In 2024, the crypto industry underwent significant changes, marked by both positive developments and a number of obstacles. As cryptocurrencies continue to spread following the approval of the Bitcoin and Ethereum ETFs, the industry continues to struggle with a persistent problem: hacker attacks. In particular, Chainalysis’ latest report “2024 Crypto Crime Mid-year Update” provides a more detailed overview of the overall cryptocurrency crime situation in the first half of this year. Chainalysis analysts note a decline in the overall number of illegal crypto transactions in 2024, despite a sharp rise in certain types of criminal activity in the sector.
Resumption of Hacking Activity and New Methods of Cybercriminals
The report indicates that, despite an overall decline in the number of illegal transactions of almost 20% compared to the same period last year, some categories of criminal activity — stolen funds and ransomware — are showing growth. Funds stolen as a result of cryptocurrency theft almost doubled year-on-year, from $857 million to $1.58 billion as of the end of July. Comparing the results of the study with last year’s, when revenues from ransomware amounted to $449.1 million by June 2023, analysts note that this year’s revenues for the same period exceeded $459.8 million. In their opinion, this figure indicates that we are potentially facing another record year for ransomware.
One of the most worrying findings of the report is the increase in hacker activity. This is evidenced by a comparison of both the amount of money stolen and the number of hacker attacks compared to the same period last year. In particular, the graph below shows that the total value of stolen assets this year has already reached $1.58 billion at the end of July, which is approximately 84.4% more than in the same period last year. Chainalysis analysts note that the number of hacking incidents in 2024 was only slightly higher than in 2023, increasing by only 2.76% year-on-year. At the same time, the average amount of losses per incident increased by 79.46%, rising from $5.9 million per incident from January to July 2023 to $10.6 million per incident in 2024, based on the value of assets at the time of the theft. This surge is partly due to the rise in the value of Bitcoin, which now accounts for 40% of the transaction volume associated with these thefts.
Chainalysis points out that hackers are once again turning their attention to centralised exchanges, which have become a more frequent target than decentralised financial protocols. Although DeFi has been a popular target for attackers in recent years, the resurgence of attacks on centralised platforms indicates a return to more traditional methods of cryptocurrency theft. At the same time, analysts emphasise that more sophisticated cybercriminals, including those linked to North Korea, are increasingly using more sophisticated tactics, such as social engineering, to infiltrate cryptocurrency services and steal funds.
Ransomware Profitability Growth in 2024
Ransomware remains a major concern in 2024. Chainalysis reported that this year could be the most lucrative for ransomware attacks, as the inflow of ransomware increased slightly by about 2%, from $449.1 million to $459.8 million. This increase is largely due to a shift in strategy by ransomware operators, who have focused on fewer but more lucrative high-profile attacks — a tactic known as ‘big game hunting’.
According to the company’s analysts, one of the most worrying developments in this area is the record-breaking $75 million ransom paid to the Dark Angels ransomware group, the largest payment of its kind ever recorded. The average ransom demand for the most dangerous types of ransomware has also increased dramatically, from just under $200,000 in early 2023 to $1.5 million in mid-June 2024. As such, cybercriminals are increasingly targeting large enterprises and critical infrastructure providers, which are more likely to pay substantial ransoms due to their financial resources and the criticality of their operations.
However, according to their analytical data, the number of the most serious strains of threats is still 50.8% lower than in 2023 since the beginning of the year. This may be due to disruptions in the work of law enforcement agencies of the largest players — ALPHV/BlackCat and LockBit, which suspended ransomware operations for some time. As a result of these disruptions, the ecosystem became more fragmented, with affiliates switching to less effective strains or launching their own. Thus, high-risk strains increased their activity by 104.8% since the beginning of the year.
Protecting the Assets of Crypto Exchange Users
Protecting users’ assets in the cryptocurrency world is a critical aspect of ensuring trust and security. Cryptocurrency exchanges, which are the main platforms for trading digital assets, use a wide range of modern methods and technologies to protect their users from fraud, hacking and other threats. In 2022, the cybersecurity company Hacken.io conducted an audit and published the top of the world’s most secure exchanges, which included the following:
Kraken
Kraken is a well-known cryptocurrency exchange based in the United States, founded in 2011. The exchange offers more than 120 cryptocurrencies and various trading options, such as spot and margin trading, futures and staking. The platform has an intuitive and easy-to-use user interface and is suitable for both beginners and experienced investors.
