Cybercriminals managed to steal $1.2 billion in cryptocurrency in reported and unreported theft since 2017 as some researchers fear new data privacy laws may negatively impact cybercrime studies, according to the Anti-Phishing Working Group (APWG).
Since then the emergence of more than 1,500 digital tokens have put the spotlight on the unregulated sector of digital currencies, according to Reuters.
Of that $1.2 billion, APWG Chairman Dave Jevans told the publication he estimates only about 20 percent or less has been recovered as law enforcement agencies across the globe have their hands full tracking down these crimes.
“One problem that we're seeing in addition to the criminal activity like drug trafficking and money laundering using cryptocurrencies is the theft of these tokens by bad guys,” Jevans said.
Ilia Kolochenko, CEO of web security company High-Tech Bridge told SC Media an unregulated cryptocurrencies are an emerging Klondike for cybercriminals.
“A well-prepared attack is uninvestigable, risk of persecution borders with zero, while the stolen coins can be easily laundered and used for the niceties of life,” Kolochenko said. “We will likely see a continuous growth of attacks against cryptocurrency owners and processors (e.g. exchanges) by various means from trivial phishing to sophisticated APT attacks against the largest trading platforms.”
Kolochenko went on the say that users should never entrust their cryptocurrency wallets to third parties and should, remain vigilante for any incoming messages, emails or hyperlinks, have an updated AV, and ensure all of their devices stay updated.
While users should always do their part in securing their data, some researchers fear new legislation may hurt their ability to study cybercrime. Jevans said that his organization's investigations of criminal activity will likely be negatively affected by the European Union's new General Data Protection Regulation (GDPR) going into effect today.
“GDPR will negatively impact the overall security of the internet and will also inadvertently aid cybercriminals,” said Jevans. “By restricting access to critical information, the new law will significantly hinder investigations into cybercrime, cryptocurrency theft, phishing, ransomware, malware, fraud, and crypto-jacking,” he added.