The Surprisingly Easy Ways Your Bitcoin Can Be Stolen

by Jake Wengroff

Because Bitcoin and other cryptocurrencies are bearer assets — whoever holds the private key is the rightful owner — criminals are all the more eager to find ways to steal it from unsuspecting investors.

However, when you hear about the theft of crypto assets, it is not a hack of blockchain technology or of the computers holding the crypto itself. Indeed, the underlying blockchain technology that supports cryptocurrency would be difficult to get hacked, as the hacker would have to breach a huge number of servers to gather information.

Instead, hackers target the digital services, platforms and networks that investors use to trade, store and transact with crypto assets that get hacked.

How Bitcoin and Crypto Assets get Stolen

Criminals have shown no shortage of creativity when it comes to ways to steal Bitcoin and cryptocurrency. 

Compromising the Wallets and Exchanges

For instance, Bitcoin and other cryptocurrencies are frequently held in digital wallets (known as “hot” storage) and traded through digital exchanges. These wallets, exchanges and apps are the targets of cyber attackers — not the blockchain servers themselves. 

“Traditional” Cyberattacks

However, hackers can cast a wider net. In a “traditional” cyberattack, criminals will make attempts to breach the devices or networks that crypto investors are using, not necessarily the individual crypto apps. Cybercriminals can hack mobile data networks or users’ home WiFi, in order to intervene in or divert a trade, or capture users’ personal identifiable information (PII) to log in as them and steal the crypto private keys.

One category of cyber attack is ransomware, in which the victim’s assets are held for “ransom” until payment is made. A group of cybercriminals known as DarkSide gained control of parts of critical infrastructure of Colonial Pipeline, agreeing to release them for the payment of approximately 75 Bitcoins. The U.S. Department of Justice later seized the Bitcoins as part of its criminal investigation.

Fraudulent Exchanges and Apps

While the explosion in interest in Bitcoin and cryptocurrency has led to the launch of hundreds of applications for owners to buy, sell, invest, and transact their new crypto assets, there have also been instances of fraudulent apps that have been created with the sole purpose of stealing customers’ assets. Cryptocurrency owners should only utilize wallets, exchanges, and apps that are well-known and that have the strongest of security measures in place, including two-factor authentication.

As a safeguard against private keys being stolen online via an exchange, wallet, or app, or via a hack of a user’s home WiFi network, many crypto users have opted for the use of cold wallets, in which the private keys are printed on paper and stored in a physically safe location offline, often in the owner’s home or a local bank’s safe deposit box.

What to Do if Your Crypto Assets Are Stolen

There are options, though not many, if your crypto assets are stolen. Read on to see the list.

Contact the Wallet App or Exchange

A hack of a larger, well-known exchange might seem likely, because of the larger volume of assets serving as a “prize” for cybercriminals. However, such wallet and exchange apps have matured over the last several years, they have added many more layers of security to guard against an attack. 

Coinbase, for example, is a public company, and is seen as a bellwether company for the cryptocurrency industry and community at large. However, no company is immune to cyberattack, and in the event of a breach, they might offer some protection or recovery for customers. The smaller the wallet or exchange, the less likely any recovery resources are available.

Contact Your State Attorney

As the legal status and associated legal protections surrounding Bitcoin and cryptocurrency are evolving, a victim of cryptocurrency theft might find assistance with the state attorney’s office. Bitcoin is classified as property, and that state’s property laws might include some protections for recovery of that property should it be stolen.

Learn more about recovering lost or stolen crypto assets.

A Title Registry Can Help

Because of the risk of a private key falling into unknown hands, TransitNet set out to revolutionize decentralized finance by creating the industry’s first offchain title registry of record for digital wallets. This not only creates an additional layer of protection for cryptocurrency assets, it also provides proof of ownership when collateral is needed for lending and other financial transactions. 

Join the forefront of the new crypto infrastructure.

Request an exclusive registration for TransitNet’s title registry when it launches today!

Jake Wengroff writes about technology and financial services. A former technology reporter for CBS Radio, Jake covers such topics as security, mobility, e-commerce, and IoT.


The Wall Street Journal – A Fifth of All Bitcoin is Missing. These Crypto Hunters Can Help.

Investopedia – Can Bitcoin Be Hacked?

CNBC TV 18 – Can Bitcoin Be Hacked? All You Need to Know About How Safe Is the Cryptocurrency

U.S. Department of Justice – Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside