Understand how cryptocurrencies are stolen

Before there were bank robberies, now cryptocurrencies are stolen online. Proof of this is the record seizure of bitcoins announced this Thursday (10), by the United States, for a value of US$ 3.6 billion (US$ 18.7 billion), which shows the fragility of these totally virtual assets. .

How was it possible to divert and control a similar amount of money, when there is a guarantee that the technology that protects this new form of money, through the blockchain, is unfalsifiable?

See some clues below:

hack the exchanges

In the American case, the target was the cryptocurrency exchange platform Bitfinex. In general, these sites house important reserves of digital currencies, which makes them especially interesting for criminals.

“It could be that malicious people manage to get into your servers to steal the money,” explained Manuel Valente, director of analysis and research at Coinhouse, one such platform.

Alexandre Stachtchenko, from the advisory service KPMG, said that certain platforms store, on their servers, keys to access their clients’ digital wallets, which makes them vulnerable.

“If they can get into the server, they can steal the passwords,” he said. “When they get the passwords, they transfer the bitcoins from one account to another and people no longer have access,” he added.

Hack the ‘blockchain’

There is an even more unusual possibility – because it is very complicated and expensive – of stealing cryptocurrencies: hacking the blockchain itself.

This “blockchain”, an immense public record that cannot be falsified, contains the details of all transactions.

Each block is linked to the previous one and it is theoretically impossible to modify a line of code without changing all the strings. Certain users (miners) are tasked with verifying transactions.

“If you take control of more than half of the ‘mining’ network on a particular ‘blockchain’, you can delete transactions,” explains Valente.

With that, you can claim that certain payments never existed and charge them a second time.

The Gate.io platform lost US$ 200,000 (R$ 1 billion) in such an attack in 2019.

The ‘Crypto Fashion’

Cryptocurrency is often used as bait, or as a preferred payment method, in a cyber attack.

This is the case with ransomware attacks. Hackers often demand a ransom in cryptocurrency in exchange for restoring the hacked registry, said Erica Stanford, author of “Crypto Wars: Faked Deaths, Missing Billions and Industry Disruption.” “, in free translation).

She also mentioned pyramid systems, where investors are promised returns on massive investments. This payback only happens when new victims entrust them with their money.

These scams, which also involve domains other than cryptocurrencies, generated $7 billion in 2019, according to analytics firm Chainalysis.

“The main blow is not so much replacing cryptocurrency, but making people believe they will get rich quickly,” says Erica Stanford.

More fear, less market

Despite all this, cryptocurrencies are less and less used by criminals. According to Chainalysis, cryptocurrency transactions for illegal purposes reached US$10 billion (R$52 billion) in 2020, down from US$21.4 billion (R$111.5 billion) a year earlier.

Alexandre Stachchenko explained that the platforms have reinforced their security, even building a kind of bunker to protect their digital vaults.

“Only the stolen bitcoins are moved. Everyone finds out”, commented Valente. “Therefore, almost no companies accept to trade in bitcoins that have been stolen,” he added.

The US$ 3.6 billion (R$ 18.7 billion) in bitcoins recovered by US investigators on Tuesday (8) stayed in a digital wallet for almost seven years until they were discovered.