Kraken uses a number of security measures to protect user accounts, including:
Two-factor authentication (2FA)
PGP/GPG encryption for all email communication
Kraken Security Labs
Global Settings Lock
IP Address Whitelist
The exchange also keeps 95% of assets in cold wallets, which reduces the risk of theft.
WhiteBIT
WhiteBIT is a European cryptocurrency exchange founded in 2018. The exchange offers more than 270 cryptocurrencies and over 350 trading pairs for trading. The platform supports a wide range of trading functions, including spot and margin trading, futures, staking, and crypto deposits.
WhiteBIT ensures the safety of its users’ digital assets through security measures such as
Two-factor authentication (2FA)
WhiteBIT stores 96% of digital assets on cold wallets, which significantly reduces vulnerability to hacking attempts.
The exchange uses WAF to detect and block malicious traffic.
The exchange complies with Anti-Money Laundering (AML) regulations and conducts Know Your Customer (KYC) checks to avoid fraud.
Management of withdrawal addresses: WhiteBIT allows you to whitelist withdrawal addresses. This means that funds can only be withdrawn to pre-authorised addresses in the blockchain.
Coinbase
Coinbase is a leading cryptocurrency exchange based in the United States, founded in 2012. The exchange has an intuitive and friendly user interface, ideal for beginners, and offers a simple, direct way to convert cryptocurrencies into cash and vice versa.
Coinbase uses a number of security measures to protect user accounts, including:
Two-factor authentication (2FA)
The platform stores 98% of its clients’ crypto assets offline, on encrypted hardware devices.
Coinbase maintains a 1:1 customer asset ratio, which means that assets on user accounts are not used for lending or other corporate purposes. This ensures that users’ funds are always available for withdrawal.
Coinbase uses MPC technology to manage cryptographic keys. This method ensures that keys are never stored in one place but are distributed among multiple parties, which increases security against potential attacks.
Security alerts and monitoring: Users are notified of suspicious activity, and Coinbase uses monitoring systems to identify and proactively respond to potential security threats.
Crypto.com is a cryptocurrency exchange launched in Hong Kong in 2016. The platform supports over 250 different digital assets. In addition to cryptocurrencies, the exchange offers a DeFi wallet, an NFT trading platform, Visa card bonuses, and shopping options.
Crypto.com ensures security and compliance with features such as:
Two-factor authentication (2FA)
Anti-phishing codes
Biometric identification
Secure device management
The ability to whitelist web and IP addresses
Gemini
Gemini is a well-known cryptocurrency exchange based in the United States, founded in 2014. The exchange supports over 150 digital currencies. Users can also access several products and services, including a credit card with cryptocurrency rewards, a built-in wallet, and the ability to pay with cryptocurrency for purchases at their favourite retail stores.
Gemini uses several robust security features to protect user assets and enhance account security:
Two-factor authentication (2FA)
The platform supports hardware security keys that provide a high level of protection against unauthorised access.
Gemini allows users to set up approved cryptocurrency withdrawal addresses, which ensures that funds can only be withdrawn to a list of pre-approved addresses, minimising the risk of unauthorised withdrawals.
Gemini implemented support for passwords, which enhance account security by providing a more secure and convenient authentication method than traditional 2FA.
Conclusion
In 2024, the crypto industry faced a dual situation: on the one hand, there was an overall 20% decrease in the number of illegal transactions, and on the other hand, an increase in the number of hacker attacks and revenue from ransomware. According to a Chainalysis report, stolen cryptocurrency assets doubled to $1.58 billion by July, up 84.4% year-on-year. Attacks on centralised exchanges have become more widespread, and ransomware has reached record levels of profitability, partly due to an increase in the average ransom. Despite the increase in the number of attacks, victims are increasingly refusing to pay the ransom, indicating that they have become better prepared for cyber threats.
Originally published at https://36crypto.com on September 16, 2024