Cryptocurrency and crime

Source: Wikipedia, the free encyclopedia.

Cryptocurrency and crime describe notable examples of

Cryptojacking is a form of cybercrime specific to cryptocurrencies that have been used on websites to hijack a victim's resources and use them for hashing and mining cryptocurrency.[1]

According to blockchain analysis company Chainalysis, around US$2.5 billion was laundered through Bitcoin between 2009 and 2018, and the fraction of cryptocurrency transactions linked to illicit activities has been on the rise since early 2019.[2] In 2021, 0.15% of known cryptocurrency transactions conducted were involved in illicit activities like cybercrime, money laundering and terrorism financing, representing a total of $14 billion.[3]

Background

There are various types of cryptocurrency wallets available, with different layers of security, including devices, software for different operating systems or browsers, and offline wallets.

Novel exploits unique to blockchain transactions exist, and aim to generate unintended outcomes for those involved. One of the more well-known issues that open the possibility for exploits on Bitcoin is the transaction malleability problem.[4]

The Immunefi Crypto Losses 2022 Report lists industry losses from frauds and hacking as a combined total of US$3.9 billion for the year, and at US$8 billion for 2021.[5]

Notable thefts

In 2018, around US$1.7 billion in cryptocurrency was lost to scams, theft and fraud. In the first quarter of 2019, the amount of such losses rose to US$1.2 billion.[6] 2022 was a record year for cryptocurrency theft, according to Chainalysis, with US$3.8 billion[7] stolen worldwide during 125 system hacks,[8] including US$1.7 billion stolen by "North Korea-linked hackers".[7]

Exchanges

Notable cryptocurrency exchange compromises resulting in the loss of cryptocurrencies include:

  • Between 2011 and 2014, US$350 million worth of bitcoin was stolen from Mt. Gox.[9]
  • In 2016, US$72 million was stolen through exploiting Bitfinex's exchange wallet, users were refunded.[10]
  • On December 7, 2017, Slovenian cryptocurrency exchange NiceHash reported that hackers had stolen over $70 million using a hijacked company computer.[11][12]
  • On December 19, 2017, Yapian, the owner of South Korean exchange Youbit, filed for bankruptcy after suffering two hacks that year.[13][14] Customers were still granted access to 75% of their assets.[citation needed]
  • In 2018, cryptocurrencies worth US$400 million were stolen from Coincheck.[15]
  • In May 2018, Bitcoin Gold had its transactions hijacked and abused by unknown hackers.[16] Exchanges lost an estimated $18 m and Bitcoin Gold was delisted from Bittrex after it refused to pay its share of the damages.
  • In June 2018, South Korean exchange Coinrail was hacked, losing over $37M worth of crypto.[17] The hack worsened an already ongoing cryptocurrency selloff by an additional $42 billion.[18]
  • On July 9, 2018, the exchange Bancor, whose code and fundraising had been subjects of controversy, had $23.5 million in cryptocurrency stolen.[19][20]
  • Zaif US$60 million in Bitcoin, Bitcoin Cash and Monacoin was stolen in September 2018[21]
  • Binance In 2019 cryptocurrencies worth US$40 million were stolen.[15][22]
  • Africrypt founders are suspected of absconding in June 2021 with US$3.6 billion worth of Bitcoin[23]
  • PolyNetwork (DeFi) suffered the loss of US$611 million in a theft in August 2021.[24]
  • Japanese cryptocurrency exchange Liquid was compromised in August 2021 resulting in a loss of US$97 million worth of digital coins[25]
  • Cream Finance was subject to a US$29 million theft in August, 2021[26] and $130 million October 28, 2021.[27]
  • On December 2, 2021, users of the BadgerDAO DeFi lost around $118,500,000 worth of bitcoin and $679,000 worth of ethereum tokens in a front-end attack. A compromised API key of the Cloudflare content delivery network account allowed injecting a malicious script to the web interface. BadgerDAO "paused" all smart contracts due to user complaints.[28]
  • On December 6, 2021, the cryptocurrency exchange BitMart lost around $135M worth of Ethereum and an estimated $46 million in other cryptocurrencies due to a breach of two of its wallets.[29] Although BitMart stated that it would reimburse its clients, many BitMart clients have not received any money from the exchange as of January 2022.[30]
  • On December 12, 2021, users of VulcanForge lost around $135M worth of PYR due to breaches of multiple wallets. Partnering centralized exchanges had been notified of the hack and they have pledged to seize any stolen funds upon deposit.[31]
  • On January 27, 2022, Qubit Finance (DeFi) lost around $80M worth of Binance Coin due to a flaw in the smart contract that enabled the withdrawal of the said amount in exchange for a deposit of 0 ETH.[32]
  • In March 2022,
    U.S. Treasury Department.[8]
  • On September 20, 2022, Wintermute was hacked resulting in theft of US$160 million. The company attributed the vulnerability to a service used by the platform that generates vanity addresses for digital accounts.[8]
  • On September 25, 2023, it was reported that $200 million was stolen by hackers from crypto firm Mixin Network. The company stated that the database of its network's cloud service provider was attacked by hackers resulting in the loss of the assets.[34][35]

Wallets

The Parity Wallet has had two security incidents amounting to 666,773

multisignature code, 153,037 ETH (approximately US$32 million at the time) were stolen.[37][38] In November 2017, a subsequent multisignature[clarification needed] flaw in Parity made 513,774 ETH (about US$150 million) unreachable;[39][40] as of March 2019, the funds were still frozen.[41]

