Cybersecurity experts have warned that commonly used cryptocurrency technologies make it easier for criminals to cover their tracks after a theft, after hackers reportedly completed a $196m hack against cryptocurrency exchange BitMart.
BitMart is estimated to be the 118th biggest cryptocurrency exchange in the world, based on traffic, liquidity, trading volumes and confidence in the legitimacy of trading volumes reported, according to CoinMarketCap. Its users’ confidence may be shaken after the exchange revealed it had fallen victim to cybercriminals at the weekend.
“We have identified a large-scale security breach related to one of our [ethereum] hot wallets and one of our [Binance] hot wallets today,” BitMart confirmed in a statement on Saturday. “At this moment we are still concluding the possible methods used.”
A hot wallet is a cryptocurrency wallet that is connected to the internet and thus enables the user to spend their money more easily. The downside of this is that the money becomes harder to protect.
A cold wallet is a physical device that enables bitcoin and other digital token holders to take their digital monies offline. The downside of a cold wallet is that it’s harder to spend the money, but the benefit is that the money is safer.
BitMart estimated that the criminals behind the hack had absconded with approximately $150m in digital dosh. However, blockchain security and data analytics firm PeckShield later estimated that the takings were closer to $196m. PeckShield estimated that the criminals lifted differing sums of a number of cryptocurrencies, including BabyDoge, Hero, Starship and Floki. Blockchain analytics firm Elliptic went even further and said the crooks snatched $225m, but didn’t supply details of how it calculated that sum ahead of publication of this article.
Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on @BinanceChain pic.twitter.com/cXXApDFtd7
— PeckShield Inc. (@peckshield) December 5, 2021
PeckShield was the first to notice the digital heist after detecting a steady flow of tens of millions of dollars from BitMart to an address. BitMart said the hack had only affected “a small percentage of assets on BitMart and all of our other wallets are secure and unharmed.”
“We are now conducting a thorough security review and we will post updates as we progress,” BitMart added. “At this moment we are temporarily suspending withdrawals until further notice.”
It is unclear how the cybercriminals hacked BitMart. However, PeckShield said it’s pretty obvious what happened after the hack. The security firm said the hackers used what is referred to as a “transfer-out, swap, and wash” method to hide their tracks.
What this means is that the criminals transferred out the stolen cryptocurrencies via the decentralised exchange aggregator 1inch to swap the digital dosh for ether cryptocurrencies, CNBC reported. Next, the criminals deposited a the money in a privacy mixer known as Tornado Cash, making them even harder to trace.
It’s this type of available infrastructure that cybersecurity experts blame for making it easier for criminals to get away with cryptocurrency hacks.
“The technology underpinning cryptocurrencies makes it far too easy to steal large sums of money, often leaving little or no trace as to where the money has gone or who has stolen it,” Jake Moore, cybersecurity specialist at ESET. “Sending funds to an ethereum mixing service is common for those wanting to evade being followed by the authorities, so better initial prevention for those with digital funds is vital to help mitigate this growing trend.
“Users can add layers of protection such as 2FA and remain on guard against clever targeted phishing emails but crypto exchanges could potentially add extra layers of security when money is requested. Multiple verification techniques over certain amounts of money can slow thieves down and potentially reduce or even prevent the money from being taken.”
Hackers have a plethora of alternatives when it comes to obscuring their tracks. In October, a report from the British National Bureau of Economic Research warned that platforms like Binance and Huobi, with little effort devoted to know-your-customer (KYC) standards, exacerbate the global money laundering problem by not doing enough rigorous background checks on their users.
The organisation warned that ransomware gangs and other cyber criminals can take their ill-gotten gains from a high-KYC exchange via a low- or no-KYC platform and thus make it harder to track where the money ends up.
Understandably, regulators around the world are now looking for ways to stop cryptocurrencies being used for money laundering and other crimes, a development predicted in a recent GlobalData research report.
India is expected to be the latest country to regulate the budding market. It’s unclear what form that regulation will take. Some reports suggest the expected upcoming bill will see it join China in outright banning blockchain money. Others suggest that India may not ban cryptocurrencies but simply regulate it more strictly to discourage money laundering and other financial crimes.