by Jake Wengroff
Because Bitcoin and other cryptocurrencies are bearer assets — whoever holds the private key is the rightful owner — criminals are all the more eager to find ways to steal it from unsuspecting investors.
However, when you hear about the theft of crypto assets, it is not a hack of blockchain technology or of the computers holding the crypto itself. Indeed, the underlying blockchain technology that supports cryptocurrency would be difficult to get hacked, as the hacker would have to breach a huge number of servers to gather information.
Instead, hackers target the digital services, platforms and networks that investors use to trade, store and transact with crypto assets that get hacked.
How Bitcoin and Crypto Assets get Stolen
Criminals have shown no shortage of creativity when it comes to ways to steal Bitcoin and cryptocurrency.
Compromising the Wallets and Exchanges
For instance, Bitcoin and other cryptocurrencies are frequently held in digital wallets (known as “hot” storage) and traded through digital exchanges. These wallets, exchanges and apps are the targets of cyber attackers — not the blockchain servers themselves.
However, hackers can cast a wider net. In a “traditional” cyberattack, criminals will make attempts to breach the devices or networks that crypto investors are using, not necessarily the individual crypto apps. Cybercriminals can hack mobile data networks or users’ home WiFi, in order to intervene in or divert a trade, or capture users’ personal identifiable information (PII) to log in as them and steal the crypto private keys.
One category of cyber attack is ransomware, in which the victim’s assets are held for “ransom” until payment is made. A group of cybercriminals known as DarkSide gained control of parts of critical infrastructure of Colonial Pipeline, agreeing to release them for the payment of approximately 75 Bitcoins. The U.S. Department of Justice later seized the Bitcoins as part of its criminal investigation.
Fraudulent Exchanges and Apps
While the explosion in interest in Bitcoin and cryptocurrency has led to the launch of hundreds of applications for owners to buy, sell, invest, and transact their new crypto assets, there have also been instances of fraudulent apps that have been created with the sole purpose of stealing customers’ assets. Cryptocurrency owners should only utilize wallets, exchanges, and apps that are well-known and that have the strongest of security measures in place, including two-factor authentication.
As a safeguard against private keys being stolen online via an exchange, wallet, or app, or via a hack of a user’s home WiFi network, many crypto users have opted for the use of cold wallets, in which the private keys are printed on paper and stored in a physically safe location offline, often in the owner’s home or a local bank’s safe deposit box.
What to Do if Your Crypto Assets Are Stolen
There are options, though not many, if your crypto assets are stolen. Read on to see the list.
Contact the Wallet App or Exchange
A hack of a larger, well-known exchange might seem likely, because of the larger volume of assets serving as a “prize” for cybercriminals. However, such wallet and exchange apps have matured over the last several years, they have added many more layers of security to guard against an attack.
Coinbase, for example, is a public company, and is seen as a bellwether company for the cryptocurrency industry and community at large. However, no company is immune to cyberattack, and in the event of a breach, they might offer some protection or recovery for customers. The smaller the wallet or exchange, the less likely any recovery resources are available.
Contact Your State Attorney
As the legal status and associated legal protections surrounding Bitcoin and cryptocurrency are evolving, a victim of cryptocurrency theft might find assistance with the state attorney’s office. Bitcoin is classified as property, and that state’s property laws might include some protections for recovery of that property should it be stolen.
A Title Registry Can Help
Because of the risk of a private key falling into unknown hands, TransitNet set out to revolutionize decentralized finance by creating the industry’s first offchain title registry of record for digital wallets. This not only creates an additional layer of protection for cryptocurrency assets, it also provides proof of ownership when collateral is needed for lending and other financial transactions.
Join the forefront of the new crypto infrastructure.
Jake Wengroff writes about technology and financial services. A former technology reporter for CBS Radio, Jake covers such topics as security, mobility, e-commerce, and IoT.
The Wall Street Journal – A Fifth of All Bitcoin is Missing. These Crypto Hunters Can Help.
Investopedia – Can Bitcoin Be Hacked?
U.S. Department of Justice – Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside