The risky business of bitcoin: High-profile cryptocurrency catastrophes

ZDNet reviews the high-profile disasters, data breaches, vulnerabilities, and criminal cases that shook up digital currency this past year
Written by Charlie Osborne, Contributing Writer

Video: Why rising bitcoin prices are not all good news for ransomware writers

In the last few months, the cryptocurrency industry has exploded with investor interest appearing to be at an all-time high.

The price of Bitcoin alone has surged thousands of dollars in the past few weeks, topping $16,500 at the time of writing, and while some investors plea caution and anticipate a crash, the rise has highlighted just how much interest there is in digital coins and alternative payment methods.

Over the course of the past year, traditional financial institutions have begun exploring cryptocurrency and its backbone infrastructure, digital ledger technologies known as blockchain, with some banks going so far as to offer their clients cryptocurrency-supporting trading accounts and options.

This month, Venezuelan President Nicolas Maduro went as far as to announce a plan to create "Petro," a sovereign virtual currency which he claims can be used to help dig the country out of its current economic crisis.

On TechRepublic: 18 new IT jobs created by Bitcoin and blockchain

Blockchain and cryptocurrency certainly have its benefits. The blockchain has garnered interest in the technology field and beyond as a secure method to share, store, and record data transparently -- with IBM one of many now offering blockchain-based business solutions -- while cryptocurrency, when bought early, has proved to be a lucrative investment.

That is, when security issues do not rear up and smash investor dreams to pieces.

Regulators in the UK and US are both scrambling to control this industry, of which many investors are failing to declare cryptocurrency profits, but on the other side of the spectrum, some are losing cash due to poorly managed Initial Coin Offerings (ICOs), vulnerabilities, malware, and more.

See also: Bitcoin futures begin trading | Ransomware's bitcoin problem: How price surge means a headache for crooks | JPMorgan calls Bitcoin 'fraud' only for use by criminals and North Koreans | TechRepublic: Why more companies will be betting on Bitcoin in 2018

It was back in 2014 with the abrupt closure of Bitcoin trading platform Mt. Gox which signaled all may not be well in the industry when it came to security. Investors are highly unlikely to ever get their money back and the former CEO, Mark Karpeles, faces charges of embezzlement.

Since then, cryptocurrency interest has increased, but so has the security issues surrounding investment.

2017 was an interesting year for the industry, with hacks, vulnerabilities, and data breaches a constant theme.

January was a quiet month as we all recovered from the holiday season, but in February, programmers were left shamefaced after a simple typing error caused the loss of Zcoins worth $585,000 at the time.

According to Zcoin, a "typographical error on a single additional character" in the Zerocoin source code allowed an attacker to generate additional Zcoins during a single transaction, leading to the theft of roughly 370,000 Zcoins.

Little of note took place in March, but in April, OneCoin representatives were in the middle of a sales pitch related to cryptocurrency when law enforcement raided the company, jailing 18 employees and freezing roughly $2 million in investor funds.

Local Delhi police said the company only accepted cash for cryptocurrency and did not issue receipts in order to cover its tracks, therefore suggesting the entire scheme was a scam. (However, this is not to be confused with the China-based Xunlei's OneCoin.)

Little of note happened in May, but in June, the US Securities and Exchange Commission (SEC) won a court case against the now-defunct GAW Miners and Zen Miners, both of which were accused of running Bitcoin Ponzi schemes which defrauded investors with "the lure of quick riches from virtual currency."

These were 2017's biggest hacks, leaks, and data breaches

July was a busy month with ICOs being targeted for investor funds and cyberattackers running amok.

During the much-awaited CoinDash ICO, hackers used a disarmingly simple tactic to capitalize on investor enthusiasm and steal roughly $7.4 million in Ethereum (ETH).

The unknown hacker or group compromised the CoinDash website and simply changed a wallet address intended for investors during the ICO to a wallet they owned.

It took only minutes before CoinDash realized what had occurred, but the damage was done.

Just a week after, Veritaseum's ICO met a similar fate. In total, 36,000 VERI tokens were stolen by hackers during the event, worth nearly $8 million at the time. The tokens, however, belonged to the company and not investors.

South Korean exchange Bithumb, the fourth largest exchange worldwide, also became a victim in July as thieves managed to steal a database of user information from an employee's personal PC to compromise user accounts, resulting in the theft of information and Bitcoin worth billions of won.

In the same month, the Parity wallet was compromised by an attacker who slinked away with over $30 million in Ethereum.

At least three wallets were compromised through the exploit of a vulnerability in the wallet, with Edgeless Casino, Aeternity, and Swarm City named as victims.

To prevent more wallets being drained, white hats took charge and drained user wallets themselves to hold them until the bug was fixed.

