Hong Kong - Here’s another reason to be
leery of the initial coin offerings being done at a staggering pace in
the cryptocurrency world: there’s a one-in-10 chance you’ll end up a
victim of theft.
Phishing scams have helped push up criminal losses to about $225m on this year, according to Chainalysis, a New York-based firm that
analyzes transactions and provides anti-money laundering software. In
such scams, investors are tricked into sending money to internet
addresses pretending to be funding sites for digital token offerings
related to the ethereum blockchain technology.
More than 30 000 people have fallen prey to ethereum-related cyber
crime, losing an average of $7 500 each, with ICOs amassing about $1.6
billion in proceeds this year, Chainalysis estimates.
“It’s a huge amount of money to generate in such a short period of
time,” said Jonathan Levin, co-founder of Chainalysis, whose software
and database are used by some of the largest bitcoin companies and US
law enforcement agencies. “The cryptocurrency phishers are doing pretty
good against all the other types of criminals that are out there.”
Indeed, the huge amount of wealth that has fallen prey to cyber
criminals is approaching the losses incurred by robberies in the US
for the entire year of 2015, which stood at $390m, according to
statistics released by the Federal Bureau of Investigation.
ICOs are digital token sales typically that raise ether, with users
transferring the funds to addresses provided by startups. Investors,
sometimes eager to get early access to new token offerings have been
tricked into providing their credentials to fake websites through
targeted email campaigns, twitter posts and Slack messages, said Levin.
Ether rose 0.1% to $324.17 on Thursday, according to data from coindesk, while bitcoin rose 0.2% to $4,201.
Most attacks involve creating websites or social media accounts that
sound similar to the real ICO project. Levin gave the fictional example
of a project named "illuminate," which an imposter might fake by
spelling it as "iIIuminate." Using the fake account, they would solicit
potential investors to send money to the criminal’s address.
His firm compiled the data by identifying so-called digital wallets
used by scam artists. That information is usually public because
criminals widely circulate it, hoping to fool investors into sending
Other common forms of crime involve tapping into project loopholes.
The DAO, or decentralised autonomous organisation, is a smart contract
project built on top of ethereum that was intended to democratise how
ethereum projects are funded. A bug in the system was exploited and that
led to the
theft of $55m worth of ether at the time.
Levin didn’t provide data for bitcoin-related cybercrime, and not
because it is any safer. He said such data is harder to track as scams
are usually specific attacks on individual holders, rather than
ICO-related campaigns which try to dupe many people at once.
“The overall figures mean there are infrastructure that we need to
build to help prevent people from getting abused,” said Levin.
SUBSCRIBE FOR FREE UPDATE: Get Fin24's top morning business news and opinions in your inbox.
Read Fin24's top stories trending on Twitter: