- Hackers stole $664 million from crypto investors in the year's first half.
- That’s more than what was stolen in the first half of 2023.
- A more ominous threat for crypto is on the horizon.
Crypto investors lost $664 million to hackers in the first half of the year, a more than 50% uptick in the figures recorded for the same period last year, according to data from DefiLlama.
The bulk of those losses came from phishing attacks and compromised private keys. This reporter even lost $45,000 to a malware attack in May.
Crypto hackers are often skilled bad actors who work for cybercrime syndicates such as North Korea’s state-sponsored Lazarus Group who are suspected to have stolen billions in crypto.
High-powered hacking tools are not usually available to the army of amateur hackers on the internet.
“The proliferation of open-source hacking tools lowers the barrier to entry for amateur hackers, increasing the volume and frequency of attacks,” Omer Sadika, cofounder and CEO of blockchain security company dWallet Labs, told DL News.
Cybersecurity experts have begun to ring alarm bells over the emergence of open-source infostealers.
Infostealers are malware programmes that steal sensitive financial information from a victim’s computers, including crypto wallet passwords and private keys.
The biggest crypto hacks this year alone, including the $305 million stolen from DMM Bitcoin exchange were due to compromised private keys.
Last year, security experts were already sounding warnings that crypto firms could lose more funds to hackers if they don’t solve the problem of private key leakage ― an issue that could be worsened by the emergence of open-source infostealers.
Bigger threat field
Hacker forums exist in the seedy underbelly of the internet’s dark web where these infostealers are hawked to the highest bidders. But now, that model is changing and these dangerous programs are becoming open-source and free to use, thereby increasing the number of bad actors that have access to them.
James Toledano, chief operating officer at self-custody wallet provider Savl, told DL News that amateur hackers gaining access to high-powered hacking tools such as infostealer malware is a worrying situation.
“It’s a pure numbers game; you only need one in a thousand attempts to be successful,” Toledano said.
By open-sourcing infostealers, the threat field for malware attacks designed to steal crypto is bound to expand and that puts more investors at risk.
Apart from widening the threat circle, Toledano said open-source infostealers would make hackers even harder to trace.
“Unlike attacks from discrete cybercriminal groups or bad state actors, which can sometimes be tracked and countered, open-source tools allow for a much wider pool of potential attackers and that is the concern,” Toledano said.
Web2 vulnerabilities
Open-source infostealers also worsen the impact of web2-based vulnerabilities on the safety of crypto funds.
Sadika’s dWallet Labs said it recently uncovered a chain of vulnerabilities tied to blockchain validators that could lead to billions of dollars in crypto losses.
In its report, dWallet Labs identified INfStones, an infrastructure provider used by validators on popular blockchain networks, which was prone to malicious attacks.
Validators stake crypto tokens on blockchain networks to give them the power to verify transactions.
The report said attackers could successfully uncover the private keys or take over control of the validators themselves.
As such, dWallet Labs recommended that InfStones change the validator keys of exposed users.
The web3 industry tends to neglect the web2 security aspects which is the main target for open-source stealers,” Sadika said.
“The problem is likely to grow in both scale and complexity requiring more robust and adaptive security measures from all stakeholders in the crypto ecosystem.”
Osato Avan-Nomayo is our Nigeria-based DeFi correspondent. He covers DeFi and tech. To share tips or information about stories, please contact him at osato@dlnews.com.