Who Paid the Price for Crypto’s Security Gap? Consumers

Retail investors who took the promises of baked-in security at face value paid the price for the oversights and security flaws that the digital asset space is still working to overcome.

Gunnar Jaerv Published by Gunnar Jaerv on 21 October 2019 (Updated NaN )

In the early days of digital assets, security appeared to be provided by the consensus algorithms and cryptography that underlay the first generation of digital assets. Powered by encryption that was effectively unbreakable and consensus algorithms like Proof-of Work, these tokens looked tough to hack.

And they were. No-one has ever successfully hacked the Bitcoin network (that we know of).

Bypassing cryptographic protections

But laptops were as easy to steal as ever, and the web apps that digital assets users relied on to trade assets against each other and fiat were at best only as secure as any other website. When one Bitcoin was worth $2, as it was in 2011, that didn’t matter much. Users foresaw its value mainly in terms of an alternative, anonymous unit of exchange — ‘digital cash’ — and seemed chiefly interested in buying specialized computer components, software and pizza with it. But even then, there were tremors: 2011 was the year the Mt. Gox exchange was attacked, in a theft so large it caused a momentary fall in the price of BTC.

A rapidly-growing, unregulated market

By 2015, the picture had changed. The market cap of Bitcoin reached $3.4bn. Suddenly, exchanges were worth hacking, not opportunistically, but professionally. Individuals were worth attacking through hardware theft, social engineering, stolen password trading and all the other low-tech tricks on which cybercriminals largely rely. And the untraceable nature of digital assets turned out to be a double-edged sword: if yours was stolen from you, the thief was as anonymous as cryptography and decentralization could make them.

That early hack of Mt. Gox was for just a few thousand dollars. For most retail investors that’s not pocket change (in fact, it’s a pretty good description of the average retail investor’s exposure to BTC), but it’s a theft that wouldn’t be reported by a regional newspaper, let alone make it into national media, if not for the then-novelty of the technology involved.

Four years later, in January of 2015, the Bitstamp exchange lost over $5 million in a phishing attack against employees that was used to inject their servers with malicious code. The combination of technical expertise and psychological manipulation marked a new phase of cyberattacks on exchanges and showed clearly where digital assets were vulnerable: through the individuals and institutions who held and moved them.

The illusion of security by obscurity

The early spate of attacks on exchanges and individuals showed that, in a strange relapse, Bitcoin and its sister tokens had achieved security only through obscurity. No-one had stolen it before, not because it was impossible (or even particularly hard), but because no-one was trying.

As the value of an individual token grew, and the number of users of exchanges rose, it became profitable for hackers to steal from individuals too. Methods to do this varied, but included phishing and social engineering attacks, as well as time-dishonored cybercrime standbys like typosquatting.

And the average BTC or ETH user was no longer a highly technologically-competent, Solidity-literate experimentalist, but a retail-level investor riding a growing wave of rising value: in the years 2013 to 2017, the BTC market cap grew 1700% while the US economy grew just 5.9%, making digital assets an attractive target for both investment and larceny.

Individuals who had bought a couple of BTC to see where this crypto thing was going were sitting on tens of thousands of dollars; totally inexperienced investors flooded into the new, rapidly-expanding market, such that by March 2018, just over 5% of all Americans owned Bitcoin, with an average investment of $3,453.

Self-custody and hot/cold wallets

Clearly, these new investors needed a system for keeping their investment safe. There was no traditional financial infrastructure available, so they fell back on a variant of defence in depth: the hot/cold wallet system.

Hot/cold wallets work by having one wallet which is ‘hot,’ connected to the network, and another wallet which is ‘cold,’ usually unconnected, airgapped or at least stored on separate hardware.

In theory, your capital rested in your cold wallet, immune to attack short of physical theft and protected even in that event by a cryptographic wallet key that only you knew. Meanwhile, the money for today’s round of investments was kept in your hot wallet. If you or the exchange were hacked, you’d lose only that.

A retail market in cold wallets, USB sticks with special adaptations, emerged. At the same time, so did a growing body of evidence that hot/cold wallets couldn’t solve the problems even low-level, recreational investors faced.

