$1.7B in Cryptocurrency
Ripped Off in 2018
January 30, 2019
research released in the CipherTrace 2018 Q4 Cryptocurrency Anti-Money
Laundering (AML) Report reveals that $1.7 billion in cryptocurrency was
stolen and scammed in 2018 — a dramatic rise in criminal activity
despite a slump in the market. Criminals need to launder all these funds
in order to cash out before a wave of regulations go into effect in
Theft from cryptocurrency exchanges accounted for the majority of the
criminal activity: more than $950 million was stolen by hackers in 2018,
representing 3.6 times more than in 2017.
On top of these thefts, the research found investors and exchange users
lost at least $725 million in cryptocurrency in 2018 to exit scams such
as fraudulent ICOs, phony exchange hacks, and Ponzi schemes. A
cryptocurrency exit scam is a confidence game where the promoters of a
cryptocurrency ICO or other venture fails to execute — or executives of
exchanges say they cannot return users’ assets — and then abscond with
the money. This finding indicates that a new breed of cybercriminals are
shifting their techniques from hacking to insider jobs.
Interestingly, even with the downturn in the prices of many
cryptocurrencies, the total dollar value of tokens stolen and scammed
was much higher in 2018 than 2017, which further points to the increase
in security threats against exchanges and sophistication of online
The report, which provides the industry’s most in-depth
state-of-the-market look at cryptocurrency crime and AML regulations by
jurisdiction, outlines the impacts of the coming wave of global
regulatory enforcement and emerging money laundering schemes. By 2020
most modern economies — including the US, EU and G20 as well as
Gibraltar, Bermuda and Malta — will have deployed strict cryptocurrency
AML and Know Your Customer (KYC) regulations. Cryptocurrency money
laundering services are getting around these regulations by obscuring
the original source of funds with new and innovative money mixers,
unregulated crypto-to-exchanges, and privacy coins.
“Cryptocurrency criminal activity continues to evolve and accelerate.
Fortunately, pending global legislation will hamstring many criminals,
global gangs, and terrorist groups by greatly reducing their
opportunities to launder,” commented Dave Jevans, CEO of CipherTrace and
co-chair of the Cryptocurrency Working Group at the APWG.org. “These
tough new laws will drive bad actors to not only innovate but also flock
to jurisdictions with weak regulatory oversight, as we have shown in
earlier research. CipherTrace’s blockchain intelligence and anti-money
laundering technology helps exchanges, financial services firms,
regulators, and law enforcement work together to create trust in the
For the first time, CipherTrace has also identified the Top 10
Trending Crypto Threats, providing actionable threat intelligence for
anyone dealing with cryptocurrency:
swapping: An identity theft technique that takes over a victim's mobile
device to steal credentials and break into wallets or exchange accounts
to steal cryptocurrency.
Crypto dusting: A new form of
blockchain spam that erodes the recipient's reputation by sending
cryptocurrency from known money mixers.
Sanction evasion: Nation states that
use cryptocurrencies to circumvent sanctions and that has been promoted
by the Iranian and Venezuelan governments.
Next-generation crypto mixers: Money
laundering services that promise to exchange tainted tokens for freshly
mined crypto, but, in reality, cleanse cryptocurrency through exchanges.
Shadow money service businesses (MSBs):
Unlicensed MSBs that bank cryptocurrency without the knowledge of host
financial institutions, thus exposing banks to unknown risk.
Takeover attacks that mine for cryptocurrency at a massive scale and
that have been discovered in datacenters, including AWS.
Lightning Network transactions:
Enabling anonymous bitcoin transactions by going "off-chain" and now
scaling to $2,150,000.
Decentralized stable coins:
Stabilized tokens that can be designed for use as hard-to-trace private
Email extortion and bomb threats: Mass-customized phishing email
campaigns by cyber-extortionists using old passwords and spouse names
and that demand bitcoin. Bomb threat extortion scams spiked in December.
Crypto robbing ransomware: New
malware distributed by cyber-extortionists that empties cryptocurrency
wallets and steals private keys while holding user data hostage.