Blockchain analytics and security firm Elliptic has shown that criminals operating in the crypto ecosystem explore decentralized solutions in more ways than is known.
Through its latest report titled “The state of cross-chain crime report 2022,” the analytics firm confirmed that criminals have laundered the total sum of $4 billion through Decentralized Exchanges (DEXs), bridges, and protocols offering Coin Swaps.
According to Elliptic, the use of these protocols is hinged on the fact that these platforms do not have a strict Know-Your-Customer (KYC) procedure, making conducting transactions, irrespective of their illegitimate status more accessible. By virtue of their design, the decentralized protocols are notably linked with scams, Ponzi Schemes, dark web activities, and ransomware amongst others.
“To be clear, Elliptic is not saying DEXs or bridges are used exclusively by criminals; In fact, the opposite is true. They are mostly used by legitimate users. But Elliptic has traced illicit funds (from hacks etc.) that have been moved through DEXs and bridges in order to obfuscate their origin,” a spokesperson for Elliptic said in a statement.
For the better part of this year, there has been quite a lot of emphasis on the roles being played by cryptocurrency mixing services like Blender.io and Tornado Cash in money laundering activities. Both have been sanctioned by the United States Treasury Department’s Office of Foreign Assets Control (OFAC) on the grounds that they are connected to the North Korean Lazarus Group hacking syndicate.
With this revelation from Elliptic, the clamour for intense scrutiny of decentralized protocols is bound to grow in the coming days. DeFi regulation is top of the agenda for most regulators as the industry offers products that compete with the traditional financial ecosystem.
Without the extant regulations guiding events in the space, regulators believe the implosion experienced in space with the collapse of Three Arrows Capital (3AC), Voyager Digital, and the Celsius Network, amongst others, would have been avoided.
Hotbit, a cryptocurrency trading platform based in Hong Kong, announced on Wednesday that it has suspended trading, deposit, withdrawal and funding functions because law-enforcement agencies have frozen some of the company’s funds during a criminal investigation involving a former employee.
Hotbit confirmed an employee in question worked for the company until April this year. The exchange further stated that last year, the employee was involved in an external project, contrary to the company’s guidelines, and is now suspected of violating criminal laws.
Hotbit did not disclose many details about the investigation or the employee’s identity. The firm did not even disclose which jurisdiction is the investigation being conducted.
Hotbit only stated that the person, a former management employee, is under investigation because of his involvement in an external project in 2021, which is alleged to violate criminal laws.
Since the start of last month, the company said that law enforcement authorities summoned several senior managers of Hotbit to assist in the investigation.
But Hotbit clarified that the company and other employees did not have knowledge about the matter and were not involved in the project in question.
In a statement in its blog post, Hotbit wrote: “Law enforcement has frozen some funds of Hotbit, which has prevented Hotbit from running normally. Hotbit will resume normal service as soon as the assets are unfrozen.” The firm further added that the assets and data of all users are safe and said it has sent its application to the law enforcement authorities to release the frozen funds.
Hotbit was established in 2018 and registered in Hong Kong and Estonia, with most of its workers coming from China, Taiwan, and the U.S. According to the company’s website, the exchange has over 1 million registered users from more than 170 countries.
As per its blog post, the exchange cancelled open orders during the suspension and liquidated all users’ leveraged exchange-traded fund (ETF) positions according to their values at 12:00 UTC on August 10 Wednesday to prevent losses.
Nathaniel Chastain, a former Head of Product at OpenSea, the largest cryptocurrency trading platform in the world, has been arrested by the Federal Bureau of Investigation (FBI) for alleged insider trading.
Chastain has been promptly charged to court by Damian Williams, the United States Attorney for the Southern District of New York, and Michael J. Driscoll, Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation.
Per the Department of Justice (DoJ) ’s announcement, Chastain was indicted for trading Non-Fungible Tokens (NFTs) that were scheduled to be featured on the platform’s homepage. The deal described was such that Chastain used his position at OpenSea. He had access to insider information about what projects will be featured on the homepage to acquire the particular NFTs prior to the listing.