Why didn’t they work?

Some of these problems were unique to a new combination of rapid value increases, retail investors and unfamiliar technology. Others were more familiar. Faced with a choice between convenience and security, almost everyone will choose convenience. That’s why passwords are so reliably awful, and it’s why cold wallets didn’t see as much use as they should have.

Users struggled to move assets between wallets conveniently. And exchange operators sometimes misled their users about their own cold wallet usage, exaggerating assets or simply not bothering to use cold wallets with sufficient care. This instance of the principal-agent problem — your broker doesn’t stand to lose their own money, but yours — has long been addressed in the traditional financial world through regulation, legislation and professional requirements. In the burgeoning digital assets world investors had no such protections.

The volatile digital assets market meant that at the end of a day’s trading the contents of a user’s hot wallet might be worth more than the contents of their cold wallet, and the temptation to increase exposure to a rapidly rising market was one most retail investors did not resist. The result was a system that existed in theory and in artefacts but not in operation.

Additionally, hot and cold wallet keys, cryptographically generated, remained vulnerable to key theft, social engineering and phishing, gaps in investors’ security knowledge (such as the very low security of unencrypted emails), and attacks on devices used for key storage.

Some were also vulnerable to simple guesswork: security researcher Adrian Bednarek discovered in 2018 that a lot of automatically-generated private keys are coincidentally very easy to guess, since if enough random 14-digit strings are generated, some will have a value of 1, 2, 3, 4, and so on. The same week, his team found that someone else had discovered this, years before them, and stolen ETH worth up to $50m using exactly this method.

Pyramid schemes and exit scams: institutional digital assets theft

While trade in digital assets continued, and thefts from retail investors swelled as the parasitical ecosystem of hackers and fraudsters grew alongside the legitimate digital asset market, businesses interested in the possibility of decentralized investment and funding were discovering new forms of cybercrime.

One simple way to massively increase the amount of digital assets you could steal was simply to set up a fraudulent exchange or other digital asset service. In varying versions of the ‘long con,’ exchanges gained users and positive reputations before suddenly closing in suspicious circumstances, as with QuadrigaCX, whose CEO Gerald Cotten died in India in sole possession of the private keys to deposits worth $190m.

It later transpired that Cotten had been trading with customers’ deposits on his own behalf on other exchanges, and ‘buying’ digital assets from QuadrigaCX customers using nonexistent fiat deposits credited to accounts controlled by him, among other deeply suspicious circumstances.

More recently, digital asset wallet provider PlusToken is thought to have defrauded users of a total $2.9bn through a mix of Ponzi scheme and exit scam, and the main perpetrators are still on the run from Chinese police.

Meanwhile, individuals invited to invest in the future success of businesses via ICOs — initial coin offerings — often found that the company in question didn’t have a product, or didn’t even really exist. Even experienced investors found that differentiating between scam and legitimate ICOs was difficult.

A study published in 2018 found that 80% of the previous year’s ICOs were scams, accounting for 11% of all ICO funding. The majority of funding went to three large scams, indicating that scam ICOs are largely a low-risk/low-reward criminal enterprise, and many legitimate ICOs targeted professional and institutional investors.

These new inventions continued to operate against a background of increasing value and frequency of exchange hacks; from July 2017 to July 2018 there were 22 major exchange scams and hacks, with an average value of $91,980,909, the vast majority of which came from the wallets of retail investors.


The difficulties the digital asset space faces are not new, even though the technology is. Secure storage of assets, reliable agents, and redress from supervisory authorities have been issues in the traditional financial world for centuries; the toolset evolved to cope with them needs to be adapted to digital assets, but we can already see signs of adoption in the new space. In the interim, the price for the lack of effective security has been paid by consumers.


Disclaimer: This publication is general in nature and is not intended to constitute any professional advice or an offer or solicitation to buy or sell any financial or investment products. You should seek separate professional advice before taking any action in relation to the matters dealt with in this publication. Please note our full disclaimer here.

Insights and industry perspectives delivered to your inbox

Subscribe to our newsletter for news updates and useful resources. You can unsubscribe with one click at any time, but we don't think you would want to.