Energy

Notable cases of electricity theft to mine proof-of-work cryptocurrencies include:

Blockchains

Bitcoin

There have been many cases of bitcoin theft.[46] As of December 2017, around 980,000 bitcoins—over five percent of all bitcoin in circulation[a]—had been lost on cryptocurrency exchanges.[47]

One type of theft involves a third party accessing the private key to a victim's bitcoin address,[48] or of an online wallet.[49] If the private key is stolen, all the bitcoins from the compromised address can be transferred. In that case, the network does not have any provisions to identify the thief, block further transactions of those stolen bitcoins, or return them to the legitimate owner.[50]

Theft also occurs at sites where bitcoins are used to purchase illicit goods. In late November 2013, an estimated US$100 million in bitcoins were allegedly stolen from the online illicit goods marketplace Sheep Marketplace, which immediately closed.[51] Users tracked the coins as they were processed and converted to cash, but no funds were recovered and no culprits were identified.[51] A different black market, Silk Road 2, stated that during a February 2014 hack, bitcoins valued at $2.7 million were taken from escrow accounts.[52]

Sites where users exchange bitcoins for cash or store them in "wallets" are also targets for theft. Inputs.io, an Australian wallet service, was hacked twice in October 2013 and lost more than $1 million in bitcoins.

Alberta, Canada, shut down in March 2014 after saying it discovered a theft of about $650,000 in bitcoins.[56] Poloniex, a digital currency exchange, reported in March 2014 that it lost bitcoins valued at around $50,000.[57]
In January 2015 UK-based bitstamp, the third busiest bitcoin exchange globally was hacked and US$5 million in bitcoins were stolen.[58] February 2015 saw a Chinese exchange named BTER lose bitcoins worth nearly $2 million to hackers.[59]

A major bitcoin exchange, Bitfinex, was compromised by the 2016 Bitfinex hack, when nearly 120,000 bitcoins (around US$71 million) was stolen in 2016.[60] Bitfinex was forced to suspend its trading. The theft was the second-largest bitcoin heist ever, dwarfed only by the Mt. Gox theft in 2014. According to Forbes, "All of Bitfinex's customers... will stand to lose money. The company has announced a cut of 36.067% across the board."[61] Following the hack the company refunded customers.[citation needed] In 2022, the US government recovered 94,636 bitcoin (worth approximately $3.6 billion at the time of recovery) from the 2016 thefts of the Bitfinex exchange, reported as the "largest financial seizure" in U.S. history.[62] By February 2022, the amount of bitcoin stolen in 2016 had increased in value to $4.5 billion. Two people were arrested for the thefts[63] in 2022; married couple Ilya “Dutch” Lichtenstein and rapper Heather "Razzlekhan" Morgan were charged with conspiracy to commit money laundering and conspiracy to defraud the United States.[62]

On May 7, 2019, hackers stole over 7000 Bitcoins from the Binance Cryptocurrency Exchange, at a value of over 40 million US dollars. Binance CEO Zhao Changpeng stated: "The hackers used a variety of techniques, including phishing, viruses, and other attacks... The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time."[64]

Thefts have raised safety concerns. Charles Hayter, founder of the digital currency comparison website CryptoCompare said, "It's a reminder of the fragility of the infrastructure in such a nascent industry."[65] According to the hearing of U.S. House of Representatives Committee on Small Business on April 2, 2014, "these vendors lack regulatory oversight, minimum capital standards and don't provide consumer protection against loss or theft."[66]

Ethereum

In June 2016, hackers exploited a vulnerability in

The DAO to steal US$50 million. Subsequently, the currency was forked into Ethereum Classic, and Ethereum, with the latter continuing with the new blockchain without the exploited translations.[67][68]

On November 21, 2017, Tether announced that it had been hacked, losing $31 million in USDT from its core treasury wallet.[69] The company has 'tagged' the stolen currency, hoping to 'lock' them in the hacker's wallet (making them unspendable).[citation needed]

In 2022, hackers created a signature account on a blockchain bridge called "Wormhole" and stole more than $300 million worth of ether.[70]

Fraud

Exit scams and ponzi schemes through initial coin offerings (ICOs)

Most

Initial Coin Offerings (ICOs).[71] As an example, according to a report by Satis Group almost 80% of all projects launched through an ICO in 2017 were scams.[72] These scams usually involve attracting investments from mostly retail investors, inflating the price and the perpetrators subsequently abandoning the project in question after selling off their own shares.[73]

The novelty of ICOs accounts for the current lack of governmental regulation.[74] This lack of regulatory measures as well as the pseudonymity of cryptocurrency transactions and their international nature across countless jurisdictions in many different countries can make it much more difficult to identify and take legal action against perpetrators involved in these scams.[75][76] Since 2017 the SEC has been actively pursuing groups and individuals responsible for ICO-related scams.[77]

