February 27, 2024

Chainalysis: the number of attacks on exchanges increased, and they became more sophisticated

According to the analytical firm Chainalysis, 2019 was a record year for the number of hacker attacks on cryptocurrencies.exchanges, but the damage from them turned out to be much smaller than a year earlier.


The company explained that it took into account not onlyhacker hacks using technical vulnerabilities, and all attacks, including using social engineering and other methods of deception. Also, her statistics include only theft of cryptocurrencies from exchange wallets, but not payment systems, custodians, investment platforms and other services.

In 2019, 11 attacks on exchanges were made, but none of them came close to hacking $ 533 million in Coincheck hacks in 2018 or $ 473 million in 2014 for MtGox.

Over the past year, attackers stole $ 283 million from cryptocurrency exchanges, despite a sharp increase in the number of attacks.

Chainalysis: the number of attacks on exchanges increased, and they became more sophisticated

The number of attacks on exchanges versus the cost of stolen funds by year. Source - Chainalysis

Hackers became the most profitable105 million CoinBene bitcoin exchanges. This amount is more than the combined attacks on the second and third lines of the unique Upbit and Binance rating - $ 49 million and $ 40 million, respectively.

According to Chainalysis, nearly 90% of stolen digital assets went to other exchanges and were likely converted into fiat currencies.

Chainalysis: the number of attacks on exchanges increased, and they became more sophisticated

Directions of movement of stolen funds. Source - Chainalysis

Attackers have more often used mixing services and wallets using CoinJoin technology to hide the illegal origin of assets.

Chainalysis said exchanges have taken stepsto improve the protection of customer funds. Many exchanges currently store a smaller percentage of funds in less secure hot wallets, require more withdrawal permissions, and track transactions for suspicious activity to prevent hacks.

The success of the measures taken confirms the reduction in the amount of damage with an increase in the number of attacks per year, the company said.

However, hackers also use more sophisticated attack methods and more advanced methods of money laundering.

Chainalysis gave an example of sophisticated phishingattacks of the well-known hacker group Lazarus on the DragonEx exchange (damage of about $ 7 million). The group, which is associated with the government of North Korea, has created a fake company with a professional website and the presence in the social networks of fictional employees. Hackers managed to convince DragonEx staff to test the trading bot in which they introduced malware for free.

Recall that after the seventh crypto-exchange hack last year (VinDAX), their total damage from attacks for all time reached $ 1.39 billion.