1

Theft, Money Laundering, and NFT Market Manipulation: what crypto scammers do in 2022

Извините, этот текст доступен только на “en” и “ua”.

 

Any new technology that can offer benefits to the world has the potential to be abused by bad actors for their own personal gain.

 

 

While cryptocurrency-based crime remains an important problem to solve, especially given that the raw value of illicit transactions is still growing, illicit activity has become a less prominent part of the overall cryptocurrency ecosystem over the last three years.

 

However, DeFi specifically appears to be going through the same growing pains that cryptocurrency as a whole was previously, with illicit activity rising over the last two years.

 

We see this primarily in two areas: Theft of funds through hacking, and abuse of DeFi protocols for money laundering.

 

DeFi protocols are the hacking target 

 

In fact, over the course of 2021, DeFi protocols became the go-to target for hackers looking to steal cryptocurrency.

 

 

DeFi protocols have accounted for an ever-growing share of all funds stolen from cryptocurrency platforms since the beginning of 2020, and lost the vast majority of stolen funds in 2021. As of May 1, DeFi protocols account for 97% of the $1.68 billion worth of cryptocurrency stolen in 2022.

 

 

Even worse, much of the cryptocurrency stolen from DeFi protocols has gone to hacking groups associated with the North Korean government, especially in 2022.

 

Already in 2022, North Korean hackers have had their biggest year yet for cryptocurrency theft at over $840 million, based entirely on hacks of DeFi protocols (it’s possible that North Korean hackers are responsible for other hacks, both of DeFi protocols and centralized services, that have yet to be attributed to them definitively).

 

The data goes to show that shoring up DeFi protocols’ defenses against hackers isn’t just a matter of building trust with users so that DeFi can continue to grow. It’s also a matter of international security given that cryptocurrency stolen by North Korean hacking groups is used to support the country’s development of weapons of mass destruction.

 

The U.S. government is taking action, and most recently sanctioned a mixer for the first time given its role in laundering funds for DPRK-linked attackers.

 

 

Money laundering is another serious issue, as DeFi protocols represent a bigger and bigger share of all funds sent from illicit addresses over the last two years.

 

So far in 2022, DeFi protocols have become the biggest recipient of illicit funds, taking in 69% of all funds sent from addresses associated with criminal activity, compared to 19% in 2021.

 

 

DeFi-based money laundering is another area where North Korean hackers are leading the way.

 

We saw an example of this in 2021, when the infamous Lazarus Group used several DeFi protocols to launder funds after stealing more than $91 million worth of cryptocurrency from a centralized exchange.

 

 

NFT wash trading: how it works

 

While most wash traders ended up losing money due to gas fees, the most successful ones turned large profits by artificially inflating their NFTs’ values and offloading them to unsuspecting users.

 

Rather than inflating the value of any particular NFT, the goal of this scheme seems to be collecting reward tokens given out by the NFT marketplace used by the wash traders.

 

So, what is wash trading? Wash trading is a form of market manipulation in which a seller is on both sides of a trade — in other words, selling an asset to themselves — in order to create a misleading perception of that asset’s value or liquidity.

 

Wash trading is relatively easy to do with NFTs, as some NFT trading platforms allow users to trade by simply connecting their wallet to the platform, with no need to identify themselves. One user could easily control multiple wallets and trade NFTs between them, and no one could know unless they took the time to analyze the wallets’ transaction histories.

 

Now, on to our example. Below, we see two wallets, which we’ve labeled Wash Trader 1 and Wash Trader 2, that have generated over 650,000 wETH in transaction volume each while selling the same three NFTs back and forth to one another.

 

 

All of this activity has taken place on the same NFT marketplace. At no point has either wallet sold any of the NFTs to an outside party, so for the time being, it doesn’t appear their goal is to rip off another NFT collector by selling them an artificially inflated asset.

 

However, this particular marketplace offers incentive rewards in the form of its own native token to users whenever they buy, sell, or trade NFTs on the platform. The two wash trader wallets have generated huge amounts of the marketplace’s rewards token through wash trading. Not only that, but the wallets have upped their earnings even more by staking their rewards tokens.

 

 

All in all, between direct earnings from platform usage and staking, the two wash trading wallets have made over 106 million rewards tokens, currently worth over $185.5 million. Gas fees on the wash trades total just $114.6 million in gas fees, giving the wash trader(s) a profit of nearly $71 million. The wallets started with initial funding of 705.6 ETH, worth $2.4 million at the time of the first transfer, making this wash trading scheme a huge success.

 

This type of wash trading scheme isn’t victimless. For one, the NFT marketplace is being tricked into paying out rewards for phony activity. NFT collectors throughout the market are also potentially being tricked into thinking that this NFT marketplace has more transaction activity than it really does, and the same goes for the NFT collection the wash traders are using for their transactions.

 

Source: The Chainalysis State of Web3

Related Posts

card__image

Киберугрозы растут, а специалистов становится все меньше

Ключевым вопросом исследования рынка труда в сфере кибербезопасности ISC2 2024, является необходимость для организаций расширить возможности для развития кадрового потенциала в этой сфере, а также предоставить больше возможностей для новичков войти в профессию и развивать необходимые навыки при поддержке опытных коллег.   Согласно новым данным, глобальный рост числа специалистов по кибербезопасности впервые за шесть лет […]

card__image

Количество DDoS-атак увеличивается

Мониторинг развивающихся тенденций DDoS важен для предвидения угроз и адаптации стратегий защиты. Комплексный отчет Gcore Radar за первое полугодие 2024 года предоставляет подробную информацию по DDoS-атакам, демонстрируя изменения в моделях атак и более широком ландшафте киберугроз. Ниже мы делимся основнвыми инсайтами.   Ключевые выводы   Количество DDoS-атак в первом полугодии 2024 года выросло на 46% […]

card__image

Большинство компаний боятся невидимых киберугроз

Недавно компания Critical Start опубликовала свой второй ежегодный отчет о ландшафте киберрисков, в частности речь идет о проблемах и вызовах, связанных с уменьшением киберрисков для предприятий. Согласно опросу, 86% респондентов сказали, что неизвестные риски сейчас являются главной проблемой безопасности для их компаний, что на 17% больше, чем в том же исследовании в 2023 году.   […]

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *