Businesses and individuals that have emerged victorious in their cryptocurrency ventures are not the only ones making a profit from such digital assets. In recent years, hackers have managed to steal billions of dollars through their crypto hacking sprees. In one of the most recent cyber-heists to impact the decentralised finance market, hackers stole crypto worth around $615 million from a blockchain project tied to the famous online game Axie Infinity. With crypto now becoming a more mainstream mode of trading, investment and payment for consumers and businesses alike, cyber-attacks like the one involving Axie Infinity are only set to become more and more prevalent in the coming years. Thus, we have compiled 3 key takeaways from the most prominent and recent crypto hacks that should help you to better protect your business’s cryptocurrency system.
Cold wallets store a pair of private and public keys used by their owners to manage cryptocurrency assets and sign transactions while offline. How this works is that transactions are first initiated on the internet, then transferred to the cold wallet (e.g., a piece of paper, USB, CD, hard drive, offline computer, offline software wallet) where the digital signature is entered before they are returned to the online network. Since private keys are not in contact with online servers during the signing process, this hinders hackers from getting ahold of them through traditional web-based attacks. However, there are certain hardware wallets that can plug into the internet through some battery or Wi-Fi enabled feature. And once such cold wallets are connected to the internet, this is when hackers can strike more easily by utilising network-based attack vectors.
What’s more, there are also other means for cyber-attackers to steal users’ private keys from cold wallets. Phishing schemes, for instance, are when scammers impersonate legitimate entities to trick individuals into disclosing information about their private keys. Rigorous training of employees to ensure they can identify phishing emails or texts is one of the main ways to protect an organisation’s cryptocurrencies from such social engineering campaigns. Supply chain attacks, in which cold wallets are intercepted during shipment or purchased by malicious resellers to be tampered with before reaching the end-user, are also possible. In such attacks, hackers can seize control of computers connected to the compromised wallets and install malware to drain them of crypto funds. Furthermore, in 2020, researchers from hardware wallet developer Ledger demonstrated an attack against Coinkite and Shapeshift wallets in which the hackers could actually figure out the PINs protecting them. While both hacks required physical access to the devices to deal actual damage, the overall point still stands that the security of cold wallets should not be taken lightly.
Regardless of its size or geographical location, any company dealing in cryptocurrencies will be susceptible to hacks due to hot wallets – the storage solutions which are always connected to the internet. In 2021, many of the crypto hacks targeting businesses such as crypto exchanges occurred due to security holes in hot wallets, which usually exposed private keys more to opportunistic hackers attacking through the web. For instance, last year, North Korean hackers used a variety of approaches, including malware, code exploits, and phishing lures, to steal almost $400 million worth of funds from organisations’ hot wallets and subsequently shift them to North Korean-controlled addresses in at least 7 attacks on crypto platforms.
As such, organisations must have extra security precautions in place to protect their hot wallets from future cyber-attacks. One course of action that organisations can take to better secure their hot wallets is to only use them to store a small amount of cryptocurrency, enough for them to make purchases with. As for the rest and majority of their crypto funds, organisations can store them in a cold wallet to raise the security of such assets.
In late 2020, the global cryptocurrency exchange OKEx imposed a withdrawal freeze on all its digital assets for 5 weeks in light of its founder’s arrest and subsequent disappearance together with the private keys of the company’s customers. This incident imprinted a sizeable blemish on the company’s reputation and had shaken up the foundational trust of its users in its business integrity. The main takeaway from this event is that businesses handling cryptocurrencies cannot afford to have even one point of failure in their architectural flow. In the case of OKEx, the exchange’s primary mistake was handing over access to all private keys to a single person within the company due to his high position. As such, business owners must prioritise enacting effective control, governance, and compliance measures when safeguarding their crypto assets from both hackers and inside threats.
As cryptocurrencies become more integrated with our lives and in commercial businesses, cybercriminals will persist in their attempts to hack crypto accounts, setting their eyes especially on stealing popular and high-value cryptos like Bitcoin. Businesses must establish more stringent cybersecurity protocols to prevent such threat actors from succeeding.
At GROUP8, we understand organisations’ need for their cryptocurrency assets to be secured better. Thus, our team of cybersecurity experts continue to push the boundaries in researching effective and offensive cybersecurity solutions that keep businesses and their crypto assets safe. If your organisation seeks to stay ahead of current and emerging cyber threats, you can email us at hello@group8.co to tap upon our wide range of industry-leading cybersecurity services in Singapore, including blockchain security, network security, vulnerability research, penetration testing, and many other related services.