He allegedly used anonymous accounts to purchase dozens of the unique NFTs that he typically resells at almost 3X gains after the listing. The charges brought against Chastain show the commitment of the FBI to stamp out insider trading offences, with these ranked as the first of their kind in the digital currency ecosystem.
“NFTs might be new, but this type of criminal scheme is not,” U.S. Attorney Damian Williams, “As alleged, Nathaniel Chastain betrayed OpenSea by using its confidential business information to make money for himself. Today’s charges demonstrate the commitment of this Office to stamping out insider trading – whether it occurs on the stock market or the blockchain.”
There have been a lot of charges levied against criminals in the digital currency ecosystem by the Department of Justice in the past few years. In the course of its activities, the legal entity has released a framework for enforcing crypto-related regulations, and amongst its various enforcement actions is the cracking down of the Netwalker Ransomware Group.
There is a new wave of crime in the city of London that is targeting investors in the digital currency ecosystem.
According to confidential police reports obtained by The Guardian, there has been a series of “Crypto Muggings” in the city in which thieves combine physical muscle with digital know-how to rob people of their hard-earned digital currency.
The digital currency ecosystem is now largely mobile, thanks to the advances in technology. With this tech growth, a number of cryptocurrency service providers now have applications that can easily be accessed via the App Store for iOS users or Google PlayStore for Android users respectively.
Many carry their mobile phones with which they conduct their crypto transactions and investment activities and so become easy targets for street criminals.
In one of the cases confirmed by the Guardian, a crypto investor tried to order a Uber ride in Liverpool when he was accosted by a gang who forced him to hand over his phone and then transferred £5,000-worth of Ethereum from his Coinbase account.
These events have been confirmed from more than 2 victims and while the phones in most instances are often returned, there is typically some form of loss recorded on the part of the victims.
Cybercrimes are generally not uncommon in the crypto world and even exchanges are not immune to these attacks as seen in the case of Crypto.com and KuCoin amongst others as reported by Blockchain.News. These crypto muggings are relatively new and the number of funds involved is somewhat small to draw urgent attention from law enforcement agencies to track the stolen funds.
With transactions registered on the blockchain and the need to patronize trading platforms, the movement of funds can easily be tracked given the right amount of resources. However, the absence of these resources is a wake-up call for investors to be careful with how they make crypto-related transactions in public.
The State of New York may soon make a move to christen “Rug Pulls” in the digital currency ecosystem as an offence, which could come as a bill, dubbed Senate Bill S8839 when it is passed into law.
The Bill was introduced by Senator Kevin Thomas and alongside an accompanying Assembly Bill A8820 filed at the State’s Assembly by Clyde Vanel seeks to “create the crime of virtual token fraud,” and introduce appropriate penalties for the instituted crimes.
The evolution of cryptocurrencies has introduced a lot of non-traditional crimes of which rug pulls are now a prominent one associated with Decentralized Finance (DeFi) and Non-Fungible Tokens (NFTs). This kind of scam involves the main developers behind a project abandoning them before the promises made to their community are fulfilled at all.
Defining the Context of Rug Pulls
Per the text of the Bill sponsored by Senator Kevin,
“ILLEGAL RUG PULLS:
1. A DEVELOPER, WHETHER NATURAL OR OTHERWISE, IS GUILTY OF ILLEGAL RUG PULLS WHEN SUCH DEVELOPER DEVELOPS A CLASS OF VIRTUAL TOKENS AND SELLS MORE THAN TEN PERCENT OF SUCH TOKENS WITHIN FIVE YEARS FROM THE DATE OF THE LAST SALE OF SUCH TOKENS.
2. THIS SECTION SHALL NOT APPLY TO NON-FUNGIBLE TOKENS WHERE A DEVELOPER HAS CREATED LESS THAN ONE HUNDRED NON-FUNGIBLE TOKENS THAT ARE REGARDED AS PART OF THE SAME SERIES OR CLASS OF NON-FUNGIBLE TOKENS OR WHERE SUCH NON-FUNGIBLE TOKENS REGARDED AS PART OF THE SAME SERIES OR CLASS ARE VALUED AT LESS THAN TWENTY THOUSAND DOLLARS AT THE TIME THE RUG PULL OCCURS.”
