Hacking and theft: the dark side of Blockchain
While the popularity of cryptocurrencies shows no sign of abating – Morgan Stanley estimates that $2 billion was invested with expert hedge funds focusing on cryptocurrencies in 2017 – they are certainly not immune to hackers and there is a lengthy history of security problems among popular cryptocurrencies.
We consider some of the key hacks in the history of cryptocurrencies:
1. 2010: Bitcoin Hack
This is the first publicised hack involving Bitcoin. A key aspect of Bitcoin is that there is a cap on Bitcoin supply of 21 million. This hack occurred in 2010, and involved a hacker manipulating a bug in Bitcoin’s software to generate a single block involving a transaction of 184 billion Bitcoin (well above the cap).
2. 2014: Mt. Gox Hack
This was arguably the single biggest hack in the history of cryptocurrencies. The enormity of the hack was shown by the bankruptcy of Mt. Gox a short time after the hack. At the time of the hack, Mt. Gox (Magic the Gathering Online Exchange) was the largest Bitcoin exchange in the world and handled 70% of the world’s Bitcoin exchanges. The exchange was hacked and the hacker transferred many thousands of Bitcoin from the exchange to his own account leading to the theft of $473 million in Bitcoin.
3. 2017: CoinDash Hack
Moving on to more recent years, CoinDash, a start-up, commenced an initial coin offering (ICO) promotion in 2017 in order to raise funds. $7.3 million of donations were raised before a hacker altered the Ethereum address (Ethereum is a blockchain comparable to that used for Bitcoin and Ethers are a unit of currency on Ethereum) meaning that donations were sent to an unknown party. The company shut down the ICO but the hackers benefitted from between $7 million and $10 million in stolen Ether.
4. 2017: Parity Hack
2017 appeared to be a key year for cryptocurrency hackers. Indeed Parity, a cryptocurrency wallet supplier, was attacked twice in 2017. Firstly through a weakness in its Multisig Wallet that provided a way for hackers to gain access to funds from the ICOs of four companies. The hackers profited from $32 million in Ether from this attack. The second attack did not involve a malicious hacker, but occurred due to one of its software users. A Parity user discovered a bug (by chance) in the software code, freezing over $275 million in Ether.