Crypto’s hacking problem is out of hand—and it’s going to get worse before it gets better

Jeff John Roberts
API/Gamma-Rapho/Getty Images

How bad is crypto’s cybersecurity problem? Well, just look at the news. Last week began with a report that North Korean hackers—who steal crypto to pay for their mad dictator’s nuclear weapons schemes—had their best year ever in 2022 and have already nicked $200 million so far this year. This coincided with news that crypto gambling platform Stake got looted for $42 million, and, to round out the week, scammers got hold of Ethereum founder Vitalik Buterin’s X (formerly Twitter) account—where they promoted a crypto giveaway (what else?) to steal nearly $700,000.

These latest developments are hardly surprising. Since the early days of Bitcoin, crypto has been catnip for hackers, who seized on the semi-anonymous nature of blockchain to rob users, companies, and each other. From the calamitous hack of Mt. Gox in 2014 to Bitfinex in 2016 to Axie Infinity’s “oops, we lost $600 million” moment last year, massive looting has been a fixture of the industry as much as Lambos and bad tattoo decisions.

The problem is that, despite more than a decade of hard lessons, crypto’s cyber vulnerabilities seem worse than ever. The latest spate of hacks are a bad look for an industry trying to win back investor confidence after last year’s FTX debacle—and won’t endear it to the U.S. government, which is understandably concerned that crypto is bankrolling Kim Jong Un’s military.

To be fair, crypto is not the only industry plagued by hackers. Cybercriminals have also wreaked havoc at hospitals, state governments, and many Fortune 500 companies. And fighting off hackers when they’re backed by a nation-state—most notably North Korea but also China, Russia, and Iran—is no easy task.

Still, it feels as if the crypto industry could try harder. While analytics firms like Chainalysis and TRM regularly work with senior law enforcement officials to trace and sometimes capture stolen assets, too many crypto firms have treated security as a second-tier priority—favoring get-rich-quick schemes over less glamorous tasks like auditing code and defending against phishing.

In the short term, things are likely to get worse. This is partly due to the fact that nation-state-backed hackers are getting better at stealing digital assets, but also because it has become easier to run scams on X since Elon Musk took over. Despite promising to purge bots and crooks from the platform, the billionaire has made it easier for scammers to run amok by scrapping its longtime verification scheme.

It’s just a matter of time till we learn about the next disastrous hack. If the industry wants to reverse this trend, blockchain projects need to do a better job of working with each other—and, yes, with the government—to harden their defenses.

Jeff John Roberts
jeff.roberts@fortune.com
@jeffjohnroberts

This story was originally featured on Fortune.com

More from Fortune:
5 side hustles where you may earn over $20,000 per year—all while working from home
Want more for your money? These 14 savings accounts have rates of 5% APY (and higher)
Buying a house? Here's how much to save
This is how much money you need to earn annually to comfortably buy a $600,000 home

Advertisement