ICO-funded projects face 100 cyber attacks monthly, says report

The influx of investment has made such projects a major target for hackers

ICO-funded projects face 100 cyber attacks monthly, says report
In recent months, regulators around the world have issued warnings against initial coin offerings (ICOs). But a new report reveals that even legitimate ICOs could be risky for investors.

In an analysis of 450 attacks on ICOs since the beginning of 2017, Moscow-based cybersecurity firm Group-IB has found a tenfold increase in hackers’ attempts to steal money from ICO projects over the period.

According to the research released Wednesday, such projects are attacked by cyber criminals 100 times a month on average. A separate study published by Ernst & Young this week, which Group-IB also participated in, reported that US$400 million out of the US$3.7 billion raised to date through ICOs had been stolen.

The unprecedented cryptocurrency mania closely follows a phenomenal surge in Bitcoin last year. Investors have been piling into alt-coins — cryptocurrencies other than Bitcoin — in the hopes of catching a similar wave. Numerous small firms have taken to raising funds by selling digital tokens or coins, many of which are promoted as exchangeable for some product or service.

Securities watchdogs have warned investors about scams being perpetrated under the guise of an ICO. Meanwhile, hundreds of millions in ICO funding have been raised by young companies with just a few employees and an outline business plan.

According to Group-IB, ICOs and cryptocurrency investors are also at risk from phishing attacks. Groups that create ersatz emails and websites to steal passwords and personal information have started shifting away from banks, and are now able to steal up to US$1.5 million a month from the exploding but little-understood space.

There have also been cases of hackers hijacking ICO project websites, changing the information to divert money from would-be investors into their own digital wallets.

“Lots of projects underestimate cybersecurity risks, which leads to an avalanche of threats and successful thefts,” said Ruslan Yusufov, director of private client services at Group-IB.

Related stories:
Outrage among investors in regulator-flagged ICO
Hackers to come after cryptocurrency players: study