Examples of ICO-related scams

  • AriseCoin (AriseBank): AriseBank marketed itself as the world's first decentralized bank, falsely claiming to be able to offer
    CEO and COO receiving a fine of US$2.7 million.[80]
  • BitConnect: Bitconnect was among the highest performing cryptocurrencies in 2017, promising investors enormous returns through a trading bot.[81] At its height it reached a market capitalization of US$3.4 billion.[82] In early 2018 the exchanged ceased to operate with investors losing millions of dollars, amounting to a total of US$14.5 million.[83] It later turned out that the initial profits were generated through a ponzi scheme by paying earlier customers with money made through newer customers.[84] Legal action against the perpetrators was taken on an international scale.[85]
  • Centra: Centra was a Miami-based company claiming to offer a cryptocurrency-based debit card backed by VISA and Mastercard. The company raised US$32 million by October 2017 through an ICO and few months later performing an exit-scam. In April 2018 two of the founders were arrested. It was soon revealed that neither Mastercard nor VISA backed the company in their alleged efforts.[83]
  • Modern Tech (PinCoin/iFan): Based in Vietnam, Modern Tech hosted two separate ICOs for PinCoin as well as iFan promising monthly returns of 48%.[83] After the initial success the founders ran off with approximately US$660 million raised from 32,000 investors.[86] The founders are still at large and none of the funds have been retrieved.[87]
  • PlexCoin: After Dominic Lacroix and Sabrina Paradis-Rogers (the founders of PlexCoin) had officially raised around
    Quebec Superior Court.[89] The SEC's proceedings lead to seven-figure fines for the defendants in 2019 and a retrieval of the investors' funds.[90] During the proceedings the SEC was able to prove that the success of the ICO was inflated by the founders who in fact had raised US$8.5 million instead of the US$15 million they had announced.[91]

Ponzi schemes

Ponzi schemes are another common form of utilizing blockchainbased technologies to commit fraud. Most schemes of this sort use multi-level marketing schemes to encourage investors to conduct risky investments.

Onecoin is one of the more notable examples of cryptocurrency-ponzi schemes: Founded in 2014 by Ruja Ignatova, OneCoin is estimated to have generated US$4 billion in income.[81] While at least in China some of the investors' funds have been recovered and several members of the organisation arrested in the U.S., Ignatova herself is still at large.[93]

Money laundering

Due to the inability of third parties to de-pseudonymize cryptotransactions criminal entities have often resorted to using cryptocurrency to conduct money laundering.[94] Especially ICOs lacking KYC guidelines and anti-money laundering procedures are often used to launder illicit funds due to the pseudonymity offered by them.[79] By using ICOs criminals launder these funds by buying tokens off of legitimate investors and selling them. This issue is intensified through the lack of measures against money laundering implemented by centralized cryptocurrency-exchanges.[79]

A well-known early example of money laundering using cryptocurrencies is Silk Road. Shut down in 2013 with its founder Ross Ulbricht indicted for among other counts a money laundering conspiracy, the website was used for several illicit activities including money laundering solely using Bitcoin as a form of payment.[95]

Apart from traditional cryptocurrencies,

Wash Trading by creating several different wallets for one individual, generating several fictitious sales and consequently selling the respective NFT to a third party.[97] According to a report by Chainalysis these types of wash trades are becoming increasingly popular among money launderers especially due to the largely anonymous nature of transactions on NFT marketplaces.[98][99] Auction platforms for NFT sales may face regulatory pressure to comply with anti-money laundering legislation.[100]

Regulatory measures

Canada is generally regarded as the first state-actor implementing regulatory measures dealing with money laundering conducted by usage of cryptocurrencies.[101] By 2013 the Financial Crimes Enforcement Network (FinCEN) — in direct reference to the centralized exchange Mt. Gox — issued regulations making it clear that all crypto-to-fiat exchangers had to apply KYC- as well as anti-money laundering methods.[102] Any suspicious transactions have therefore to be reported to the authorities.[103] Centralized exchanges have to register as money transmitters, with the exact definition of who and what constitutes a money transmitter in the cryptosphere being somewhat blurred and regulations differing between the different states of the U.S.[104] An important exemption from these regulations are decentralized exchanges due to the fact that they do not hold any fiat-currency.[105]

As part of the Fourth Anti-Money Laundering Directive of 2015 and in an effort to combat money laundering and the financing of terrorism, the European Union has issued a directive making all member-states to have to make sure that cryptoexchanges are licensed and registered.[106] The EU is furthermore planning to take measures to ensure that all customers of cryptocurrency-exchanges are to verify their identity as part of the registration process.[107]

Regarding NFTs

Auction platforms for NFT sales may face regulatory pressure to comply with anti-money laundering legislation. A February 2022 study from the United States Treasury assessed that there was "some evidence of money laundering risk in the high-value art market," including through "the emerging digital art market, such as the use of non-fungible tokens (NFTs)."[108] The study considered how NFT transactions may be a simpler option for laundering money through art by avoiding the transportation or insurance complications in trading physical art. Several NFT exchanges were labeled as virtual asset service providers that may be subject to Financial Crimes Enforcement Network regulations.[109]

The European Union has yet to establish specific regulations to combat money laundering through NFTs. The European Commission announced in July 2022 that it is planning to draw regulations regarding that issue by 2024.[110][107]

Further examples

Josh Garza, who founded the cryptocurrency startups GAW Miners and ZenMiner in 2014, acknowledged in a

Securities and Exchange Commission separately brought a civil enforcement action against Garza, who was eventually ordered to pay a judgment of US$9.1 million plus $700,000 in interest. The SEC's complaint stated that Garza, through his companies, had fraudulently sold "investment contracts representing shares in the profits they claimed would be generated" from mining.[111] Garza was later found guilty of fraud and ordered to pay US$9 million and begin serving a 21-month sentence commencing January 2019 by the U.S. Attorney's Office District of Connecticut.[citation needed
]

