In the last 10 years, hackers have stolen $1.2 billion worth of the cryptocurrencies bitcoin and ether, according to Lex Sokolin, global director of fintech strategy at Autonomous Research LLP.
“It looks like crypto-hacking is a $200 million annual revenue industry,” Sokolin said, adding that cybercriminals have stolen more than 14 percent of the bitcoin and ether supply over the last decade, Bloomberg reported.
According to Susan Eustis, CEO of WinterGreen Research, cryptocurrency hacks have cost companies and governments $11.3 billion worth of potential tax revenue from coin sales. These losses could continue to increase dramatically as more companies and investors join the cryptocurrency craze.
Another recent report by consultancy firm Ernst and Young predicts that about 10 percent of funds raised through the 372 initial coin offerings (ICOs) between 2015 and 2017 have been stolen through hacks.
“Hackers are attracted by the rush, absence of a centralized authority, blockchain transaction irreversibility and information chaos,” the paper stated. “Project founders focus on attracting investors and security is often not prioritized. Hackers successfully take advantage — the more hyped and large-scale the ICO, the more attractive it is for attacks.”
In addition, although seemingly secure, blockchain records, which are kept by the digitized, decentralized, public ledger of cryptocurrency transactions to allow all investors to keep track of digital currency transactions, aren’t that much safer than any other software.
In a phone interview, Matt Suiche, who oversees blockchain security company Comae Technologies, told Bloomberg that because there are thousands of blockchains with their own bugs, securing them all is tricky.
“Each implementation is going to have its own problems,” Suiche said. “The more implementations, the harder it is to cover all of them.”
Blockchains start as forks that diverge from existing crypto ledgers — databases where every cryptocurrency transaction is recorded. Forks are changes to the software of a digital currency that result in two different versions of the blockchain with a common, shared history. When a fork occurs, two different digital coins are also created. Forks, which can be temporary or permanent, occur frequently during mining, the computation process in which more bitcoins are created.
During the mining process, some investors use their computers to verify transactions in the network in exchange for new bitcoins commensurate with the amount of computing power their computers contribute to the network.
In December, security researchers at the Taiwanese Institute of Electrical and Electronics Engineers revealed that blockchains are especially vulnerable as hackers can manipulate the data at every fork.
The report also states that hackers can theoretically spend the same bitcoins twice through what is called a balance attack, in which hackers purposefully delay network communications between bitcoin miners to prevent their computers from validating blockchain transactions.
“We have no evidence that such attacks have already been performed on bitcoin,” the researchers said. “However, we believe that some of the important characteristics of bitcoin make these attacks practical and potentially highly disruptive.”