In 2020, security issues will still be a dark cloud over the encryption industry.
However, compared with 2019, the loss of cryptocurrency exchanges due to hacking attacks has greatly reduced, and the nascent DeFi field has become a fat meat in the eyes of hackers due to the influx of large amounts of funds, for those blocks with insufficient network computing power. For the chain, 51% attacks can still bring a heavy blow to the network.
DeFi lightning attack
The DeFi field is the hardest hit by security issues in 2020. In 2020, bZx, Balancer, Harvest Finance, Value, Cheese Bank, OUSD, Warp Finance and other projects were attacked by lightning loans, with losses amounting to tens of millions of dollars. Except for bZx, which was attacked at the beginning of this year, and Balancer, which was attacked in June of this year, the other five lightning loan attacks occurred in the last three months of this year.
Among them, Harvest Finance was attacked by a lightning loan on October 26, and the loss amounted to 33.8 million U.S. dollars, of which about 24 million U.S. dollars of cryptocurrency were cashed out through renBTC.
In mid-November, three projects of Value, Cheese Bank and OUSD were attacked by lightning loans in just four days, with losses amounting to 6 million, 3.3 million and 7 million US dollars respectively.
On December 18th, Warp Finance, a DeFi protocol for liquid LP token mortgage lending, suffered a lightning loan attack and 7.7 million USD tokens were stolen.
DeFi contract vulnerabilities
In the DeFi boom this summer, a large number of DeFi projects rushed to the top, many of which have unreviewed codes. The failure of the Yam project is a typical case.
Yam witnessed the craziest week of the DeFi boom and also confirmed the worrying side of the DeFi boom. Because the code with the bug has not been audited, the Yam project immediately discovered a problem after experiencing the skyrocket at the beginning of its launch. After 24 hours of hard work, the price plummeted by 99% and the governance contract was “permanently destroyed.” Curve tokens worth $750,000 are locked and cannot be used.
In September of this year, Twitter user Amplify said that a loophole in the DeFi smart contract SYFI (Soft Finance) was discovered, and a single transaction made 747 Ethereum worth US$250,000.
On September 13, bZx officially stated that due to a system vulnerability, the attacker increased his balance to 153.6 million iUSDT and began to withdraw from the USDT pool. The attackers stole approximately 4,700 ETH in this incident, but these cryptocurrencies were eventually returned.
In April of this year, Uniswap and Lendf.Me were attacked by ERC 777 token reentry attacks. Among them, Uniswap lost 1,278 Ethereum, worth about 220,000 US dollars, and Lendf.Me lost about 25 million US dollars.
In June of this year, due to a vulnerability in the unverified safeTransferFrom() function on the new Bancor network contract, Bancor carried out a white hat attack to transfer funds to a safe address, but there were still $135,229 in funds that were preemptively traded by an unknown arbitrage robot .
In November, Compound was attacked by oracles, and 90 million US dollars of assets were liquidated. The huge liquidation of Compound this time was caused by the dramatic fluctuation of the DAI price of Coinbase Pro, the information source of the oracle machine.
51% attack
The most traditional and violent 51% attacks against public chains have still not disappeared. Although the security of Bitcoin and Ethereum has been greatly increased due to the continuous increase of network computing power, some of their fork coins and others Small currencies appear powerless in the face of 51% attacks.
In January of this year, Bitcoin Gold suffered two 51% computing power attacks. Both recharge transactions on exchanges were cancelled, involving about 1,900 BTG and 5267 BTG, with an amount close to US$90,000.
In August, Ethereum Classic (ETC) was also subjected to multiple large-scale 51% attacks. More than 10,000 blocks were reorganized successively, and the attackers profited at least US$1.68 million from the attacks.
In November, the Grin network also suffered 51% attacks. An unknown entity once controlled more than 57% of network computing power. In December, the Aeternity network was also attacked by 51%. The loss caused by the 51% attack exceeded 39 million AE tokens. The main damages were exchanges and mining pools. Exchanges were concentrated in OKEx, Gate, and coins. Ann.
Exchange
In many 51% attacks against public chains, cryptocurrency exchanges are the victims. During the 51% attack on Ethereum Classic in August, OKEx lost $5.6 million.
In addition, DDOS attacks have also affected the normal operations of many cryptocurrency exchanges. In May, Youbi Exchange and Binxing Exchange both suffered uninterrupted and continuous DDOS attacks, resulting in their services not being used normally and users unable to log in. In December, Poloniex exchange also suffered a DDOS attack.
The exchange attacks that caused large losses this year mainly occurred in the second half of the year. In July, Spanish cryptocurrency payment application and credit card issuer 2gether suffered a hacking attack and lost 1.4 million US dollars. Also in July, a wallet of the UK-based cryptocurrency exchange Cashaa was hacked and 336 bitcoins were lost.
Due to the leak of the private key of the hot wallet, the KuCoin Exchange had a number of large-scale withdrawal transactions of Bitcoin and ERC-20 tokens in the hot wallet on September 26, valued at nearly US$150 million.
In December, a major security breach occurred in the British cryptocurrency exchange Exmo. The exchange stated that hackers had withdrawn about 5% of EXMO’s assets from its hot wallet, and according to The Block’s research analyst Igor Igamberdiev, EXMO lost approximately $10.5 million in funds.
Data breach
For encryption companies, although user data leakage does not bring direct losses, it will expose millions of users to the threat of phishing attacks.
Encrypted hardware wallet company Ledger’s data breach at the end of June. The company’s marketing and e-commerce database was compromised at the end of June. The customer’s contact information and order information were exposed. In December, a database containing more than one million customer emails was published on the hacker website Raidforums. Some of these users have been phishing attacks or received threatening emails.
