ETHERLive
ETHERLive delivers real-time price and volume data across 16+ exchanges to users in a clear and easy-to-understand package. Users can get up-to-the-second updates for each exchange/currency pair, as well as aggregated market averages for each exchange, currency, and the market as a whole. It also provides a global converted average of all the currency pairs monitored by ETHNews, converted to USD.

---

24hr ---
--%
Tuesday Dec 11th 2018
RESOURCES

The Basics

Learn the basics of Ethereum and various cryptocurrency technologies

Learn More

What is Ethereum?

Understand the underlying principles of the Ethereum Platform

Learn More

The Blockchain

Discover the revolutionizing technology known as the blockchain

Learn More
SUBMIT

Press Release

Submit a press release for consideration on ETHNews

Submit Press

Story / Dapp

Submit a story or DAPP to be considered for publication on ETHNews.

Submit Story

Explanation

Submit "Ethereum Explainer" content for consideration to be featured on ETHNews

Submit Topic
ETHNews Logo
---
--%
Home
News
Etherlive
Ether Price Analysis
Resources
Contact Us

Is Rash Of Recent Cryptocurrency Thefts A Wake-Up Call For Better Security?

By

Frederick

Reese

WriterETHNews.com

In light of the increase in exchange and wallet hacks, and even a few armed robberies, should the crypto community be looking for bank-like or commodity-level security for cryptocurrencies?

Cryptocurrency theft is common. From MtGox to The DAO, virtual currency hacks are proving the axiom that if something can be stolen, it probably will be.

The current rash of cryptocurrency thefts, however, have been extraordinary. Three thieves, for example, were arrested Tuesday in New York City on allegations of a $1.8 million cryptocurrency robbery. The three are accused of stealing a cold-storage Ether wallet from a holder at gunpoint last November.

Darrell Colon, Allan Nunez, and suspected plot mastermind Louis Meza apparently kidnapped the victim to steal the funds. Under false pretenses, Meza is said to have arranged a meeting with the unnamed victim and then pretended to call an Uber to take the victim home. The "Uber" turned out to be a minivan driven by Nunez with Colon in the back, armed with a gun. The duo demanded that the victim turn over a flash drive that held his wallet and its keys. Colon, who purportedly confessed to investigators, claims the weapon was a BB gun.

According to the report, the victim was held in the minivan with a hood over his head for two hours before escaping. While captured, the victim witnessed Meza and fourth collaborator Cesar Guzman break into his house, where they stole a black box and used the flash drive to transfer the wallet's contents to a personal account.

While this was not the first armed cryptocurrency robbery, the news highlights the fact that not all digital asset thefts occur online.

The arrest came in the midst of a rash of "traditional" exchange, wallet, and even network attacks, which may be contributing to recent market decline. In April, India-based Coinsecure announced the theft of 438.318 bitcoin – worth approximately $3.5 million at the time. Indian outlet The Economic Times reported the exchange's CEO, Mohit Kalra, as saying the funds were lost due to the leak of private keys. The company's previous chief security officer is suspected of conducting an inside job.

"There was no need to be online while extracting the bitcoin. The private keys, which [were] never exposed to the internet for the past 4 years, [were] exposed," Kalra said. "Funds were lost during the extraction of private keys ... The hack that happened is also too good to be true. Almost like offering the password to your bank account [on] a platter to a hacker."

Just this week, over $35 million in bitcoin was stolen from South Korean crypto exchange Coinrail. This follows the over $500 million hacking of NEM from Tokyo-based exchange Coincheck in late January.

The proliferation of such hacks – coupled with the emerging "real world" thefts – is coinciding with the increase in public awareness of the cryptocurrency, while security measures are failing to keep pace. Editor-in-chief of Business Insider UK Jim Edwards painted the problem in simple terms:

"There have been dozens of robberies of Bitcoin banks and exchanges, and millions of dollars have been lost. To put that in perspective, if robbers were routinely walking into brick-and-mortar banks and taking millions of dollars, with zero consequences and no arrests, it would make huge headlines every day. The media would be on high alert for the next heist. But on the Internet, Bitcoin thefts worth hundreds of thousands and millions of dollars happen on a weekly basis and no one cares."

Maybe the weak link in cryptocurrency security isn't the coins themselves, but us.

"Many crypto exchange hacks were easily preventable," Eiland Glover, CEO of Kowala, told ETHNews. "In the case of Japanese exchange Coincheck's $500 million loss, the funds were stored insecurely in hot wallets – cryptocurrency wallets connected to the internet – with a single private key. The hack could have been prevented by using a multi-signature hot wallet – one that requires the approval of multiple users in order to move money. Alternatively, Coincheck could have kept a greater percentage of the funds in cold wallets. Hackers only had to breach the single private keys to take total control of the cryptocurrency. This same attack vector was used in the Parity hack last year and the earlier Bitfinex hack."

"Crypto industry-friendly regulatory frameworks are needed to resolve the security issues. Regulators must define the rules for exchanges, including requirements for security protocols, which allow them to grow and professionalize their businesses."


Frederick Reese

Frederick Reese is a politics and cryptocurrency reporter based in New York. He is also a former teacher, an early adopter of bitcoin and Litecoin, and an enthusiast of all things geeky and nerdy.

ETHNews is committed to its Editorial Policy

Like what you read? Follow us on Twitter @ETHNews_ to receive the latest cryptocurrency, theft or other Ethereum opinion news.