The cryptocurrency community refers to pre-mining, hidden launches, ICO or extreme rewards for the altcoin founders as deceptive practices.[112] This is at times an inherent part of the cryptocurrency's design.[113] Pre-mining refers to the practice of generating the currency before its released to the public.[114]

wire fraud, securities fraud and money laundering, as well as with violating campaign finance laws.[115][116]

Malware

Malware attacks

Some malware can steal private keys for bitcoin wallets allowing the bitcoins themselves to be stolen. The most common type searches computers for cryptocurrency wallets to upload to a remote server where they can be cracked and their coins were stolen. Many of these also

log keystrokes to record passwords, often avoiding the need to crack the keys.[117] A different approach detects when a bitcoin address is copied to a clipboard and quickly replaces it with a different address, tricking people into sending bitcoins to the wrong address.[118] This method is effective because bitcoin transactions are irreversible.[119]
: 57 

One

Trustwave, which tracked the malware, reports that its latest version was able to steal 30 types of digital currency.[121]

A type of Mac malware active in August 2013, Bitvanity posed as a vanity wallet address generator and stole addresses and private keys from other bitcoin client software.

Ransomware

Many types of

WannaCry ransomware.[127]
One ransomware variant disables internet access and demands credit card information to restore it, while secretly mining bitcoins.[125]

As of June 2018, most ransomware attackers preferred to use currencies other than bitcoin, with 44% of attacks in the first half of 2018 demanding

Monero, which is highly private and difficult to trace, compared to 10% for bitcoin and 11% for Ether.[128]

Unauthorized mining

Coinhive, which was used in over two-thirds of cryptojacks before its March 2019 shutdown.[133] The cryptocurrencies mined the most often are privacy coins—coins with hidden transaction histories—such as Monero and Zcash.[130][134]

Like most malicious attacks on the computing public, the motive is profit, but unlike other threats, it is designed to remain completely hidden from the user. Cryptojacking malware can lead to slowdowns and crashes due to straining of computational resources.[135]

Bitcoin mining by personal computers infected with malware is being challenged by dedicated hardware, such as FPGA and ASIC platforms, which are more efficient in terms of power consumption and thus may have lower costs than theft of computing resources.[136]

Phishing

A phishing website to generate private IOTA wallet seed passphrases, and collected wallet keys, with estimates of up to US$4 million worth of MIOTA tokens stolen. The malicious website operated for an unknown amount of time and was discovered in January 2018.[137]

Fraud factories

Fraud factories in Asia traffic workers to scam westerners into buying cryptocurrencies online.[138]

Other incidents

In 2015, two members of the Silk Road Task Force—a multi-agency federal task force that carried out the U.S. investigation of Silk Road—were convicted over charges pertaining to corruption.[139] Former DEA agent, Carl Mark Force, had attempted to extort Silk Road founder Ross Ulbricht ("Dread Pirate Roberts") by faking the murder of an informant. He pleaded guilty to money laundering, obstruction of justice, and extortion under color of official right, and was sentenced to 6.5 years in federal prison.[139] Former U.S. Secret Service agent, Shaun Bridges, pleaded guilty to crimes relating to his diversion of $800,000 worth of bitcoins to his personal account during the investigation, and also separately pleaded guilty to money laundering in connection to another cryptocurrency theft. Bridges were sentenced to almost eight years in federal prison.[140]

QuadrigaCX lost US$190 million in cryptocurrency when the owner died; he was the only one with knowledge of the password to a storage wallet. The exchange filed for bankruptcy in 2019.[141]

Michael Terpin, the founder and chief executive officer of Transform Group, a San Juan, Puerto Rico-based company that advises blockchain businesses on public relations and communications, sued Ellis Pinsky in New York on May 7, 2020, for leading a "sophisticated cybercrime spree" that stole US$24 million in cryptocurrency by hacking into Terpin's phone in 2018.[142][143] Terpin also sued Nicholas Truglia and won a $75.8 million judgment against Truglia in 2019 in California state court.[143]

On July 15, 2020, Twitter accounts of prominent personalities and firms, including Joe Biden, Barack Obama, Bill Gates, Elon Musk, Jeff Bezos, Apple, Kanye West, Michael Bloomberg and Uber were hacked. Twitter confirmed that it was a coordinated social engineering attack on their own employees. Twitter released its statement six hours after the attack took place. Hackers posted the message to transfer the Bitcoin in a Bitcoin wallet, which would double the amount. The wallet's balance was expected[according to whom?] to increase to more than $100,000 as the message spread among the Twitter followers.[144]

In 2021, US Authorities carried out a raid on James Zhong's home in Gainesville, Georgia. Authorities found over 51,000 bitcoin that Zhong had stolen from Silk Road between 2012 and 2013. Through an error on Silk Road, Zhong was able to withdraw more bitcoin than what was initially deposited. He concealed his identity and was able to evade authorities for nearly a decade. Zhong ended up pleading guilty to wire fraud and was sentenced to 1 year and 1 day in prison along with a forfeiture of all bitcoin.[145]

In 2022, the Federal Trade Commission reported that $139 million in cryptocurrency was stolen by romance scammers in 2020.[146] Some scammers targeted dating apps with fake profiles.[147]

