Hackers have made away with billions of dollars in the past few years. And as it turns out, it may have been primarily the work of two criminal groups. A new report by Chainalysis revealed that the two groups have stolen over $1 billion in successful heists in recent years. The two groups are well organized and have wreaked havoc on exchanges and wallets in a systematic manner. The scariest part: the two are still active and so far, no one has come close to tracking them down.
The Digital Cartels
In the third installment of its Crypto Crime series, Chainalysis broke down the hacking process and why the two groups have continued to evade capture. On average, the two groups stole $90 million per hack. This sum is large enough, but the number gets incredibly bigger over time. The report stated:
Together, these two groups are responsible for stealing around $1 billion to date, at least 60% of all publicly reported hacks. And given the potential rewards, there’s no question hacking will continue; it is the most lucrative of all crypto crimes.
Once they hack an exchange or wallet and steal the tokens, they then use diverse methods to disguise the origin. The tokens are quickly moved between exchanges and wallets before the victims can begin investigations. After this swift process, the hackers then observe a ‘quiet period’ of at least 40 days. This is done to ensure that the interest from law enforcement agencies dies down first.
Satisfied that no one is looking anymore, the hackers then swiftly move the funds across exchanges. They cash them out into fiat at the earliest convenience, usually within the first four months. The hackers use online exchanges with limited KYC or peer-to-peer exchanges to cash out.
Same Goal, Different Philosophies
According to the report, the two groups seek to execute the hacks swiftly and exit before they can be traced. However, they go about this differently. The first group, which Chainalysis referred to as Alpha, is a very well-run and organized group. This group is not just motivated by money and is very methodical in its approach. It’s also quite large and distributed globally.
The second group is much smaller but just as lethal. Referred to as Beta by the New York-based research firm, the group is less organized and is solely driven by money. It’s very direct in its approach to hacking and doesn’t seem too concerned with evading capture.
Despite hacking being widespread, hackers still have an easy time cashing out into fiat currencies. This is because once the tokens are stolen and transferred between a couple of addresses, they look genuine and legitimate. Therefore, when a hacker sends the stolen tokens to a wallet on an exchange, the exchange is unable to distinguish between legitimate and stolen tokens.
Recently, researchers at Cambridge University announced that they had devised a new algorithm that can track stolen tokens. The new algorithm holds a lot of promise, but it’s yet to be used to solve a hacking incident. For now, all you can do is keep your tokens tucked away in cold storage when you aren’t transacting.