With the two Bills now forwarded to both Chamber’s Codes Committee, a 30-day grace period will be scheduled for the new laws to be implemented if passed into law.
Rug pulls are not uncommon in the digital currency world. While many are not documented, a related one was recorded with the SushiSwap decentralized Exchange initially developed by a developer known as Chef Nomi. Back in September 2020, Nomi abandoned the project when he converted his SUSHI tokens to Ethereum.
Consequently, FTX CEO Sam Bankman-Fried took over the project and revived it, but not after the token had suffered a massive plunge.
A father and son’s disagreement over crypto trading led to a near-death experience and some jail time. Because of a shift in crypto market prices, a son reportedly drugged his father to gain access to his Bitcoins.
The dad, who didn’t want to be identified, made his son, Liam Ghershony, a partner in his crypto investing account worth $100,000 back in 2018. After some time, the fund grew and reaped $350,000 in profits, according to the duo. However, things changed when crypto prices fell, and the son’s drug use became more concerning.
As the market conditions changed, the father and son had different opinions on what to do with their Bitcoin (BTC). Amid the falling prices, the dad insisted on “hodling” while the son wanted to cash out. Convinced that his son’s judgment is clouded by his drug use, the father placed a two-step authentication on the account where the funds were stored.
The father recounts that it led to an argument where the son told him that he needs to sell and he responds with, “no, you need to stop doing drugs.” Because of this, the son crafted a plan. One day, he helped his father move some furniture, and after coming home from dinner at a restaurant, he initiated his plot.
With seemingly good intentions, Ghershony offered his father some tea for an “energy boost.” The dad accepted not knowing that it was spiked with large doses of benzodiazepine to knock him out. After this, the son used his dad’s phone to transfer $400,000 worth of Bitcoins to his account and converted two-thirds of it into Ether (ETH). He left his dad alone, thinking he’d naturally wake up.
Related:Bitcoin price bounces after Amazon stock gains 15% in US tech comeback
Two days later, after a call from a concerned friend, the police found the father lying in his bedroom unresponsive, but alive. He was brought to a hospital where he spent four days recovering from dehydration and organ dysfunction.
The son confessed to what he did to his mother, Christine Prefontaine. She then decided to report him to the police, while his father filed a criminal case against him. “I very strategically made a case against my son to force him into care and to protect our community,” the dad said.
In the end, the son served 125 days in jail and evaded further penalties by spending two months in rehab.
Normally, the only way to access one’s crypto funds is through their private key, which, thanks to advances in cryptography, would take nothing less than an advanced futuristic quantum computer to decipher. That said, mafias and gangs have managed to think outside the box. Instead of wasting their efforts on breaking the underlying cryptography, they’ve turned their attention to targeting crypto owners themselves.
A $5 wrench attack is when someone finds out you have a lot of crypto and physically attacks or threatens you for your private keys. On Wednesday, at least eight men including a police officer were arrested in the city of Pimpri-Chinchwad, India, for allegedly kidnapping a crypto trader and demanding ransom. The arrested officer, Constable Dilip Tukaram Khandare, reportedly learned of the trader’s 300 crore rupee ($40.13 million) crypto wealth via access to confidential data while working in the cybercrime department. The trader was let go after his friend filed a missing person report, prompting Khandare to release him, fearing repercussions.
Similarly, last November, four assailants allegedly broke into American tech entrepreneur Dentzel Zaryn’s home in Spain and attempted to coerce him into giving up his private keys. The tech entrepreneur reportedly holds $58 million worth in Bitcoin (BTC) across his wallets, with a significant portion of funds concentrated in one account. When Zaryn refused, he was subsequently tortured until he revealed the account information. The assailants left the property shortly after.
As Dr. Anon, a Cointelegraph staff member with expertise in such matters, wrote in a related magazine piece:
These attacks are frequently “your money or your life” situations carried out by sophisticated, professional, and organized criminals. That said, one can significantly limit their losses by having a “decoy” crypto wallet with a small portion of funds. If a robbery, kidnapping, etc., were to occur, simply hand it over and alert authorities afterward. It’s not worth the risk of getting tortured or killed for refusing to pay.
