The dramatic decline in cryptocurrency has dampened activity around specific types of financial crime — most importantly, investment fraud and illegal Dark Web transactions — leading to a drop in consumer losses in the first half of 2022.
This is according to an analysis published on August 16 by the blockchain data provider Chainalysis.
Overall, the cumulative revenue collected by fraudsters fell by two-thirds – 65% – in the first seven months of the year, according to the firm. The decline is only partly related to the decline in the value of major cryptocurrencies. Bitcoin, for example, dropped in value by 51% between January 1st and July 31st, and that is still not the cause of the overall decline.
The number of deposits associated with fraud also fell by more than two-thirds, indicating that fewer consumers fell victim to these efforts, said Kim Grauer, director of research at Chainalysis.
“Most scams are investment scams, and if investment across the board falls, then less money will flow into the services that are actually scams,” she says. “We’ve also seen many law enforcement victories in the past year that have further deterred fraudsters.”
Since their peak last November, major cryptocurrencies have fallen sharply in value, hitting lows in June. Bitcoin fell almost 72%, from its close of $67,567 on November 7, 2021, to $19,018 on June 17. Similarly, Ethereum fell nearly 80% to close at around $994 on June 17. Both digital assets have recovered from these lows in the past. two months.
Cryptocurrency is the financial backbone of most online crime, Chainalysis stated in its mid-year update, so the decline in cryptocurrency has affected other major cybercrimes such as money laundering and ransom. Both are down 20% to 25% since the beginning of the year, according to cybersecurity firms.
That said, crimes that don’t rely on luring victims with cryptocurrency have been less affected by volatility. Business email compromise (BEC), for example, still accounted for 35% of dollar losses in 2021, compared to 0.7% for ransomware, according to the FBI’s Internet Crime Complaint Center (IC3).
“No one likes a crypto bear market, but the only thing that fits is that illegal cryptocurrency activity has coincided with legitimate activity, albeit not as heavily,” the company stated. “This is particularly encouraging in scams, where the drop in market hype appears to mean fewer are being duped by fraudsters, and in darknet markets, where law enforcement’s [shutdowns of major markets] seems to have dampened the entire sector.”
DeFi Services Still Hot Targets
A constant? Hacking of digital wallets and decentralized financial (DeFi) services continued to grow. Overall, cybercriminals stole at least $1.9 billion in cryptocurrency through hacking online services so far in 2022, up about two-thirds from the same period in 2021.
The majority of hacking profits come from hacking DeFi protocols, Chainalysis stated in the semi-annual report.
“DeFi protocols are uniquely vulnerable to hacking as their open source code can be studied ad nauseum by cybercriminals looking for exploits – although this can also be useful for security as it allows for code auditing,” the company stated . “[I]It is possible that the protocols’ incentives to reach the market and grow quickly lead to the lapse of best practices for security.”
Specific regions have also focused on specific types of crime. North Korean nation-state actors have compromised specific DeFi protocols, leading to massive gains for the sanctioned government. The attackers stole approximately $1 billion so far in 2022, accounting for the majority of the $1.9 billion in losses from exchanges and services in July 2022.
“We’ve seen ransomware attacks come out of North Korea, but right now DeFi hacking is the most profitable thing for the North Korean hacking organizations to do,” Grauer says. “North Korean hacking organizations have realized how profitable this type of hacking can be if done correctly, so they have continued to carry out attacks throughout 2022.”
Financial institutions, consumers and cybersecurity professionals should not expect the decline in cryptocurrency-related fraud to continue, Chainalysis emphasized. Consumers must be better educated about the risks, while cyber security in decentralized financial protocols must be strengthened and reviewed. Finally, legitimate exchanges should have safeguards in place to prevent the transfer of funds to known scams, and law enforcement should develop their capabilities to seize cryptocurrency from bad actors, the company stated.