In early 2022, the Beanstalk cryptocurrency was stripped of its reserves, which were valued at more than US$180 million, after attackers had managed to use borrowed US$80 million in cryptocurrency to buy enough voting rights to transfer the reserves to their own accounts outside the system. It was initially unclear if such an exploit of governance procedures was illegal.[148]

See also

Notes

  1. ^ As of supply count of Bitcoin, 2021-09-23

References

  1. S2CID 222070383
    .
  2. .
  3. . Retrieved 2022-01-16.
  4. ^ Melinek, Jacquelyn (2023-01-05). "Crypto losses in 2022 dropped 51% year on year to $4B". TechCrunch. Retrieved 2023-01-20.
  5. ^ Chavez-Dreyfuss, Gertrude (30 April 2019). "Cryptocurrency thefts, fraud hit $1.2 billion in first quarter: report". Reuters. Retrieved 8 June 2019. Original reports: Schlabach, Adam (2019-01-29). "Cryptocurrency Anti-Money Laundering Report – Q4 2018". CipherTrace. Retrieved 2019-06-08., Schlabach, Adam (2019-05-01). "Q1 2019 Cryptocurrency Anti-Money Laundering Report". CipherTrace. Retrieved 2019-06-08.
  6. ^ a b Lyngaas, Sean (2023-04-09). "Inside the international sting operation to catch North Korean crypto hackers | CNN Politics". CNN. Retrieved 2023-04-21.
  7. ^ a b c Bambysheva, Nina; Santillana Linares, Maria Gracia: "Over $3 Billion Stolen In Crypto Heists: Here Are The Eight Biggest" Forbes; December 28, 2022. Retrieved January 7, 2023.
  8. ^ Zack Whittaker (5 January 2015). "Bitstamp exchange hacked, $5M worth of bitcoin stolen". Zdnet. CBS Interactive. Retrieved 6 January 2015.
  9. ^ "Bitcoin Worth $72M Was Stolen in Bitfinex Exchange Hack in Hong Kong". Fortune. Archived from the original on November 20, 2016. Retrieved October 26, 2016.
  10. ^ Iyengar, Rishi (2017-12-07). "More than $70 million stolen in bitcoin hack". CNNMoney. Retrieved 2022-03-02.
  11. ^ Browne, Ryan (2017-12-07). "More than $60 million worth of bitcoin potentially stolen after hack on cryptocurrency site". CNBC. Retrieved 2022-03-03.
  12. ^ Haselton, Todd (2017-12-19). "A South Korean cryptocurrency exchange files for bankruptcy after hack, says users will get 75% of assets for now". CNBC. Retrieved 2022-03-02.
  13. ^ "South Korean cryptocurrency exchange to file for bankruptcy after hacking". Reuters. 2017-12-19. Retrieved 2022-03-02.
  14. ^ a b "Coincheck Says It Lost Crypto Coins Valued at About $400 Million". Bloomberg L.P. January 26, 2018.
  15. ^ Cimpanu, Catalin (4 September 2018). "Bitcoin Gold delisted from major cryptocurrency exchange after refusing to pay hack damages". ZDNet.
  16. ^ Shane, Daniel (2018-06-11). "Billions in cryptocurrency wealth wiped out after hack". CNNMoney. Retrieved 2022-03-02.
  17. ^ Eric Lam, Jiyeun Lee, and Jordan Robertson (10 June 2018), Cryptocurrencies Lose $42 Billion After South Korean Bourse Hack, Bloomberg News, archived from the original on 12 June 2018, retrieved 12 June 2018{{citation}}: CS1 maint: multiple names: authors list (link)
  18. ^ Roberts, Jeff John (9 July 2018). "Another Crypto Fail: Hackers Steal $23.5 Million from Token Service Bancor". Fortune. Archived from the original on 10 July 2018. Retrieved 10 July 2018.
  19. ^ Young, Joseph (2017-06-24). "Cornell Professor: $150 Million Bancor is Flawed". CCN.com. Retrieved 2022-03-02.
  20. ^ Reidy, Gearoid (2018-09-19). "Hackers Steal $60 Million From Japanese Crypto Exchange Zaif". Bloomberg.com. Retrieved 2018-09-20.
  21. ^ "Hackers Stole $40 Million from Binance Crypto Exchange". Wired.
  22. ^ "South African brothers disappear along with $3.6 billion in Bitcoin". Fortune. Archived from the original on 2021-11-29. Retrieved 2021-08-31.
  23. ^ Welle (www.dw.com), Deutsche. "Hackers steal $600 million in record-breaking cryptocurrency heist | DW | 11.08.2021". DW.COM. Retrieved 2021-08-31.
  24. ^ Browne, Ryan (2021-08-19). "More than $90 million in cryptocurrency stolen after a top Japanese exchange is hacked". CNBC. Retrieved 2021-08-31.
  25. ^ "Hackers steal $29 million from crypto-platform Cream Finance". The Record by Recorded Future. 2021-08-30. Retrieved 2021-08-31.
  26. ^ Ongweso Jr., Edward. "Cryptocurrency Loan Platform Implodes In $130 Million Hack". Vice.
  27. ^ "Hackers Steal $119M From 'Web3' Crypto Project With Old School Attack". The Verge. 2022-03-23. Retrieved 2021-12-09.
  28. ^ "Hackers Steal $150M From Crypto Exchange Billed as 'Most Trusted'". The Verge. 2021-12-06. Retrieved 2021-12-14.
  29. ^ Sigalos, MacKenzie (2022-01-07). "Iranian immigrant lost $53,000 in crypto hack, says he faces ruin if BitMart doesn't pay him back". CNBC. Retrieved 2022-01-08.
