A recent report from Kaspersky Lab shows that one in ten people use cryptocurrency to make purchases – but cybercriminals are increasingly targeting cryptocurrency exchanges, leaving people at risk of losing their funds.
There have been high-profile incidents where sums of up to $530 million worth of digital tokens have been stolen from cryptocurrency wallets, insecure exchanges and Initial Coin Offerings (ICOs). For example, 120 000 bitcoins were stolen from segregated customer wallets on Bitfinex and Coincheck was hacked for $530 million. If all the money in a cryptocurrency exchange is stolen, nothing can be returned to the investors.
ICOs are particularly at risk because the individuals who set them up often do not have any background or experience in cybersecurity. This leaves them unable to protect funds and respond effectively should an incident take place. Ultimately, the cryptocurrency market still isn’t regulated and there are no risk assessment mechanisms in place.
Vitaly Mzokov, Head of Verification, Growth Center at Kaspersky Lab said: “Despite a fall in cryptocurrency prices, there is still a strong desire for digital transactions amongst consumers. Our consumer research has found that 13% of people have used cryptocurrency as a payment method, which was surprising to see. However, there are also real dangers associated with online exchanges as they are still in their infancy. There could be devastating financial consequences for consumers if funds are not secure.
“With threat actors becoming more sophisticated in their attacks, cryptocurrency exchanges and ICOs are prime targets and offer cybercriminals a straightforward solution to stealing substantial funds due to the lack of cybersecurity measures in place. There is also no substitute for vigilance – if something looks suspicious in any way, do not make an investment.”
Crypto-investors who don’t store money on crypto-exchanges for security reasons, should remain aware they may face the following difficulties and inconveniences:
- Exchanges usually incur service fees for withdrawing money
- Users cannot react to coin prices swiftly if they choose to remove their money
- Numerous operations with fiat money coming from anonymous sources can raise questions from government regulators
For consumers who want to continue using cryptocurrency as an investment and payment method, Kaspersky Lab recommends:
- Always verifying a web wallet’s address and not following links to an online bank or web wallet
- Using cryptocurrency hardware wallets
- Double-checking recipient addresses, the amount being sent, and the size of the associated fee before sending a transaction
- Writing down a mnemonic phrase that allows you to recover a crypto wallet if you lose it or forget your password
- Installing a high-quality security solution to safeguard the devices you use to access crypto wallets and trade on crypto-exchanges.
Our March issue will run an article on whether cryptocurrency can be considered a new asset class or not. Look out for it!