A Moscow-based cybersecurity company Group-IB has revealed a worrying trend of hackers attacking projects which raise money through “initial coin offerings”, or ICOs in short. According to their report released on Wednesday, ICO’s are attacked 100 times a month on average, highlighting the risk of investing in cryptocurrency online.
Over 100 attacks on one ICO
The group analyzed 450 attacks from the beginning of 2017 in ICO projects from different countries and has found that the majority of problems are caused by vulnerabilities in cryptoservices using blockchain technology. This has resulted in ICOs suffering about a 100 attacks within a month on average.
“According to Group-IB, on average, each ICO is attacked about 100 times within a month. Such attacks include phishing, deface, and DDoS, as well as targeted attacks with a view to compromise secret keys and secure control over accounts,” the report explains.
It has also been noted that during the year, attempts to steal money from ICOs increased tenfold, showing a worrying trend. Group-IB also was part of a study published by Ernst & Young, in which it was highlighted that roughly $400 million of the $3.7 billion ICOs raised has been stolen.
Most dangerous threats to ICO projects
The company has compiled a rating of the most dangerous threats to ICOs and cryptocurrency investors.
Phishing takes first place and is still considered to be the most dangerous threat. According to the report, it accounts for as much as 50% of all money stolen, and a large phishing group can steal from $30,000 to $1,500,000 per month. Phishing involves spoofing emails and websites in order to steal login credentials and personal information. This is not only a threat to ICO projects but also to traders, crypto enthusiasts and other cryptocurrency owners.
Deface or targeted attacks
“Errors in the configuration of web application servers, compromise of hosting passwords or the use of vulnerable software are the most common reasons hacking occurs,” Group-IB says.
They further explain that hackers could replace wallet addresses used for fundraising with their own, and give CoinDash, whose website was hacked and wallet address changed, as an example. CoinDash reportedly lost $7.5 million this way.
Group-IB explains that this kind of attack targets project members via social networks, forums and media resources.
“In the final months of 2017 and early 2018, Group-IB specialists recorded an outbreak of fraud on social media, where criminals use well-known social engineering techniques (messages from “security teams of cryptocurrency services,” notifications of prizes in coins, invitations to take part in important community activities, etc.).”
Unfortunately, it is speculated that the number and frequency of attacks on ICO projects will only increase. Many hackers see the potential to make a lot of money, as cryptocurrency is becoming more and more popular. Group-IB also speculate that phishing attacks will become more sophisticated, project founders and members will become more likely targets, coin theft will increase and Android Trojans will attack cryptocurrency owners.