In August, hackers used a simple trick to swindle investors on the Ethereum platform Enigma.

As the marketplace was gearing up for its ICO, potential traders were sent "very convincing" emails announcing a "pre-sale" of tokens and inviting them to participate.

While some users recognized the emails as a scam, others did not, parting with close to $500,000 in Ethereum. It appears that the user details were gained through the compromise of the Enigma Slack channel and email lists.

In September, the US Commodity Futures Trading Commission (CFTC) filed a court case against Nicholas Gelfman and Gelfman Blueprint, alleging that the company scammed roughly 80 investors out of $600,000 through a Ponzi scheme.

The victims were reportedly actually involved in an exit scheme and were told the "Jigsaw" trading platform had been hacked.

South Korea made the headlines at this time, too, by outlawing ICOs due to the risk of scams.

In October, Alexander Vinnik became the source of a fight between the US and Russia -- both of which want to charge him with suspected Bitcoin laundering. The Russian national allegedly was the mastermind behind BTC-e, which "washed" funds without taking customer information, allowing for laundering to take place.

BTC-e was given a $110 million fine.

Vancouver-based Etherparty had to temporarily shut down its FUEL token sale after 45 minutes into the event in the same month after a cyberattacker switched the firm's wallet address with one they owned in an attempt to steal user funds.

Impacted investors were compensated.

Perhaps due to the risks some ICOs represented to investors, China took the same stance as South Korea, banning ICOs as "illegal" in the same month.

November was a terrible month for Tether, a start-up used to exchange cryptocurrency backed by traditional cash. The company revealed that cybercriminals managed to compromise its treasury wallet and steal $30,950,010 USDT -- a token linked to the US dollar -- before sending the tokens to an unauthorized wallet.

Tether said that the company is working to recover the lost funds.

This was a strange month in the cryptocurrency space. An Ethereum user, poking around the Parity wallet -- used to store and trade Ethereum -- accidentally exploited a major vulnerability hidden within the library of the standard multi-sig contract.

The user was able to make himself an owner of a contract and at the same time wiped out a critical element of library code which locked other users out of their wallets.

The actions of the user resulted in $160 million in funds being frozen.

A solution is yet to be found, although a hard fork has been proposed as a potential solution.

While companies grappled with the aftermath of theft and data breaches, a 47-year-old pastor in New Jersey was sentenced to over five years in prison for accepting bribes through the unlicensed, illegal Coin.mx Bitcoin exchange through his community church.

It may be the season for holiday cheer, but few NiceHash users are going to have a good season. In December, the company admitted that $68 million in investor funds had been stolen from the NiceHash wallet, resulting in suspended operations. The full extent of the breach is still not yet known.

SEC took on another cryptocurrency outfit in the same month, filing charges against PlexCorps for allegedly conducting ICO fraud. The company raised up to $15 million by promising investors a 13-fold profit within weeks.

Read more: Quant Trojan upgrade targets Bitcoin, cryptocurrency wallets

Data breaches and successful hacks are not the only concerns in the cryptocurrency industry, however, with some threat actors embracing new variants of malware to steal user funds and compromise wallets.

While reports suggest North Korea is secretly using malware to enslave PCs for the purposes of cryptocurrency mining, the concept was also brought closer to home this year.

Users of The Pirate Bay reported CPU problems in October when visiting the torrent search website, which was later revealed to be due to a Monero mining pilot, implemented without user consent.

See also: 500 million PCs are being used for stealth cryptocurrency mining online | Hackers hijack Coinhive cryptocurrency miner through an old password | How much does The Pirate Bay's cryptocurrency miner make? | Android security: Coin miners show up in apps and sites to wear out your CPU

Cloudflare is now blocking websites which use such software without user permission, and while lending CPU power in return for ad-free browsing may be a possible future, consent is key.

In the meantime, Trend Micro says that Google Play is littered with mining apps masquerading as legitimate software.

Ransomware which demands cryptocurrency, botnets, and malware designed to infiltrate wallets stored offline on user PCs are also a growing problem.

With the increased popularity of cryptocurrency and growing interest of attackers keen to cash in through malware, phishing, and attacking trader events such as ICOs, investors need to be careful.

Cryptocurrency has a future in finance and investment, but cybersecurity will remain a challenge in 2018.

How blockchain technology can transform our world

Previous and related coverage

    500 million PCs are being used for stealth cryptocurrency mining online

    Your PC may be used to find cryptocurrency when you visit websites, with or without your consent.

    Hackers hijack Coinhive cryptocurrency miner through an old password

    Yet another lesson in how not to secure your network.

    Falcon bank offers clients Bitcoin, cryptocurrency trade accounts

    Banking customers will now be able to hold and buy Bitcoin, but what does this mean for anonymity?

      Editorial standards