Wallet hacks, exit scams, ICO bans
In January, attackers stole roughly $400,000 in Stellar Lumen (XLM) coins.
In the same month, a software developer revealed the CoffeeMiner attack, a means to use public Wi-Fi networks to perform cryptojacking – the covert mining of cryptocurrency without user consent.
Facebook decided to ban the advertising of ICOs, cryptocurrencies, and binary options on the social network due to the prevalent risk of scams and fraudulent schemes.
One of Japan’s largest cryptocurrency exchanges, Coincheck, was hacked, while both BitConnect and Benebit pulled an exit scam.
Nuclear power, ripe for cryptocurrency
In February, employees at the Russian Federation Nuclear Center were arrested for using the centre’s supercomputing power to mine virtual coins.
Over in the United Kingdom, US, and Australia, government and corporate websites were infected with cryptocurrency mining software via a vulnerable third-party plugin.
In March, Google took steps to tackle the issue of fraudulent ICOs, and chose to ban ICO, wallet, and cryptocurrency consultancy services from purchasing adverts for display on the tech giant’s search engine.
Binance was forced to deal with the aftermath of a credential-stealing scheme that was used en masse to sell user funds and convert them into altcoins.
Fraud and embezzlement
In April, a suspected case of fraud emerged with the Chief Strategy Officer (CSO) of cryptocurrency exchange Coinsecure being blamed for the loss or embezzlement of 438 Bitcoins, worth roughly $3.3 million at the time.
In May, the Bitcoin Gold (BTG) hard fork, originating from the Bitcoin (BTC) blockchain, suffered what is known as a 51% attack. In total, $17.5 million was stolen.
Taylor was entirely cleaned out of cryptocurrency and token reserves.
A tea-based blockchain project, the Shenzhen Puyin Blockchain Group, ran a fraudulent ICO and raised approximately $48 million from investors before vanishing.
In June, a research paper appeared which claimed the market for cryptocurrency-stealing malware was now worth millions of dollars, and at the same time, Coinrail was relieved of roughly 30% of its coin reserves.
Only a week later, another South Korean exchange, Bithumb lost $31.5 million to hackers.
Another ICO exit scam was also performed halfway through the year, this time by Block Broker, an organization which claimed to develop anti-fraud blockchain technologies.
During July, blockchain startup Bancor said a company wallet was compromised. While the alleged attackers apparently attempted to steal $23.5 million, but once the wallet was identified and frozen, only $12.5 million in Ethereum (ETH), alongside $1 million in Pundi X (NPXS) and $10 million in Bancor Network Tokens (BNT) was stolen.
A month of arrests
BitConnect, which performed an exit scam in January, resurfaced in the news over August as the Indian head of the firm was reportedly arrested in Dubai. Two months later, former BitConnect investors banded together to launch a lawsuit accusing the company of fraud.
In the same month, three Chinese nationals were arrested over the alleged theft of theft of $87 million in cryptocurrencies by targeting both individual and corporate wallets.
In September, cryptocurrency exchange Zaif lost $60 million following a cyber attack in which hackers siphoned away Bitcoin, Bitcoin Cash, and MonaCoin from hot wallets.
A vulnerability was also discovered in the Monero system that could have permitted attackers to steal vast amounts of the cryptocurrency. After a theoretical question was posted online, developers realized a serious bug in the framework existed and set to patch the problem.
ICO scams of epic proportions
In October, Pincoin operators ran off with $660 million in trader funds after pulling an ICO exit scam, which was unsurprising considering the 48% return that the organization promised investors.
In November, a 21-year-old was arrested for performing a SIM-swap attack that took a victim’s entire life savings. The attack was conducted by convincing customer service reps to redirect numbers to a handset, where it can be used to recover passwords and bypass 2FA.
A brash crypto jacking scheme was also uncovered in a Canadian university was forced to close down its network to stop the use of the institution’s power for cryptocurrency mining.