Cybercrime Is on the Rise in the Ethereum Ecosystem

Most cryptocurrency enthusiasts see Ethereum as a project that has a lot of potential. Its technology — most notably smart contracts — is certainly worth exploring. Unfortunately, any new form of technology will also attract people with less-than-honest intentions. The Ethereum ecosystem has become a home to cybercrime in a disturbing way. Millions of dollars have been stolen over the past few years, and it looks like things will not be improving anytime soon.

Cybercrime in the Ethereum World is Very Real

Most Ethereum enthusiasts will agree that the technology used by project developers leaves much to be desired. This is especially true on the security front. Some very disturbing exploits have been discovered and taken advantage of in recent years. A new post on the Chainalysis blog explains how cybercrime related to Ethereum is on the rise, as it has proven to be a very profitable undertaking. Whether a DAO or cryptocurrency ICO, hackers will exploit any weakness they can find.

Cryptocurrency users will remember how Ethereum started gaining a lot of momentum when The Dao was announced. This massive project had a lot of promise, and its business model is still considered to be solid to this very day. Unfortunately for The DAO and the team behind this project, their dream concept quickly turned into a nightmare.  Raising around US$177 million in funding was a big milestone, but was also bound to attract criminals. It did not take all that long for smart contract flaws to be discovered, eventually leading to 40% of all ICO funds being stolen. Some of this money was eventually recovered, but it showed how immature the technology was at that time.

Unfortunately for Ethereum, things have not improved all that much in the past year. Cryptocurrency ICOs have become more popular than ever. Not only do these crowdsales cripple the blockchain on a regular basis, there is also a significant security risk associated with such projects. There are dozens of scam sites and phishing attempts to steal investors’ funds in one way or another. According to Chainalysis, around 10% of Ethereum holdings in ICO investments are in the hands of criminals. This means nearly US$150 million worth of Ether has fallen into the wrong hands. That is a substantial amount that will most likely never be recovered.

As more cryptocurrency ICOs take place, there will naturally be more ERC20 tokens. That in itself is not a big deal, for the time being. With over US$1.6 billion raised by most recent projects, there is a lot of money moving around in the cryptocurrency world. This will always attract people with both honest and malicious intentions alike. In a recent incident, one cryptocurrency ICO saw the smart contract address on its website changed by a hacker. This situation was resolved quickly, but not before some customers had sent a lot of money to the wrong address as a result.

Bugs found in the code used by Ethereum-based projects are just one of the potential threats. Phishing attacks are the main concern, with the number of victims well above the 16,000 mark. Exploits are the second-most common threat, followed by effective hacks and Ponzi Schemes. All of this goes to show that most projects themselves have nothing but honest intentions. Whether or not that will remain to be the case is anybody’s guess.

Having entities such as Chainalysis keep tabs on these trends and highlight bad elements is quite beneficial to the Ethereum community as a whole. Clearly there is work to be done in this regard. The technology itself is improving, which is a positive trend. Protecting users from phishing attacks is a different matter altogether. If a user cannot tell the difference between a fake and genuine email or website, there is very little project operators can do to make it more obvious.