CipherTrace Research Shows $1.7 Billion in Cryptocurrency from 2018 Thefts and Exit Scams Needs Laundering

New research released today in the CipherTrace 2018 Q4 Cryptocurrency Anti-Money Laundering (AML) Report reveals that $1.7 billion in cryptocurrency was stolen and scammed in 2018 — a dramatic rise in criminal activity despite a slump in the market. Criminals need to launder all these funds in order to cash out before a wave of regulations go into effect in 2019.

Theft from cryptocurrency exchanges accounted for the majority of the criminal activity: more than $950 million was stolen by hackers in 2018, representing 3.6 times more than in 2017.

On top of these thefts, the research found investors and exchange users lost at least $725 million in cryptocurrency in 2018 to exit scams such as fraudulent ICOs, phony exchange hacks, and Ponzi schemes. A cryptocurrency exit scam is a confidence game where the promoters of a cryptocurrency ICO or other venture fails to execute — or executives of exchanges say they cannot return users’ assets — and then abscond with the money. This finding indicates that a new breed of cybercriminals are shifting their techniques from hacking to insider jobs.

Interestingly, even with the downturn in the prices of many cryptocurrencies, the total dollar value of tokens stolen and scammed was much higher in 2018 than 2017, which further points to the increase in security threats against exchanges and sophistication of online criminals.

The report, which provides the industry’s most in-depth state-of-the-market look at cryptocurrency crime and AML regulations by jurisdiction, outlines the impacts of the coming wave of global regulatory enforcement and emerging money laundering schemes. By 2020 most modern economies — including the US, EU and G20 as well as Gibraltar, Bermuda and Malta — will have deployed strict cryptocurrency AML and Know Your Customer (KYC) regulations. Cryptocurrency money laundering services are getting around these regulations by obscuring the original source of funds with new and innovative money mixers, unregulated crypto-to-exchanges, and privacy coins.

“Cryptocurrency criminal activity continues to evolve and accelerate. Fortunately, pending global legislation will hamstring many criminals, global gangs, and terrorist groups by greatly reducing their opportunities to launder,” commented Dave Jevans, CEO of CipherTrace and co-chair of the Cryptocurrency Working Group at the APWG.org. “These tough new laws will drive bad actors to not only innovate but also flock to jurisdictions with weak regulatory oversight, as we have shown in earlier research. CipherTrace’s blockchain intelligence and anti-money laundering technology helps exchanges, financial services firms, regulators, and law enforcement work together to create trust in the crypto ecosystem.”

For the first time, CipherTrace has also identified the Top 10 Trending Crypto Threats, providing actionable threat intelligence for anyone dealing with cryptocurrency:

SIM swapping: An identity theft technique that takes over a victim's mobile device to steal credentials and break into wallets or exchange accounts to steal cryptocurrency.

Crypto dusting: A new form of blockchain spam that erodes the recipient's reputation by sending cryptocurrency from known money mixers.

Sanction evasion: Nation states that use cryptocurrencies to circumvent sanctions and that has been promoted by the Iranian and Venezuelan governments.

Next-generation crypto mixers: Money laundering services that promise to exchange tainted tokens for freshly mined crypto, but, in reality, cleanse cryptocurrency through exchanges.

Shadow money service businesses (MSBs): Unlicensed MSBs that bank cryptocurrency without the knowledge of host financial institutions, thus exposing banks to unknown risk.

Datacenter-scale cryptojacking: Takeover attacks that mine for cryptocurrency at a massive scale and that have been discovered in datacenters, including AWS.

Lightning Network transactions: Enabling anonymous bitcoin transactions by going "off-chain" and now scaling to $2,150,000.

Decentralized stable coins: Stabilized tokens that can be designed for use as hard-to-trace private coins.

Email extortion and bomb threats: Mass-customized phishing email campaigns by cyber-extortionists using old passwords and spouse names and that demand bitcoin. Bomb threat extortion scams spiked in December.

Crypto robbing ransomware: New malware distributed by cyber-extortionists that empties cryptocurrency wallets and steals private keys while holding user data hostage.