The 2008 financial crisis led the creator (or creators) of bitcoin to the conclusion an alternative was needed.
Bitcoin, along with technology that powers it — the blockchain — was designed to replace the trust that individual customers are forced to put in financial institutions by decentralising transactions on the internet.
Timeline for Comment wire
- February 28, 2020
Did it work, or did it just create a new frontier for thieves and robbers?
Is your cryptocurrency safe?
The threat to cryptocurrency is less from the blockchain being hacked; the blockchain is designed so that so long as there is more honest processing power contributing to its encryption and mining, then outright hacking is not plausible.
In practice, most cryptocurrency users are reliant upon third-party online exchanges to hold their money, effectively replacing trust in one set of national and corporate gatekeepers and paywalls with another, less-regulated space.
In your average Bitcoin investment, you must supply your information to obtain a wallet, and the wallets are run by these third party sites such as Youbit or Bitfinex.
The cyber security record for such third parties is not without issues and large losses.
According to Reuters, more than 980,000 bitcoins has been stolen since 2011, which would be worth approximately $5.5bn today.
According to consultancy firm E&Y, roughly 10 percent of money raised through initial coin offerings (ICOs) between 2015–2017 has been lost or stolen due to hacks. In dollar terms, that is $400m.
The following list gives five eye-watering hacking examples that have affected cryptocurrency by targeting these third parties.
The Mt. Gox Hack
In March 2014, Mt. Gox was one of the largest cryptocurrency exchanges, at one point handling over 70 percent of all bitcoin transactions worldwide.
The company was also inadequate for purpose; bitcoin was siphoned from the exchange for years and ultimately $473m worth of bitcoins were electronically stolen.
3 Things That Will Change the World Today
The company filed for bankruptcy in 2014 and the BTC-e and Tradehill exchanges have been implicated in laundering the stolen funds between 2011 and 2014.
The DAO Hack
In March 2016, the Decentralized Autonamous Organization (DAO) hack exploited a vulnerability in the crowdfunded attempt to make an Ethereum blockchain system that could run a company without centralised control.
The crowdfunding raised $150m from thousands of contributors.
A hacker managed to drain 3.6m ether (worth around $50m) from the project before the activity was spotted and the sabotaged DAO investment was rolled back to an earlier version to return the ether from the hacker’s account and investments were returned to their original contributors.
The DAO was delisted from trading on major exchanges in late 2016.
The Bitfinex Hack
In August 2016, a total of 120,000 bitcoins were stolen, worth approximately $72m from Bitfinex’s multi-signature wallets.
Multi-signature wallets were used to store cryptocurrency funds and required multiple users to agree to transactions to reduce risk. Bitfinex continues to trade and store cryptocurrencies.
The NiceHash Hack
In December 2017, the Slovenia-based bitcoin mining marketplace NiceHash had around $80m stolen in bitcoin, forcing a suspension of operations and mass emails suggesting users should change their passwords.
The hack was said to be “highly professional” and used “sophisticated social engineering”.
Marko Kobal resigned as the CEO of NiceHash and the company re-opened their marketplace in late December
The Youbit Hacks
In December 2017, the South Korean cryptocurrency exchange Youbit, formerly Yapizon, announced that it was shutting down and filing for bankruptcy, having been hacked twice during the year.
The exchange was hacked in April, when 4,000 bitcoin were stolen (now worth $57m), in a cyber attack that local security services connected to North Korea.
The exchange was hacked again in December, causing a loss of 17 percent of its total assets, but did not disclose how much the assets were worth at the time of the attack.