A new report from Group-IB, a computer forensics and information security company with offices in Moscow, London, New York and Dubai claims to have identified an almost four-fold increase in “compromised (customer) login data” at global cryptocurrency exchanges this year.
The company also found that a total of 212 exchange password leaks in January 2018 represents an almost 7-fold increase over last year’s monthly average.
The company claims a total of $80 million has been heisted through account password leaks at crypto exchanges so far.
Exchanges failing to incorporate two-factor authentication of users (in which a unique number sent to a users’ phone must be submitted to access an account) and the use of overly short and simple passwords across multiple accounts are contributing factors, says the firm.
The report, entitled “2018 Cryptocurrency Exchanges-User Accounts Leaks Analysis,” says that a full one third of all hacks on exchange users have been incurred by Americans, followed closely by Russian and Chinese users.
The report also claims that hackers are “adapt(ing) patterns of attack” previously used to hack banks and online conventional-asset trading platforms.
Group-IB also claims to have identified “at least 50 active botnets” trawling for password leaks as well as other hacking infrastructure spread across the globe, with the majority centred in the US and Netherlands.
Affected exchanges include Bitthumb and CEX.io, says Group-IB, citing a tendency by exchanges overwhelmed by sudden demand for onboarding in 2017 to sideline security in order to accommodate the intake of new customers.
Procedural failings as well as, “Increased…attention of hacker groups to crypto industry, additional functional of malicious software related to cryptocurrencies, as well as the significant amounts of already stolen funds,” says Director of Special Projects at Group-IB, Ruslan Yusufov, “signals that the industry is not ready to defend itself and protect its users.”
[clickToTweet tweet=”Report says that a full one third of all hacks on crypto exchange users have been incurred by Americans, followed closely by Russian and Chinese users” quote=”Report says that a full one third of all hacks on crypto exchange users have been incurred by Americans, followed closely by Russian and Chinese users”]