto Lending Platform and Top Executives in $2 Billion Fraud". SEC.gov. Retrieved 2021-09-04.
  69. ^ Bartlett, Jamie (December 15, 2019). "The £4bn OneCoin scam: how crypto-queen Dr Ruja Ignatova duped ordinary people out of billions — then went missing". The Times.
  70. ^ "Scamcoins". August 2013. Archived from the original on 1 February 2014.
  71. ^ Bradbury, Danny (25 June 2013). "Bitcoin's successors: from Litecoin to Freicoin and onwards". The Guardian. Archived from the original on 10 January 2014. Retrieved 11 January 2014.
  72. ^ Morris, David Z (24 December 2013). "Beyond bitcoin: Inside the cryptocurrency ecosystem". Fortune. Archived from the original on 27 January 2018. Retrieved 27 January 2018.
  73. ^ Department of Justice, Office of Public Affairs (December 13, 2022). "FTX Founder Indicted for Fraud, Money Laundering, and Campaign Finance Offenses". Retrieved January 9, 2023.
  74. ^ "The SBF indictment in full". Financial Times. December 13, 2022. Retrieved January 9, 2023.
  75. ^ "Cryptolocker Virus Definition". Kaspersky. Retrieved 17 Feb 2020.
  76. ^ Keizer, Gregg (28 February 2014). "Bitcoin malware count soars as cryptocurrency value climbs". Computerworld. Retrieved 8 January 2015.
  77. ^ Barski, Conrad; Wilmer, Chris (14 November 2014). Bitcoin for the Befuddled. No Starch Press. ISBN 978-1-59327-573-0.
  78. ^ Zach Miners (24 February 2014). "Bitcoins, other digital currencies stolen in massive 'Pony' botnet attack". Retrieved 8 January 2015.
  79. ^ Finkle, Jim (24 February 2014). "'Pony' botnet steals bitcoins, digital currencies: Trustwave". Reuters. Retrieved 7 March 2014.
  80. ^ a b c "Watch out! Mac malware spread disguised as cracked versions of Angry Birds, Pixelmator and other top apps". ESET. 26 February 2014. Retrieved 20 November 2015.
  81. ^ "You're infected—if you want to see your data again, pay us $300 in Bitcoins". Ars Technica. 17 October 2013. Retrieved 23 October 2013.
  82. ^ "Criminals continue to defraud and extort funds from victims using cryptowall ransomware schemes". FBI. Retrieved 13 November 2017.
  83. ^ a b "How Ransomware turns your computer into a bitcoin miner". The Guardian. 10 February 2014. Retrieved 7 March 2014.
  84. ^ Gibbs, Samuel (21 November 2013). "US police force pay bitcoin ransom in Cryptolocker malware scam". The Guardian. Retrieved 7 March 2014.
  85. ^ Usborne, Simon (15 May 2017). "Digital gold: why hackers love Bitcoin" – via The Guardian.
  86. ^ Rooney, Kate (2018-06-07). "$1.1 billion in cryptocurrency has been stolen this year, and it was apparently easy to do". CNBC. Retrieved 2018-09-06.
  87. ^ Larson, Selena (2018-02-22). "Cryptojackers are hacking websites to mine cryptocurrencies". CNNMoney. Retrieved 2021-04-17.
  88. ^ a b "Cryptojacking malware was secretly mining Monero on many government and university websites". TechCrunch. Retrieved 2021-04-17.
  89. ^ Lachtar, Nada; Elkhail, Abdulrahman Abu; Bacha, Anys; Malik, Hafiz (2020-07-01). "A Cross-Stack Approach Towards Defending Against Cryptojacking". IEEE Computer Architecture Letters. 19 (2): 126–129. doi:10.1109/LCA.2020.3017457. ISSN 1556-6056. S2CID 222070383.
  90. ^ Caprolu, Maurantonio; Raponi, Simone; Oligeri, Gabriele; Di Pietro, Roberto (2021-04-01). "Cryptomining makes noise: Detecting cryptojacking via Machine Learning". Computer Communications. 171: 126–139. doi:10.1016/j.comcom.2021.02.016. S2CID 233402711.
  91. ^ "Coinhive domain repurposed to warn visitors of hacked sites, routers". BleepingComputer. Retrieved 2021-04-17.
  92. ^ Hwang, Inyoung. "What is cryptojacking? How to detect mining malware - MediaFeed". mediafeed.org. Retrieved 2021-05-11.
  93. ^ "Brutal cryptocurrency mining malware crashes your PC when discovered | ZDNet". ZDNet.
  94. ^ "IOTA Founder On Stolen Funds: Lots of People Will "Screw You Over"". Finance Magnates. January 25, 2018.
  95. ^ "The Kenyans lured to become unwitting 'love' fraudsters". BBC News. 2022-11-26. Retrieved 2022-11-26.
  96. ^ a b Sarah Jeong, DEA Agent Who Faked a Murder and Took Bitcoins from Silk Road Explains Himself Archived 29 December 2017 at the Wayback Machine, Motherboard, Vice (25 October 2015).
  97. ^ Nate Raymond, Ex-agent in Silk Road probe gets more prison time for bitcoin theft Archived 29 December 2017 at the Wayback Machine, Reuters (7 November 2017).
  98. ^ Rich, Nathaniel (22 November 2019). "Ponzi Schemes, Private Yachts, and a Missing $250 Million in Crypto: The Strange Tale of Quadriga". Vanity Fair.
  99. ^ Kaplan, Michael (2019-04-13). "Hackers are stealing millions in Bitcoin — and living like big shots". New York Post. Retrieved 2020-05-08.
  100. ^ a b "Teen Hacker and Crew of 'Evil Geniuses' Accused of $24 Million Crypto Theft". www.msn.com. Retrieved 2020-05-08.
  101. ^ "Twitter hack: accounts of prominent figures, including Biden, Musk, Obama, Gates, and Kanye compromised". The Guardian. 16 July 2020. Retrieved 16 July 2020.
  102. ^ Roth, Emma (14 February 2022). "Romance scammers collected $139 million in crypto last year". The Verge. Retrieved 2 March 2022.
  103. ^ Roose, Kevin (21 February 2022). "Crypto Scammers' New Target: Dating Apps". The New York Times. Retrieved 2 March 2022.
  104. ^ Hern, Alex (18 April 2022). "Beanstalk cryptocurrency loses $182m of reserves in a flash 'attack'". The Guardian. Retrieved 18 April 2022.

External links[edit]