In February, the crypto derivatives exchange Digitex was attacked by hackers and the private information of more than 8,000 users was leaked.
In March, the crypto investment fund Trident Crypto Fund suffered a major data breach. The personal data of about 266,000 people registered with the fund were posted on multiple file sharing websites. The stolen database included email addresses, mobile phone numbers, encrypted passwords and IP addresses.
In April, due to a hacker attack, at least 42 million Iranian “Telegram” usernames and phone numbers were leaked through the unofficial version of Telegram. Telegram said that the data was leaked from two branch versions of its client, HotGram and Talagram.
In May, BlockFi, a cryptocurrency lender, issued a data breach alert to customers. CEO Zac Prince confirmed that the leak occurred on May 14 and affected less than half of the company’s retail and institutional customers. The customer’s account activity information, email address, and postal address have all been leaked, but the social insurance numbers, licenses, and government-issued ID cards have not been exposed.
In June, Japanese cryptocurrency exchange Coincheck leaked users’ emails and personal information, including names, registered addresses, date of birth, phone numbers, and IDs. About 300 users were affected by this.
In December, Australian crypto exchange BTC Markets leaked all customer names and email addresses in marketing emails, which may expose all customers to potential phishing attacks. These emails are sent in batches of 1,000, which means that each customer has received the names and email addresses of 999 other users.
Crypto fraud ransomware
In addition to the attacks on crypto companies themselves, cryptocurrencies have also been widely used as tools for monetizing cyber fraud and extortion activities.
The most influential incident was the “epic” attack on social media Twitter on July 16, crypto exchanges such as Coinbase, Gemini, and Binance, and celebrities such as Buffett, Obama, Biden, and Bezos. The special account was stolen and the “Bitcoin fraud” information was released, which caused concerns about the security of the centralized platform inside and outside the circle.
In addition to Twitter, YouTube, Telegram, Facebook, and Google ads are also hardest hit by cryptocurrency scams. In YouTube, celebrity videos are re-edited and dubbed to promote certain junk coins, fake altcoins, or To promote the so-called “airdrop” and “giving away” scams, Musk, Bill Gass, the President of the United States, and Coinbase Exchange CEO Brian Armstrong are scammers’ favorite celebrities, and Bitcoin and XRP are criminals’ favorite encryption currency.
In Telegram, scammers will pretend to be official groups or staff of some projects to ask for investors’ keys to control their encrypted assets. In addition, “arbitrage scams” are also popular scams in Telegram groups. Proportionally, ETH is exchanged for HT to trick users into transferring ETH to the fraudster’s account to exchange fake HT.
In China, the police in many places in China have cracked down on many “cryptocurrency” and “virtual asset” investment scams. Criminals induced victims to invest in virtual currency through related apps or trading platforms. After users transferred funds, they shut down related platforms and were run away. Lu Yi illegally possesses investors’ funds.
Ponzi schemes under the guise of virtual currencies are also targeted by financial regulatory agencies in various countries. In the United States, multiple Ponzi schemes have been prosecuted by regulatory agencies, and the suspect of the encrypted Ponzi scheme, Matthew Piercey, was arrested with a total amount of US$35 million. The US SEC lawsuit also accused Florida businessman Thomas J. Gity of operating a Ponzi scheme disguised as a cryptocurrency trading plan. Gity raised $6.8 million from at least 18 investors through the program. The federal prosecutor of South Florida in the United States accused Jose Angel Aman, a Washington man, of operating a Ponzi scheme diamond token Argyle Coin, involving a total of 25 million U.S. dollars. In Spain, Santiago Fuentes, the CEO of Arbistar 2.0, was arrested by the police. Fuentes was accused of defrauding nearly 32,000 investors in a Bitcoin Ponzi scheme, worth nearly 850 million euros (about 1 billion US dollars). On the Ethereum blockchain, Ponzi schemes MMM and Forsage also once occupied a large amount of public blockchain resources.
Phishing websites are also one of the fraud methods that criminals like to use. At the beginning of the year, Voice, Privnote and other projects were used. In the DeFi boom in the middle of the year, criminals forged the websites of YFII, Uniswap, Curve and other projects. After the leak of Ledger wallet user information, Ledger users also became the targets of criminals. .
In terms of encrypted ransomware, dozens of institutions, schools and companies have become targets of criminals, including the Richmond Community School District in Michigan, the British currency exchange website Travelex, the small town of Willebroek in Belgium, the Mountain View-Los Altos School District in California, and the insurance industry. Giant Chubb, Torrance, California, Parkview Medical Center, Pueway, Colorado, Fresenius Group, Germany, Kent Commercial Services, UK, Digital Management Inc, U.S. IT company, Knoxville, Tennessee, Australian beverage giant Lion, American Medical Systems Crozer-Keystone, South Korean electronics giant LG, Japanese multinational automobile manufacturer Mitsubishi Group, University of California, University of York, Spanish railway company ADIF, multinational technology company Garmin, multinational company Canon, American wine and spirits giant Brown-Forman Corp, University of Utah , Argentine National Immigration Service, Israeli chip manufacturer TSEM, Banco Estado, one of the three major banks in Chile, Pakistani electricity producer K-Electric, Finland Vastaamo psychotherapy center, IoT chip manufacturer Advantech, Israeli insurance company Shirbit and South Korean Attachment Group Its stores, etc.
Conclusion
Both blockchain and cryptocurrency are a double-edged sword. On the one hand, it brings us unlimited possibilities for innovation, on the other hand, it also provides criminals with tools for evil.
However, the devil’s height is one foot high, and the criminal behavior of criminals will force the encryption industry to evolve itself, forcing regulators to advance with the times, and ultimately accelerate the maturity of this industry.