The same month, a crypto trader in Hong Kong was kidnapped by triad gang members who demanded $30 million Hong Kong dollars ($3.85 million) in ransom. Police managed to raid the kidnappers’ residence and rescue the trader, but not before being held in captivity for over a week — including being beaten with hammers during interrogations. According to reports, Kidnappers first demanded an $8 million ransom in Hong Kong dollars ($1.03 million) which was only raised to $30 million Hong Kong dollars after the triad discovered the victim had a lot of USDT in his account. “It’s maybe best to stay silent, keep a low profile, especially online, and make up a cover story if ever prompted about what you do,” writes Dr. Anon, “even if you have a decoy wallet, criminals could always get the wrong impression about your financial status and demand a ransom greater than your entire net worth, and it’d be pretty tough to get out of that one.”
ImmuneFi reported that $10.2 billion in theft and frauds affected the crypto industry over the course of 2021.
$7.55 billion was stolen via insider rug pulls, while $2.66 billion was stolen via outside hacks targeting various platforms.
Similar studies from Chainalysis and Elliptic support those numbers.
Share this article
DeFi security firm ImmuneFi has published a report suggesting that $10.2 billion was stolen through crypto attacks last year. The report corroborates other similar reports released in recent weeks.
$7.5 Billion Was Stolen by Insiders
ImmuneFi surveyed various incidents and determined that a total of $10.2 billion was stolen over the course of 2021.
The funds were stolen via two main methods: outside attacks due to platform vulnerabilities and alleged insider fraud.
$7.55 billion was stolen in a few major incidents of alleged insider fraud, primarily involving rug pulls from project founders. ImmuneFi drew attention to Africrypt, a South African exchange that saw its founders vanish with $3.5 billion in June. It also observed $2 billion stolen from the Turkish exchange Thodex.
The firm also highlighted three rug pulls from Binance Smart Chain projects: Meerkat Finance, whose founders stole $31 million; Popcornswap, whose founders stole $2.1 million; and finally the infamous Squid Game token, whose founders stole $12 million.
Over $2 Billion Was Stolen Via Hacks
Another $2.66 billion was stolen through vulnerabilities that left various platforms open to outside attacks and thefts.
In this category, the losses were distributed between over 130 attacks. Notable attacks targeted Venus Network, Bitmart, Cream Finance, Finiko, BadgerDAO, and BXH. Each of those projects saw $100 million to $200 million stolen from its holdings.
ImmuneFi noted that Poly Network, which had $613 million stolen from it in June, had most of those funds returned to it.
Other Reports Confirm Figures
Chainalysis reported similar figures this week. It suggested that $14 billion of illicit crypto funds were moved last year, though it omitted some incidents that ImmuneFi included while also covering extra categories such as ransomware and darknet markets.
This week’s report also comes months after a similar report from the crypto analytics firm Elliptic. That report suggested that $10.5 billion was stolen through DeFi attacks in 2021.
ImmuneFi also reported that $3.8 billion to $4.38 billion was stolen in 2020, suggesting that crypto crime rose significantly over the course of 2021 compared to the previous year. However, also according to Chainalysis, given the increase in number of transactions over 2021, the proportion of transactions representing illicit activity was only 0.15%, a 126% decline from 2020, despite the rise in real numbers.
Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and other cryptocurrencies.
Share this article
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
See full terms and conditions.
Bored Ape NFT Collector Loses $2.2M in Phishing Scam
An NFT collector has lost millions of dollars’ worth of NFTs in an apparent phishing attack. NFT Collector Targeted With a Phishing Attack A New York-based art curator and NFT…
Crypto Crime Soared in 2021, But So Did Usage: Chainalysis
A significant rise in cryptocurrency-related crime accompanied the rise of decentralized finance in 2021. While crypto crime rates hit record highs in absolute numbers, illicit crypto transactions marked record lows…
Investing Survey: Win A $360 Subscription To Pro BTC Trader
We’re doing this because we want to be better at picking advertisers for Cryptobriefing.com and explaining to them, “Who are our visitors? What do they care about?” Answer our questions…
Our Crypto Predictions for 2022
Regulatory intervention, Ethereum’s merge to Proof-of-Stake, the growth of DAOs, and—yes—the Metaverse look set to have a big impact on crypto next year. Reflections on 2021 in Crypto and the…
Crypto crimes saw a record high number last year in terms of value, blockchain analysis firm Chainalysis said.