  30. ^ "Hackers Steal $140 Million From Users of Crypto Gaming Company". The Verge. 2021-12-13. Retrieved 2021-12-14.
  31. ^ "Hackers have stolen $80 million in cryptocurrency from the Qubit DeFi platform". The Verge. 2021-01-28. Retrieved 2022-01-29.
  32. ^ "Crypto Year Ender: Here’s A Look At Major Crypto Scams Of 2022" Outlook India; December 30, 2022. Retrieved January 7, 2023.
  33. ^ Howcroft, Elizabeth (2023-09-25). "Hong Kong crypto firm hit by $200 million hack". Reuters. Retrieved 2023-09-25.
  34. ^ Hardcastle, Jessica Lyons. "Mixin suspends some crypto services after $200m heist". www.theregister.com. Retrieved 2023-09-25.
  35. better source needed
    ]
  36. ^ Hern, Alex (8 November 2017). "'$300m in cryptocurrency' accidentally lost forever due to bug". The Guardian.
  37. ^ "The Multi-sig Hack: A Postmortem". Parity. 20 July 2017. Archived from the original on 27 February 2021.
  38. S2CID 4569204
    .
  39. ^ "A Postmortem on the Parity Multi-Sig Library Self-Destruct". Blockchain Infrastructure for the Decentralised Web. 15 November 2017. Archived from the original on 20 January 2021.
  40. ^ Wieczner, Jen (4 March 2019). "Ethereum Fork Could Help Restore Frozen Parity Cryptocurrency". Fortune. Archived from the original on 25 January 2022. Retrieved 7 March 2021.
  41. ^ Tan, Ben (17 February 2021). "Johor police chief: TNB lost RM8.6m to alleged electricity theft by bitcoin mining syndicate | Malay Mail". www.malaymail.com. Retrieved 2021-08-31.
  42. ^ "Take a look inside this underground crypto mining farm in Ukraine with its 3,800 PlayStations and 5,000 computers". news.yahoo.com. 11 July 2021. Retrieved 2021-08-31.
  43. ^ "Police steamroll 1,000 bitcoin mines after 'electricity theft' prompts power outages". finance.yahoo.com. 20 July 2021. Retrieved 2021-08-31.
  44. ^ "Sandwell Bitcoin mine found stealing electricity". BBC News. 2021-05-28. Retrieved 2021-08-31.
  45. ^ "Bitcoin: Bitcoin under pressure". The Economist. 30 November 2013. Retrieved 30 November 2013.
  46. ^ Harney, Alexandra; Stecklow, Steve (2017-11-16). "Twice burned - How Mt. Gox's bitcoin customers could lose again". Reuters. Retrieved 2018-09-06.
  47. ^ Jeffries, Adrianne (19 December 2013). "How to steal Bitcoin in three easy steps". The Verge. Retrieved 17 January 2014.
  48. ^ Everett, David (April 2012). "So how can you steal Bitcoins". Smartcard & Identity News. Archived from the original on 18 October 2016. Retrieved 17 January 2014.
  49. ^ Grocer, Stephen (2 July 2013). "Beware the Risks of the Bitcoin: Winklevii Outline the Downside". The Wall Street Journal (Moneybeat). Retrieved 21 October 2013.
  50. ^ a b Hern, Alex (9 December 2013). "Recovering stolen bitcoin: a digital wild goose chase". The Guardian. Retrieved 6 March 2014.
  51. ^ "Silk Road 2 loses $2.7m in bitcoins in alleged hack". BBC News. 14 February 2014. Retrieved 15 February 2014.
  52. ^ Hern, Alex (8 November 2013). "Bitcoin site Inputs.io loses £1m after hackers strike twice". The Guardian. Retrieved 18 September 2015.
  53. ^ "When bitcoins go bad: 4 stories of fraud, hacking, and digital currencies". The Washington Post. Archived from the original on 1 January 2015. Retrieved 6 March 2015.
  54. ^ "MtGox bitcoin exchange files for bankruptcy". bbc.com. BBC. 28 February 2014. Retrieved 18 April 2014.
  55. ^ Ligaya, Armina (5 March 2014). "After Alberta's Flexcoin, Mt. Gox hacked, Bitcoin businesses face sting of free-wheeling ways". Financial Post. Retrieved 7 March 2014.
  56. ^ Truong, Alice (6 March 2014). "Another Bitcoin exchange, another heist". Fast Company. Retrieved 7 March 2014.
  57. ^ Whittaker, Zack (5 January 2015). "Bitstamp exchange hacked, $5M worth of bitcoin stolen". Zdnet. CBS Interactive. Retrieved 6 January 2015.
  58. ^ Millward, Steven (16 February 2015). "Nearly $2M in bitcoins feared lost after Chinese cryptocurrency exchange hack". techinasia.com. Tech In Asia. Retrieved 18 February 2015.
  59. ^ Samira Sadeque and agencies (February 8, 2022). "US married couple arrested for allegedly conspiring to launder $4.5bn in bitcoin". www.theguardian.com. Retrieved February 9, 2022.
  60. ^ Coppola, Frances (6 August 2016). "Theft And Mayhem In The Bitcoin World". Forbes. Retrieved 15 August 2016.
  61. ^ a b "The Ballad of Razzlekhan and Dutch, Bitcoin's Bonnie and Clyde". Vanity Fair. 2022-08-16. Retrieved 2023-06-04.
