In brief
- Over the past two years, the volume of stolen cryptocurrency has grown.
- The number of security breaches is peaking as well.
- A report shows how the money moves after a hack.
The rapidly evolving landscape of the crypto industry is forcing cyber criminals to work harder to obfuscate the transaction flows of stolen Bitcoin and other cryptocurrencies, according to the latest Crystal Blockchain report.
While the numbers of crypto exchanges and crypto traders are growing, it also offers plenty of opportunities for criminals who typically target inexperienced users, trying to steal their assets.
The analysts found that cyber criminals are now hiding their stolen funds much more quickly. This comes as both the volume of stolen funds and the number of security breaches have reached their highest levels in 2019/2020.
The report said that, while crypto criminals used to hold stolen funds for anything up to a year, they now tend to start hiding their funds within 28 days. It notes that this is a 13X decrease in how long it takes for the stolen money to be squirreled away.
The authors suggest that potential reasons for such drastic changes include the general development of the crypto industry with more attention from law enforcement, as well as the emergence of various blockchain analysis companies.
Blockchain forensic platforms are designed to monitor transactions across blockchains in order to identify nefarious actors and watch the movement of stolen funds. They tag certain addresses as high-risk and work with law enforcement to prevent the assets being sold.
According to Crystal Blockchain, “This has caused changes in the behavior of crypto-criminals, making them work even harder to entangle and hide stolen fund transaction flows much more precisely.”
Other findings point to a growing tendency of hackers no longer moving funds to centralized exchanges that require verification, instead sending money to those that don’t have such checks in place. The amounts of stolen funds withdrawn through exchanges with verification requirements have dropped from 53% to just 8%.
Cyber criminals are also using mixing services more often. In 2015 mixers received 5% of stolen funds. Last year, however, this value soared to 27%.