The blockchain analysis firm reported recently that illegal addresses of criminals received $14 billion in digital currencies, up 79% from $7.8 billion in 2020.
Illicit addresses already hold over $10 billion worth of cryptocurrencies as of early 2022, Chainalysis said.
The report also shows the leading factor in the increase of stolen funds and scams is potentially due to the rise in decentralized finance (DeFi) – which facilitates crypto-denominated lending outside traditional banking.
In 2020, there was a 335% increase over the total cryptocurrency stolen from DeFi platforms in 2019 as less than $162 million worth of cryptocurrency was stolen from DeFi platforms, which was 31% of the year’s total amount stolen. While in 2021, there was a rise in the figure with another 1,330% to $2.3 billion, Chainalysis said.
“The increase in DeFi-related crime is an example of how criminals often exploit new technologies,” Kim Grauer, head of research at Chainalysis, told Reuters.
“When DeFi started to grow this year, we saw large increases in DeFi protocols being used to launder money as well as DeFi protocols being the actual victims of crimes such as hacking.”
Massive gains on tokens like Shiba Inu have pushed investors to venture on DeFi tokens while transaction volume also surged 912% in 2021.
Illicit addresses in the crypto world are defined as “wallets” tied to criminal activities such as ransomware, Ponzi schemes and scams. Illicit activities’ share of total crypto transaction volume remained low at just 0.15% in 2021. Total transaction volume surged to $15.8 trillion last year, up more than 550% from 2020 levels.
However, Chainalysis said that the 0.15% figure could increase as more addresses tied to illegal transactions are been identified.
Chainalysis said in its last crypto crime report that 0.34% of 2020’s crypto transactions were associated with illegal activity – that number is now at 0.62%.
“Criminal abuse of cryptocurrency creates huge impediments for continued adoption, heightens the likelihood of restrictions being imposed by governments, and worst of all victimizes innocent people around the world,” said Chainalysis.
The decentralised finance (DeFi) sector continues to take the world by storm, having scaled the heights to become a billion-dollar industry worth $86 billion, according to market insight provider DeFi Pulse.
Nevertheless, blockchain analytic firm Elliptic noted that crime has grown at an alarming rate in this industry by hitting $10.5 billion so far this year.
“Bugs in code and design flaws allow criminals to target DeFi sites. Deep pools of liquidity permit criminals to launder proceeds of crime while leaving few traces. Scams are also common.”
Crime across DeFi platforms has been rampant in 2021 because users have lost more than $12 billion since 2020.
According to Elliptic’s co-founder Tom Robinson:
“Decentralized apps are designed to be trustless in that they eliminate any third-party control of users’ funds. But you must still trust that the creators of the protocol have not made a coding or design mistake that could lead to a loss of funds.”
Many DeFi platforms emphasise that they have been beefing up security by maintaining passwords and keys and hiring external firms to check vulnerabilities.
DeFi enables users to save, borrow, and lend mainly in cryptocurrencies without an intermediary because it is founded on blockchain-based smart contracts that fulfil financial functions on the foundation of the underlying code.
According to a study by blockchain analytic firm Chainalysis, the United States had the highest DeFi adoption rate, followed by Vietnam, Thailand, China, and the United Kingdom.
Some experts expect this industry to enjoy more growth in the coming years. For instance, Matthew Roszak, a veteran crypto investor, stated that the DeFi sector would become an $800 billion industry thanks to increasing mainstream crypto adoption, the global chase for yield, and increased inflation.
Meanwhile, Victims of the BitConnect Ponzi Scheme, which siphoned more than $2 billion, are set to benefit from the liquidation of crypto assets worth $57 million.