  62. ^ Vigna, Paul (9 February 2022). "How the Feds Tracked Down $3.6 Billion in Stolen Bitcoin". The Wall Street Journal. Retrieved 3 March 2022.
  63. ^ Barrett, Brian (2019-05-08). "Hack Brief: Hackers Stole $40 Million from Binance Cryptocurrency Exchange". Wired.
  64. ^ Heller, Matthew (4 August 2016). "Bitfinex Hack Fuels Bitcoin Security Concerns -". CFO. Retrieved 11 January 2017.
  65. ^ "Testimony of Mark T. Williams Bitcoin: Examining the Benefits and Risks for Small Business" (PDF). U.S. House of Representatives Committee on Small Business Hearing. 2 April 2014. Archived from the original (PDF) on 23 September 2018. Retrieved 10 January 2017.
  66. ^ Popper, Nathaniel: "Hacker May Have Taken $50 Million From Cybercurrency Project" The New York Times. June 18, 2016. (Archived from the original June 20, 2017.) Retrieved January 7, 2023.
  67. ^ Price, Rob: "Digital Currency Ethereum is Cratering Amid Claims of a $50 Million Hack" Business Insider. June 17, 2016. (Archived from the original June 11, 2017.) Retrieved January 7, 2023.
  68. ^ Russell, Jon. "Tether, a startup that works with bitcoin exchanges, claims a hacker stole $31M". TechCrunch. Archived from the original on 21 November 2017. Retrieved 22 November 2017.
  69. ^ Goodin, Dan (2022-02-04). "How $323M in crypto was stolen from a blockchain bridge called Wormhole". Ars Technica. Retrieved 2022-03-03.
  70. .
  71. .
  72. . See also the sources cited there.
  73. .
  74. .
  75. . U.S. Securities and Exchange Commission (SEC). Retrieved 15 February 2023. Please also recognize that these markets span national borders and that significant trading may occur on systems and platforms outside the United States. Your invested funds may quickly travel overseas without your knowledge. As a result, risks can be amplified, including the risk that market regulators, such as the SEC, may not be able to effectively pursue bad actors or recover funds.
  76. .
  77. .
  78. ^ .
  79. . U.S. Securities and Exchange Commission (SEC). 30 January 2018. Retrieved 15 February 2023.
  80. ^ .
  81. .
  82. ^ .
  83. .
  84. . The Wall Street Journal. Retrieved 15 February 2023.
  85. .
  86. .
  87. . U.S. Securities and Exchange Commission (SEC). Retrieved 15 February 2023.
  88. .
  89. .
  90. .
  91. .
  92. . BBC News. Retrieved 15 February 2023.
  93. .
  94. .
  95. ^ Owen, Allison; Chase, Isabella (December 2, 2021). NFTs: A New Frontier for Money Laundering? (Report). Royal United Services Institute. Retrieved 15 February 2023.
  96. ^ Study of the Facilitation of Money Laundering and Terror Finance Through the Trade in Works of Art (PDF) (Report). United States Department of the Treasury. 2022. p. 27. Retrieved 15 February 2023.
  97. ^ Quiroz-Gutierrez, Marco (February 4, 2022). "A handful of NFT users are making big money off of a stealth scam. Here's how 'wash trading' works". Fortune. Retrieved 15 February 2023.
  98. ^ "Crime and NFTs: Chainalysis Detects Significant Wash Trading and Some NFT Money Laundering In this Emerging Asset Class". Chainalysis. February 2, 2022. Retrieved 15 February 2023.
  99. ^ Cf. Study of the Facilitation of Money Laundering and Terror Finance Through the Trade in Works of Art (PDF) (Report). United States Department of the Treasury. 2022. p. 26. Retrieved 15 February 2023.
  100. .
  101. .
  102. .
  103. .
  104. .
  105. .
  106. ^ a b Schickler, Jack (September 2, 2022). "Money Laundering via Metaverse, DeFi, NFTs Targeted by EU Lawmakers' Latest Draft". Retrieved 15 February 2023.
  107. ^ "Treasury Releases Study on Illicit Finance in the High-Value Art Market". U.S. Department of the Treasury. Retrieved 15 February 2023.
  108. ^ Study of the Facilitation of Money Laundering and Terror Finance Through the Trade in Works of Art (PDF) (Report). United States Department of the Treasury. 2022. p. 26. Retrieved 15 February 2023.
  109. ^ Reiche, Matthias (July 12, 2022). "Umgang mit Bitcoin & Co. Wie die EU den Kryptomarkt reguliert" (in German). Retrieved 15 February 2023.
  110. ^ Farivar, Cyris (October 5, 2017). GW Miners founder owes nearly $10 million to SEC over Bitcoin fraud]. Archived from the original on 2017-12-29. {{cite book}}: |work= ignored (help)
  111. ^ "Scamcoins". August 2013. Archived from the original on 1 February 2014.
  112. ^ Bradbury, Danny (25 June 2013). "Bitcoin's successors: from Litecoin to Freicoin and onwards". The Guardian. Archived from the original on 10 January 2014. Retrieved 15 February 2023.
