Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime
Cryptohack Roundup: Crypto Theft Went Down in 2023
Also: A $32 Million Rug Pull and Pig ButcheringEvery week, ISMG rounds up cybersecurity incidents in digital assets. This week, Chainalysis reviewed 2023 crypto trends, Blockfence uncovered a $32 million rug pull, the U.S. CFTC cracked down on alleged pig butchering, the ex-IcomTech CEO was sentenced, hackers stole millions from Gamee, Socket recovered funds, and hackers exploited a flaw in Mailer Lite.
See Also: Revolutionizing Cross-Border Transactions with Permissioned DeFi
Illicit Crypto Activity in 2023
The total value received by illicit cryptocurrency addresses in 2023 was $24.2 billion - a "significant drop" compared to $39.6 billion in 2022, according to a Chainalysis report released Wednesday. Sanctioned entities and jurisdictions made $14.9 billion worth of transaction volume, representing 61.5% of all illicit transaction volume.
Stablecoins accounted for a majority of all illicit transaction volume, although some forms of illicit cryptocurrency activity, such as darknet market sales and ransomware extortion, took place predominantly using traditional bitcoin.
Revenue from crypto scamming and hacking - primarily on decentralized finance platforms - fell "significantly" in 2023. The total illicit revenue was down 29.2% for scamming and 54.3% for hacking, the report say. A separate report released Thursday shows that crypto theft decreased by approximately 54.3%, to $1.7 billion, compared to the previous year. The number of individual hacking incidents grew, from 219 to 231 in the same period. DeFi hacking, which drove crypto theft in 2021 and 2022, dropped 63.7% year-on-year, to $1.1 billion, in 2023.
Revenue of ransomware and darknet markets, two of the most prominent forms of crypto crime, increased. Chainalysis did not share specific numbers.
The Thursday report shows that North Korea hacked more crypto platforms than ever in 2023, but stole less than the $1.7 billion it stole during its banner year of 2022. Pyongyang hackers stole a total of $1 billion in 2023 across 20 hacks - the highest number on record. They targeted DeFi platforms to siphon off $428.8 million in 2023, with centralized services bringing in $150 million, exchanges $330.9 million and wallet providers $127 million.
$32 Million Rug Pull
Security researchers at Blockfence uncovered a scam responsible for creating more than 1,300 fraudulent crypto tokens since April 2023, swindling $32 million from 42,000 victims. The automated scheme involves generating tokens resembling unreleased projects, introducing fake trading volume to attract legitimate capital and then cashing out. Despite appearing secure, the scam allows operators to manipulate token contracts, burn tokens at will, mint infinite tokens and falsify maximum token supply.
$2.3 Million Alleged Pig-Butchering Scam
The U.S. Commodity Futures Trading Commission alleged that senior staff members at cryptocurrency exchange Debiex had carried out a $2.3 million pig-butchering scheme over nearly two years. The staff orchestrated romantic relationships with potential customers, convinced at least five of them to open an account with the exchange and swindled millions of dollars since March 2022, it said. The CTFC filed civil charges against Debiex, alleging that the exchange had misappropriated customer investments for personal gain.
Sentencing in Crypto Ponzi Scheme Case
A judge sentenced former IcomTech CEO Marco Ruiz Ochoa to a five-year prison sentence for his involvement in promoting his crypto firm, characterized by federal prosecutors as a Ponzi scheme disguised as a legitimate investment opportunity. Ochoa, 35, pleaded guilty to wire fraud in September. He also must forfeit $914,000 in criminal proceeds. IcomTech, purportedly a crypto mining and trading company, misled investors with promises of daily returns from nonexistent trading and mining operations.
$15 Million Gamee Hack
Gamee, a blockchain gaming project supported by Animoca Brands, reported an unauthorized access incident on its Gamee token contracts on the Polygon network. The breach occurred on Tuesday, resulting in the theft of 600 million tokens valued at $15 million at the time. The attacker compromised the GMEE deployer address through unauthorized GitLab access, converting the stolen tokens to ETH and MATIC via decentralized exchanges. Although the exploit affected GMEE token prices across exchanges, Gamee said that all unauthorized access to the token contracts have been revoked.
Socket Recovers $2.3 Million in Hacked Funds
Interoperability protocol Socket said it has recovered tokens valued at $2.3 million, following a $3.3 million exploit on its Bungee bridge protocol. The Jan. 16 incident affected wallets with infinite approvals to Socket contracts. In response, the project halted the affected contracts. The exploit was the result of incomplete validation of user input, which allowed the theft of funds from users who had approved the vulnerable SocketGateway contract. Socket plans to release a recovery and distribution plan for affected users soon.
$600,000 Phishing Attack on Mailer Lite
A hacker exploited a vulnerability in digital marketing platform Mailer Lite to send phishing emails that resulted in the loss of more than $600,000, according to Web3 security and privacy firm Blockaid. The attacker exploited a vulnerability on the email marketing platform to send seemingly legitimate emails, mimicking Web3 firms. These emails contained malicious links to wallet-draining sites. Blockaid said attackers had taken advantage of Mailer Lite's prior permission to send emails on behalf of the targeted Web3 firms, using "dangling DNS" records associated with Mailer Lite. Even after closing their accounts, the DNS records remained active, allowing attackers to claim and impersonate the targeted accounts.