In August 2024, the crypto industry lost $313.86 million in digital assets due to cyber attacks. During this time, phishing attacks were the most prevalent. Additionally, the expansion of crypto ATMs in Australia is raising serious money laundering concerns, while a TikTok trend involving check fraud led to severe financial repercussions for participants. In response, the crypto industry is working on improving its defenses with initiatives like the Security Alliance (SEAL).
Crypto Industry Loses Millions to Cyberattacks
In August of 2024, the crypto sector was hit by a number of cyber attacks that resulted in the theft of $313.86 million in digital assets. Over 10 attacks were reported, but phishing attacks were by far the most prevalent as they accounted for 93.5% of the stolen funds. These phishing schemes led to the loss of $293.4 million.
Among the top five hacks of the month, two phishing attacks really stood out after draining $238 million worth of Bitcoin (BTC) and $55.4 million in Dai. Additionally, the Ronin Network was compromised. Although $12 million was recovered from the hacker. Another big loss occurred at the decentralized finance protocol Nexera, which fell victim to a smart contract exploit that resulted in a loss of $1.83 million.
A report from Immunefi that was released on Aug. 29 also revealed that the crypto industry has lost $1.21 billion to hacks and rug pulls so far this year.
One of the more serious incidents in recent months was the July hack of India’s WazirX crypto exchange, which suffered a massive loss of $234.9 million from one of its multisig wallets. The exchange is currently implementing a phased plan to restore its financial operations, including pursuing legal actions in Singapore.
In response to the growing threat of cyberattacks, a group of ethical hackers has formed an elite unit called the Security Alliance (SEAL) to strengthen the industry's defenses. The alliance is led by white hat hacker and Paradigm researcher Samczsun. SEAL has already handled over 900 hack-related incidents since its inception in August of 2023. Unfortunately, an Immunefi report also pointed out that almost 80% of cryptocurrencies never recover their value after a hack or exploit.
Price impact of an on-chain hack (Source: X)
New Zero-Day Hack Threat
Microsoft cybersecurity researchers have identified a zero-day vulnerability in the Chromium engine, which powers the Chrome web browser and other browsers. This vulnerability was exploited by a North Korean hacker group known as Citrine Sleet, but was patched on Aug. 21.
Microsoft linked Citrine Sleet to this exploit with "medium confidence." The group is infamous for targeting the cryptocurrency sector and is responsible for developing the AppleJeus trojan malware, which is also associated with the Lazarus Group of hackers.
This discovery was the third zero-day vulnerability in Chromium patched this year. Although Microsoft has notified targeted and compromised customers, the company has not revealed the number of affected users. Chrome versions prior to 128.0.6613.84 are still vulnerable to this type of attack.
The vulnerability was reported to Google, which patched it within two days. The hackers used the FudModule rootkit malware to gain remote code execution, employing advanced social engineering tactics. They created fake websites that mimicked legitimate crypto trading platforms, and used them to distribute fake job applications or lure victims into downloading malicious crypto wallets or trading applications. Once compromised, the hackers installed AppleJeus malware to take control of the target’s crypto assets.
Citrine Sleet was first observed by Microsoft in December of 2022 under the codename DEV-0139. The group created false identities on Telegram, posing as employees of the OKX crypto exchange, and sent targets an Excel document containing accurate fee structure information alongside a malicious file that established a backdoor on the target's computer. The group is also referred to as Chollima by other investigators, and has been linked by Kaspersky Labs to infections of the 3CX softphone app that targets crypto investment startups using the AppleJeus malware.
Crypto ATM Boom Sparks Money Laundering Concerns
It is not just crypto hacks that are causing problems for the crypto industry. Australia has seen a 17-fold surge in the number of cryptocurrency ATMs over the past two years. It is now the world’s third-largest market for these kiosks as it hosts 1,162 crypto ATMs. This is a sharp increase from just 67 in August of 2022, according to data from Coin ATM Radar.
Australia’s crypto ATM installations growth (Source: Coin ATM Radar)
Australia added 160 ATMs since April, when it first surpassed the milestone of 1,000 active machines. Blockchain intelligence firm TRM Labs ranks this expansion the largest growth in the cash-to-crypto industry in recent years. Despite this rapid growth, Australia only accounts for 3% of the global market, far behind the United States, which dominates with over 82% of the market and 31,877 ATMs, followed by Canada with 3,004 machines.
The rapid increase in crypto ATMs has not gone unnoticed by law enforcement, and Australian authorities have identified them as a potential money laundering vulnerability. In March last year, the Australian Federal Police launched a multi-agency task force to combat money laundering. It found that some criminals have used crypto ATMs to launder their illicit gains.
TRM Labs reported that globally, crypto ATMs have processed at least $160 million in illicit transactions since 2019. The firm also pointed out that last year, illicit transactions accounted for 1.2% of the total volume in the cash-to-crypto industry, which is double the 0.63% seen across the broader crypto ecosystem. Scams and fraud dominated these illicit activities, with over $30 million linked to scam-related crypto wallets in 2023.
Regulatory crackdowns have already taken place in some countries. In Germany, 13 kiosks were seized from 35 locations, and in the United Kingdom, 26 unlicensed machines were removed last year.
TikTok Check Fraud Trend
A viral TikTok trend known as the "infinite money" glitch, which allegedly allowed users to withdraw large sums of money from Chase Bank ATMs by depositing fake checks, has resulted in some serious financial consequences for those who attempted it. Participants in the trend claimed they could withdraw funds before the fake checks cleared, despite having insufficient balances. However, Chase Bank has since rectified the issue, leaving many who tried the glitch with massive negative balances or frozen accounts.
Chase Bank has not fully confirmed the details circulating online but has issued a warning to consumers. A spokesperson pointed out that depositing a fraudulent check and withdrawing the funds is a clear case of fraud. Banks typically have a cooling-off period to verify checks and fraud detection systems in place to prevent unauthorized transactions.
Austen Allred, the CEO of Bloom Institute of Technology, commented on the incident in a post, and stated that the so-called "glitch" was simply a form of check fraud. Financial author Jim Wang also debunked the trend, explaining that Chase quickly resolved the issue. Despite the online hype, the glitch has been exposed as nothing more than fraud, and those who participated are now faced with the consequences of their actions.