How cyber criminals steal cryptocurrency

[CAPTION]A recent $1.5-billion heist of Ethereum from the Bybit platform is believed to be the largest yet in an ever-longer litany of thefts. Image: Stefani Reynolds / AFP©[/CAPTION]

Cryptocurrencies like Bitcoin and Ethereum are targets of choice for online criminals, who often exploit weaknesses in major trading platforms or individual users' digital "wallets" to make major scores.

A recent $1.5-billion heist of Ethereum from the Bybit platform—attributed by the FBI to North Korean hackers—is believed to be the largest yet in an ever-longer litany of thefts.

How common is crypto theft?

Cryptocurrencies are based on blockchain technology, which publicly records transactions between people holding and exchanging them. 

That has not kept a lid on theft, with an estimated $2.2 billion worth of the assets stolen in 2024, according to a report from specialist data firm Chainalysis.

It was the fourth year in a row that the worldwide total topped $1 billion, the report noted.

"Hackers from North Korea have become notorious for their sophisticated and relentless tradecraft," Chainalysis highlighted, adding that 60 percent of all 2024 crypto thefts by value were linked to the hermit nation.

How are attacks carried out?

Crypto thieves have focussed their attention on trading platforms as well as the digital "wallets" used to store the digital assets. 

"If you deposit money on a major platform, you're entrusting them with managing security for that cryptocurrency," said Mounir Laggoune, head of crypto wealth management and investment platform Finary.

Cyberattacks, some of them highly sophisticated, can overcome platforms' defences to access clients' cash.

According to Chainalysis, the most common method for stealing crypto was by attackers compromising owners' "private keys"—accounting for almost 43 percent of stolen funds in 2024.

These access codes to wallets can be extracted by social engineering, such as phishing, or hacking before the thieves use them to transfer assets away.

Also read: Uncharted waters: Getting a grip on India's cyber crisis in 2025

Is the blockchain secure?

First developed in the late 2000s, blockchain technology has been touted as a highly-secure way to record ownership.

Every transaction is recorded in a digital ledger, with copies distributed across huge numbers of participants' computers—making the information almost impossible to remove or modify.

Users' pooled computing power is put to work verifying and approving transactions.

It is not impossible for a malevolent actor to attack the blockchain itself, but the hurdles are extremely high.

Rewriting the blockchain, for example to delete transactions, would require controlling the majority of the distributed network of users' machines involved in "mining" the cryptocurrency.

There is precedent for such attacks, with platform Gate.io losing $200,000 this way in 2019.

Can stolen assets be traced?

Alongside immutability, blockchain's second supposed virtue is traceability.

With all transactions public, it should in theory be simple to track the destination of stolen assets.

Criminals can however resort to so-called "mixers".

These are "technologies that 'mix' or 'blend' potentially identifiable cryptocurrency funds with the purpose of obscuring the source of origin, thus making them untraceable," according to the UN Office on Drugs and Crime.

Once crypto assets have been passed through a mixer, "it is almost impossible to connect the funds to their original source," the UNODC adds on its website.