  113. ^ Morris, David Z (24 December 2013). "Beyond bitcoin: Inside the cryptocurrency ecosystem". Fortune. Archived from the original on 27 January 2018. Retrieved 15 February 2023.
  114. ^ Department of Justice, Office of Public Affairs (December 13, 2022). "FTX Founder Indicted for Fraud, Money Laundering, and Campaign Finance Offenses". Retrieved 15 February 2023.
  115. ^ "The SBF indictment in full". Financial Times. December 13, 2022. Retrieved 15 February 2023.
  116. ^ "Cryptolocker Virus Definition". Kaspersky. Retrieved 17 Feb 2020.
  117. ^ Keizer, Gregg (28 February 2014). "Bitcoin malware count soars as cryptocurrency value climbs". Computerworld. Retrieved 8 January 2015.
  118. .
  119. ^ Zach Miners (24 February 2014). "Bitcoins, other digital currencies stolen in massive 'Pony' botnet attack". Retrieved 8 January 2015.
  120. ^ Finkle, Jim (24 February 2014). "'Pony' botnet steals bitcoins, digital currencies: Trustwave". Reuters. Retrieved 7 March 2014.
  121. ^ a b c "Watch out! Mac malware spread disguised as cracked versions of Angry Birds, Pixelmator and other top apps". ESET. 26 February 2014. Retrieved 20 November 2015.
  122. ^ "You're infected—if you want to see your data again, pay us $300 in Bitcoins". Ars Technica. 17 October 2013. Retrieved 23 October 2013.
  123. ^ "Criminals continue to defraud and extort funds from victims using cryptowall ransomware schemes". FBI. Retrieved 13 November 2017.
  124. ^ a b "How Ransomware turns your computer into a bitcoin miner". The Guardian. 10 February 2014. Retrieved 7 March 2014.
  125. ^ Gibbs, Samuel (21 November 2013). "US police force pay bitcoin ransom in Cryptolocker malware scam". The Guardian. Retrieved 7 March 2014.
  126. ^ Usborne, Simon (15 May 2017). "Digital gold: why hackers love Bitcoin". The Guardian.
  127. ^ Rooney, Kate (2018-06-07). "$1.1 billion in cryptocurrency has been stolen this year, and it was apparently easy to do". CNBC. Retrieved 2018-09-06.
  128. ^ Larson, Selena (2018-02-22). "Cryptojackers are hacking websites to mine cryptocurrencies". CNNMoney. Retrieved 2021-04-17.
  129. ^ a b Hatmaker, Taylor (8 May 2018). "Cryptojacking malware was secretly mining Monero on many government and university websites". TechCrunch. Retrieved 2023-07-09.
  130. S2CID 222070383
    .
  131. .
  132. ^ "Coinhive domain repurposed to warn visitors of hacked sites, routers". BleepingComputer. Retrieved 2021-04-17.
  133. ^ Hwang, Inyoung (7 May 2021). "What is cryptojacking? How to detect mining malware - MediaFeed". mediafeed.org. Retrieved 2021-05-11.
  134. ZDNet
    .
  135. ^ "Bitcoin's Computing Crisis". 31 October 2013. Archived from the original on 14 May 2021. Retrieved 8 July 2023.
  136. ^ "IOTA Founder On Stolen Funds: Lots of People Will "Screw You Over"". Finance Magnates. January 25, 2018.
  137. ^ "The Kenyans lured to become unwitting 'love' fraudsters". BBC News. 2022-11-26. Retrieved 2022-11-26.
  138. ^ a b Sarah Jeong, DEA Agent Who Faked a Murder and Took Bitcoins from Silk Road Explains Himself Archived 29 December 2017 at the Wayback Machine, Motherboard, Vice (25 October 2015).
  139. ^ Nate Raymond, Ex-agent in Silk Road probe gets more prison time for bitcoin theft Archived 29 December 2017 at the Wayback Machine, Reuters (7 November 2017).
  140. ^ Rich, Nathaniel (22 November 2019). "Ponzi Schemes, Private Yachts, and a Missing $250 Million in Crypto: The Strange Tale of Quadriga". Vanity Fair.
  141. ^ Kaplan, Michael (2019-04-13). "Hackers are stealing millions in Bitcoin — and living like big shots". New York Post. Retrieved 2020-05-08.
  142. ^ a b "Teen Hacker and Crew of 'Evil Geniuses' Accused of $24 Million Crypto Theft". www.msn.com. Retrieved 2020-05-08.
  143. ^ "Twitter hack: accounts of prominent figures, including Biden, Musk, Obama, Gates, and Kanye compromised". The Guardian. 16 July 2020. Retrieved 16 July 2020.
  144. ^ "Southern District of New York | Silk Road Dark Web Fraud Defendant Sentenced Following Seizure And Forfeiture Of Over $3.4 Billion In Cryptocurrency | United States Department of Justice". www.justice.gov. 14 April 2023. Retrieved 12 July 2023.
  145. ^ Roth, Emma (14 February 2022). "Romance scammers collected $139 million in crypto last year". The Verge. Retrieved 2 March 2022.
  146. ^ Roose, Kevin (21 February 2022). "Crypto Scammers' New Target: Dating Apps". The New York Times. Retrieved 2 March 2022.
  147. ^ Hern, Alex (18 April 2022). "Beanstalk cryptocurrency loses $182m of reserves in a flash 'attack'". The Guardian. Retrieved 18 April 2022.

External links